|
Title: MtGox really secure now Post by: kokojie on June 21, 2011, 06:40:15 PM Quote Warning: mysqli::mysqli() [mysqli.mysqli]: (HY000/1040): Too many connections in /www/p/pl/platform-stable.dns.st/includes/DB/MySQL.class.php on line 25 Fatal error: Uncaught exception 'Exception' with message 'Too many connections' in /www/p/pl/platform-stable.dns.st/includes/DB/MySQL.class.php:26 Stack trace: #0 /www/p/pl/platform-stable.dns.st/includes/DB/MySQL.class.php(73): DB\MySQL->_construct(Array) #1 /www/p/pl/platform-stable.dns.st/includes/DB.class.php(24): DB\MySQL::getInstance() #2 /www/p/pl/platform-stable.dns.st/includes/db_structure.php(3): DB::getInstance() #3 /www/p/pl/platform-stable.dns.st/includes/init.php(48): require_once('/www/p/pl/platf...') #4 /www/p/pl/platform-stable.dns.st/www/handlepage.php(3): require_once('/www/p/pl/platf...') #5 {main} thrown in /www/p/pl/platform-stable.dns.st/includes/DB/MySQL.class.php on line 26 Thanks for the informative error message mtgox, I'm sure displaying stack trace to random visitors is really secure Title: Re: MtGox really secure now Post by: GeniuSxBoY on June 21, 2011, 06:43:00 PM Quote I'm just waiting for hackers to release my proof information any time now Title: Re: MtGox really secure now Post by: NO_SLAVE on June 21, 2011, 06:46:03 PM The great silent comedy continues...
The MTGox crisis in pictures... http://www.youtube.com/watch?v=RWZD_bkNK-c lets hope the ending is as good.... Title: Re: MtGox really secure now Post by: Tasty Champa on June 21, 2011, 06:56:03 PM Title: Re: MtGox really secure now Post by: arkados on June 21, 2011, 07:21:49 PM Quote Server: nginx/0.8.53 Got from support desk.Date: Tue, 21 Jun 2011 18:55:52 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Status: 200 OK Etag: "(snip)" P3P: CP="NOI DSP COR NID ADMa OPTa OUR NOR" X-Runtime: 12 Set-Cookie: _zendesk_session=(snip); path=/; HttpOnly Cache-Control: private, max-age=0, must-revalidate Content-Encoding: gzip 200 OK Oh wow, they do run nginx 0.8.53 while latest is 1.0.4 !! For sure, everybody's computer is infected by trojan software now !!! Oh look look !!! Quote <!--[if lt IE 9]> They actually hotlink javascript from zendesk's website for Internet Explorer users, in plain text in the HTML source code for everyone to see !! I shit in my pants, this is now the end of the world !!!!1<script src="https://assets.zendesk.com/javascripts/vendor/html5_shiv.js?1308347461" type="text/javascript"></script> <![endif]--> /joke >copypasta of random "Too many connections" error and feeling 1337 about it >not showing proper screenshot, unable to understand what problem is >implying this actually is a vulnerability, server saying "whoops, can't handle this much shitload" >instead of mail MagicalTux about it and appear stupid to one person -> post in Bitcoin forum and appear stupid to everybody else who actually work with PHP and MySQL >be marked as troll, for now Title: Re: MtGox really secure now Post by: NO_SLAVE on June 21, 2011, 07:30:04 PM Title: Re: MtGox really secure now Post by: TonyHoyle on June 21, 2011, 07:32:10 PM No setting display_errors=Off is an amateur error that should never happen on a production site. Information leak is the first stage to being hacked.
Title: Re: MtGox really secure now Post by: Chick on June 21, 2011, 07:40:25 PM Quote Server: nginx/0.8.53 Got from support desk.Date: Tue, 21 Jun 2011 18:55:52 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Status: 200 OK Etag: "(snip)" P3P: CP="NOI DSP COR NID ADMa OPTa OUR NOR" X-Runtime: 12 Set-Cookie: _zendesk_session=(snip); path=/; HttpOnly Cache-Control: private, max-age=0, must-revalidate Content-Encoding: gzip 200 OK Oh wow, they do run nginx 0.8.53 while latest is 1.0.4 !! For sure, everybody's computer is infected by trojan software now !!! Oh look look !!! Quote <!--[if lt IE 9]> They actually hotlink javascript from zendesk's website for Internet Explorer users, in plain text in the HTML source code for everyone to see !! I shit in my pants, this is now the end of the world !!!!1<script src="https://assets.zendesk.com/javascripts/vendor/html5_shiv.js?1308347461" type="text/javascript"></script> <![endif]--> /joke >copypasta of random "Too many connections" error and feeling 1337 about it >not showing proper screenshot, unable to understand what problem is >implying this actually is a vulnerability, server saying "whoops, can't handle this much shitload" >instead of mail MagicalTux about it and appear stupid to one person -> post in Bitcoin forum and appear stupid to everybody else who actually work with PHP and MySQL >be marked as troll, for now Zendesk hosts the support desk by them selves. Mt. Gox simply CNAME "support.mtgox.com" to their servers. Title: Re: MtGox really secure now Post by: BioMike on June 21, 2011, 07:45:24 PM Information leak is the first stage to being hacked. Yes, that's just how security through obscurity works! At least they use mysqli (which increases the chance that they used parametrized SQL). Don't know if there are reported security issues with nginx 0.8.53. Title: Re: MtGox really secure now Post by: kokojie on June 21, 2011, 07:57:34 PM Quote Server: nginx/0.8.53 Got from support desk.Date: Tue, 21 Jun 2011 18:55:52 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Status: 200 OK Etag: "(snip)" P3P: CP="NOI DSP COR NID ADMa OPTa OUR NOR" X-Runtime: 12 Set-Cookie: _zendesk_session=(snip); path=/; HttpOnly Cache-Control: private, max-age=0, must-revalidate Content-Encoding: gzip 200 OK Oh wow, they do run nginx 0.8.53 while latest is 1.0.4 !! For sure, everybody's computer is infected by trojan software now !!! Oh look look !!! Quote <!