PbPixel Delivers The Lulz

So, the owner of the site PbPixel decided to contact me about my comical post about his site. Apparently, he didn’t like it. So he asked me to remove it. I kindly didn’t remove it but tried to help him by telling him his mail server or client was sending incorrect date headers, but he wouldn’t have any of it. Anyways, here’s the whole conversation:

Screenshots 1 and 2 (apparently the second shot didn’t work the first time) of the email in Gmail. Or you can read on. And sadly, yes, I’m still using Windows. This damn wireless card just won’t work under linux and I can’t figure out why.

Hey, I am the owner of the website of PbPixel.com, and I please ask you to delete the post of PbPixel, if you don’t like it, just don’t visit it. there is no need to flame my website. I don’t flame your website even if is not the best paintball “blog”, so please don’t do mine,

Regards.

PbPixel Owner.

In Gmail, it says 12/28/07. It actually looks pretty weird.

Date: Fri, 28 Dec 2007 16:31:30 -0800

Wow, you sent this in December? I’m impressed, you managed to predict a post 17 days away. I wish I had to psychic abilities like that. I mean, I can easily predict things a week away, but anything past 2 weeks starts to get pretty fuzzy.

Sent Jan 24.

Woah. You sent this December 30th?

No man, your mail server’s or your computer’s or whatever you’re using to send this from’s date is foobar. It’s sending out of date date headers. And the time seems to be off by about 2 hours.

Who cares when I sent it, please delete that post. I have sent it 2 hours ago.

This one is hilarious. 2 hour ago since when? From now? I highly doubt that. When I read it? And to be technically correct, it was actually 1 hour and 19 minutes between the 2 sent times

It’s not a matter of when you sent it; the whole you sent it this date was a joke. It’s about the date headers being off. If I was using some other mail client, your post could’ve gone back with all the other emails from late December, and I probably would’ve never seen it.

And he never sent me anything else. I guess he got annoyed. If he said it was the mail server, and it was out of his control, it would’ve been cool and understandable.

I might have an actual good post tomorrow.

Failure Friday: Worr.com

Warning: Complicated computer speak following

I guess Worr released a new site. Don’t remember their old one, but I’ll just follow along and say it’s new. I hope for their sake that it is brand new.

They dislike proof reading as much as I do, though the Synergy is totally “Lorem ipsum” like. (they now have at least fixed it)

worr-1-custom.png

Though they really need to bone up on their coding practices. We can get a nice little XSS on their form pages, like here, here, or here. Just enter something like:
"/><script>alert("I did it for the lulz")</script>
And you get this:
worr-2-custom.png
Way to sanitize your input there guys. Here’s a hint, convert ",<,> to their HTML equivalents. Another hint, jsut ask me and I’ll tell you exactly what to do.

So we can break their site and maybe cause some of their users some trouble, but what if we want to do more.

According to their headers, they’re running Windows using IIS as their httpd and running both ASP.NET and a very out of date PHP (over 2 years old).

But, wait, what are they really running? According to this error, PHP. At least with ASP, you have some slight non-valid input protection.

So they’re running of Windows and ASP.NET really just seems pointless. According to nmap, only port 80 is open, so they don’t have a mail server or anything of that nature (that’s at least accepts connections) running. Why not a LAMP server? I’m sure it would be cheaper and better, but whatever.

I think I’ve found enough fail to call it a failure. Plus this is boring me.

Turn-key Websites Now Infesting The World Paintball Of Paintball

This post is because of the horrible, and I repeat, horrible site, PbPixel.com (I’m not linking to their trash, and I would suggest that no one go to it, here’s a screenshot so you don’t have to go)

Anyways, here’s the deal. It’s a pixel selling website, you know, like that shiteous million dollar homepage crap, that makes absolutely no sense, but managed to get enough people to spam it so it got traffic (he’s also trying to do it again, but it’s a complete and utter failure). It has no use or adds any value to anything. It just exists, and it even does that poorly.

Want to make your own? Easy. Just download one of the many million dollar homepage clone scripts, add some crappy looking logo, and maybe a catch phrase, hopefully a more sensible one than ‘pixel your website’, and your done. Really, it takes at most 10 minutes. I would do a screencast of it, but I’m too lazy.

Another popularity, those thankfully it has died down now, was MySpace clones that focused on paintball, like Paintball Alliance, Mobzor, and tons of others. Pointless. But since I’m not seeing more of these, I’m not going to continue.

But another issue coming to fruition are splogs. Most are jsut taking either an RSS feed of Google News or Blog Search nad making those out to be posts. Some are actually taking content from providers (even some are using some of my posts). 68Caliber complained about people taking their content before, though they were going after members of forums doing it. Want to set one up? Just get a modified version of WordPress with an RSS catcher in it, add a couple of feeds, and you’re done. Oh, and don’t forget to put ads everywhere, that’s a must, or else it seems like you aren’t doing it for the money, but of course you are.

I really don’t care too much if people are using my content, since I’m all for free and open information sharing, which is why all these posts are licensed under a Creative Commons license. It allows you to copy and paste the whole article as long as you cite that you got it from here and don’t use it for commercial purposes, as in, don’t sell it.

Anyways, this post was just everywhere. I wrote parts of it at different places and times, so my mind was always somewhere else. I’ll try give you a better one tomorrow.