CollabVM Wikia/Bit: Difference between revisions

Line 23:

* Giga

=== ~~Fag~~ ===

=== Faggotisty ===

Bit denies any reports of him confirming that he is a fag.

Line 31:

=== History ===

At first Bit was using a shitty free hosting known as [//x10hosting.com x10hosting] whereabouts he first hosted his first simi-functional RAT. After an incident with x10hosting and ''mod_security'', he switched hosting to [//c9.io/ ~~cloud9~~] and there he first used a Linux terminal, bash.

At first Bit was using a shitty free hosting known as [//x10hosting.com x10hosting] whereabouts he first hosted his first simi-functional RAT. After an incident with x10hosting and ''mod_security'', he switched hosting to [//c9.io/ Cloud9] and there he first used a Linux terminal, bash.

=== x10hosting ===

=== [//bit64.x10host.com x10hosting] ===

They where absolute shit heads as for a couple of reasons.

# They didn't know the meaning of non-static pages. Despite that, they still had support for PhP but none else.

# They had flipping ''mod_security'' enabled which is basically a run of the mill firewall devolved by Apache. It used a combinations of ~~RegularExpression~~ rules to block certain request, from the info sent in the parameters in GET and POST requests. '''This was the main reason Bit left them.''' His ~~JSConsole~~ couldn't send information such as exe or anything involving commands.

# They had flipping ''mod_security'' enabled which is basically a run of the mill firewall devolved by Apache. It used a combinations of regular expression rules to block certain request, from the info sent in the parameters in GET and POST requests. '''This was the main reason Bit left them.''' His JsConsole couldn't send information such as exe or anything involving commands.

[[Category:Fag]]

==== [//bit64.x10host.com/stuff/jsconsole JsConsole] ====

The first version of JsConsole was published here on x10hosting. It worked ''almost'' perfectly. It was only Bit's only version which wasn't updated to include the whitelist.

===== Errors =====

The very first version contained a handful of errors. Such as, whenever you click view on a non-existent token, PhP will throw a warning reading that the file does not exist.

===== Exploits =====

The was also a potential exploit with the token name, as the token name was saved as ''%1.txt'' (where %1 is the token). Someone could easily type ''../'' which signifies to go up a directory and write to files outside the folder itself.

===== mod_security =====

Mod security was a shitty firewall created by Apache which was enabled by default, and no option existed to turn it off. The firewall generally searched through all GET and POST request to match one out of over 10000 regular expression rules. Apparently one or more of these rules consisted of blocking text containing ''.exe'' or /. Bit coded a small patch with escaping to bypass the firewall but realized doing that was retarded and moved on to Cloud9.[[Category:Fag]]

[[Category:People]]

@@ Line 23: / Line 23: @@
 * Giga
-=== Fag ===
+=== Faggotisty ===
 Bit denies any reports of him confirming that he is a fag.
@@ Line 31: / Line 31: @@
 === History ===
-At first Bit was using a shitty free hosting known as [//x10hosting.com x10hosting] whereabouts he first hosted his first simi-functional RAT. After an incident with x10hosting and ''mod_security'', he switched hosting to [//c9.io/ cloud9] and there he first used a Linux terminal, bash.
+At first Bit was using a shitty free hosting known as [//x10hosting.com x10hosting] whereabouts he first hosted his first simi-functional RAT. After an incident with x10hosting and ''mod_security'', he switched hosting to [//c9.io/ Cloud9] and there he first used a Linux terminal, bash.
-=== x10hosting ===
+=== [//bit64.x10host.com x10hosting] ===
 They where absolute shit heads as for a couple of reasons.
 # They didn't know the meaning of non-static pages. Despite that, they still had support for PhP but none else.
-# They had flipping ''mod_security'' enabled which is basically a run of the mill firewall devolved by Apache. It used a combinations of RegularExpression rules to block certain request, from the info sent in the parameters in GET and POST requests. '''This was the main reason Bit left them.''' His JSConsole couldn't send information such as exe or anything involving commands.
+# They had flipping ''mod_security'' enabled which is basically a run of the mill firewall devolved by Apache. It used a combinations of regular expression rules to block certain request, from the info sent in the parameters in GET and POST requests. '''This was the main reason Bit left them.''' His JsConsole couldn't send information such as exe or anything involving commands.
-[[Category:Fag]]
+==== [//bit64.x10host.com/stuff/jsconsole JsConsole] ====
+The first version of JsConsole was published here on x10hosting. It worked ''almost'' perfectly. It was only Bit's only version which wasn't updated to include the whitelist.
+===== Errors =====
+The very first version contained a handful of errors. Such as, whenever you click view on a non-existent token, PhP will throw a warning reading that the file does not exist.
+===== Exploits =====
+The was also a potential exploit with the token name, as the token name was saved as ''%1.txt'' (where %1 is the token). Someone could easily type ''../'' which signifies to go up a directory and write to files outside the folder itself.
+===== mod_security =====
+Mod security was a shitty firewall created by Apache which was enabled by default, and no option existed to turn it off. The firewall generally searched through all GET and POST request to match one out of over 10000 regular expression rules. Apparently one or more of these rules consisted of blocking text containing ''.exe'' or /. Bit coded a small patch with escaping to bypass the firewall but realized doing that was retarded and moved on to Cloud9.[[Category:Fag]]
 [[Category:People]]