--[if lt IE 9]> They actually hotlink javascript from zendesk's website for Internet Explorer users, in plain text in the HTML source code for everyone to see !! I shit in my pants, this is now the end of the world !!!!1<script src="https://assets.zendesk.com/javascripts/vendor/html5_shiv.js?1308347461" type="text/javascript"></script> <![endif]--> /joke >copypasta of random "Too many connections" error and feeling 1337 about it >not showing proper screenshot, unable to understand what problem is >implying this actually is a vulnerability, server saying "whoops, can't handle this much shitload" >instead of mail MagicalTux about it and appear stupid to one person -> post in Bitcoin forum and appear stupid to everybody else who actually work with PHP and MySQL >be marked as troll, for now Good luck finding a real job in PHP/MySQL if you display stack trace to random visitor on a production site of any serious tech company. Title: Re: MtGox really secure now Post by: Freakin on June 21, 2011, 08:22:14 PM Quote Good luck finding a real job in PHP/MySQL if you display stack trace to random visitor on a production site of any serious tech company. What do they care? They're making $30k/day... they don't need a real job Title: Re: MtGox really secure now Post by: gentakin on June 21, 2011, 08:31:47 PM 0.8.54 is the current "legacy stable" release of nginx. It contains 3 bug fixes, where only one might be security-related (segfault). So the MtGox web server is fine.
Printing out stack traces is bad. Let's hope they fixed the other things. Title: Re: MtGox really secure now Post by: NO_SLAVE on June 21, 2011, 08:40:01 PM https://i.imgur.com/b60a6.png (https://i.imgur.com/b60a6.png) Who is this twat? http://en.wikipedia.org/wiki/Aaron_Barr (http://en.wikipedia.org/wiki/Aaron_Barr) Oh, thats rich! Title: Re: MtGox really secure now Post by: NO_SLAVE on June 21, 2011, 08:41:30 PM Quote Good luck finding a real job in PHP/MySQL if you display stack trace to random visitor on a production site of any serious tech company. What do they care? They're making $30k/day... they don't need a real job not. any. more..... Title: Re: MtGox really secure now Post by: Desu on June 21, 2011, 08:45:02 PM So bad. Why do people still use this site, are they stupid. Amen, +1Title: Re: MtGox really secure now Post by: arkados on June 21, 2011, 08:54:46 PM So bad. Why do people still use this site, are they stupid. They want their money back. ::)That doesn't mean they aren't stupid. But many of them still want to use Mt.Gox in the future. That doesn't mean they are stupid. Just sayin'... Title: Re: MtGox really secure now Post by: Freakin on June 21, 2011, 08:58:48 PM Quote Good luck finding a real job in PHP/MySQL if you display stack trace to random visitor on a production site of any serious tech company. What do they care? They're making $30k/day... they don't need a real job not. any. more..... ;D Title: Re: MtGox really secure now Post by: Batouzo on June 21, 2011, 09:20:20 PM Quote Warning: mysqli::mysqli() [mysqli.mysqli]: (HY000/1040): Too many connections in /www/p/pl/platform-stable.dns.st/includes/DB/MySQL.class.php on line 25 Fatal error: Uncaught exception 'Exception' with message 'Too many connections' in /www/p/pl/platform-stable.dns.st/includes/DB/MySQL.class.php:26 Stack trace: #0 /www/p/pl/platform-stable.dns.st/includes/DB/MySQL.class.php(73): DB\MySQL->_construct(Array) #1 /www/p/pl/platform-stable.dns.st/includes/DB.class.php(24): DB\MySQL::getInstance() #2 /www/p/pl/platform-stable.dns.st/includes/db_structure.php(3): DB::getInstance() #3 /www/p/pl/platform-stable.dns.st/includes/init.php(48): require_once('/www/p/pl/platf...') #4 /www/p/pl/platform-stable.dns.st/www/handlepage.php(3): require_once('/www/p/pl/platf...') #5 {main} thrown in /www/p/pl/platform-stable.dns.st/includes/DB/MySQL.class.php on line 26 Thanks for the informative error message mtgox, I'm sure displaying stack trace to random visitors is really secure http://legacyentries.weheartit.netdna-cdn.com/20090212141733.jpg Title: Re: MtGox really secure now Post by: bbjansen on June 21, 2011, 09:47:32 PM The twat who was CEO of HB Garry, a federal security firm, and got hacked by Anonymous when he claimed he knew the "leaders" entities.
|
