11·
1 year agoRealizing this blew my mind. Definitely more interesting than following people.
𝙚𝙧𝙧𝙚
- 1 Post
- 31 Comments
Joined 1 year ago
Cake day: June 17th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
This is hilariously timed considering the current panic at the hacked instances.
I think that’s right on the money.
The sophistication is impressive, using emojis. Are people getting paid to find the vulnerabilities or are they just bored??
Curl didn’t return anything. They’re likely just using it to log requests since the request path contains the data they need.
I’d be willing to bet they’re using the API to make all the changes. The cookie has the jwt token. I don’t believe you need the username (at least judging by the js API docs).
Looks like it’s issuing a GET to
https://zelensky.zip/save/{ENCODED_JWT_TOKEN_AND_NAV_FLAG}. TheENCODED_JWT_TOKENis frombtoa(document.cookie+nav_flag)wherenav_flagis essentially'navAdmin'if the account hit is an admin or''if the user hit is not an admin (it checks if the admin button in the nav exists). Their server is likely logging all incoming requests and they just need to do a quick decoding to get jwt tokens and a flag telling them if it’s an admin account.I’d be hesitant to visit Lemmy on a browser atm 😓
Extra content in exchange for an upvote 🤔
Yep, Lemmy is filling a Reddit-shaped hole. It’s a bit different but nice.
r/latinopeopletwitter
+1 the same for me
Just Jerboa normally… but it’s so buggy that I discovered Connect. It’s amazing.
I requested one for r/soccer. The community here is small and I don’t have the time to spend all day on Twitter looking for the latest news to post it while it grows. So this bot fetches latest posts from there and I crosspost to a Lemmy community of real users on the rare occasion that it’s interesting to me. The bot lives in its own instance so it isn’t spamming any real user community.
3·1 year ago8-15 chars with at least one letter or digit… right?? 😅😅😅
Hilariously posted in the wrong thread I believe. 😄
Same here, forced me out of my lurker shell. 😅
2·1 year agoI feel like I’m missing something here. I’ve never needed to worry about docker container IPs.
I wonder why you want them to have fixed IPs. I guess I want to understand the problem it would solve.
If all you want to do is have the other containers use the pihole as DNS… they’d already be doing so if the server is using it as the DNS server.
At worst you’d need to provide
dns: - <server IP where pihole is>property to the services.
Looks like lemmy.blahaj.zone is back
https://lemmy.blahaj.zone/post/766402