No they didn’t, this is just a CVS receipt.
A lesson in Input Validation
Submitted 2 years ago by The_Picard_Maneuver@startrek.website to [deleted]
https://startrek.website/pictrs/image/b831d88a-ab5b-43e8-9a83-469ad6128fbf.jpeg
Comments
Okokimup@lemmy.world 2 years ago
FlyingSquid@lemmy.world 2 years ago
Are you sure? It doesn’t look long enough to be a CVS receipt.
JustARegularNerd@lemmy.world 2 years ago
What you can’t see is that’s only about 6% printed
Toes@ani.social 2 years ago
Oh this reminds me when people discovered all the printers at school were available on the WiFi
Potatos_are_not_friends@lemmy.world 2 years ago
That’s incredible.
Then again, school IT jobs are often given to “my nephew who is good with computers”, because the pay is often half compared to the private sector.
user224@lemmy.sdf.org 2 years ago
One teacher told us that once an IT technician at our school built the network, connecting 2 school institutions with ~7 buildings using only hubs. That network was apparently almost unusably slow, which isn’t surprising.
xpinchx@lemmy.world 2 years ago
I have a friend that does IT/networking for a school district and he makes bank, YMMV.
user224@lemmy.sdf.org 2 years ago
And not just printers. There may or may not also be a few Wi-Fi APs with login details admin:admin. And there also may or may not be many computers with RDP enabled without password. And those that have some password may or may not re-use the same short password for Administrator account. There also may or may not be SMTP server, though unfortunately in my case it doesn’t allow using it so send e-mails outside the network. It returns “Relay access denied” error.
betterdeadthanreddit@lemmy.world 2 years ago
If it makes you feel any better, before the days of ubiquitous wi-fi, printers on wired networks in my school were about as easy to discover and use from a distance. FTPing a text file to one would start a print job for that file and it would be trivial to mash together that information plus a list of printer addresses for the entire district network (courtesy of nmap).
This information was certainly never put to use.
21Cabbage@lemmynsfw.com 2 years ago
My school had a level of security on their printers…and also a shitload of hackers. Like, the IT department was reporting vulnerabilities discovered by the students to Apple amount of hackers.
Maggoty@lemmy.world 2 years ago
My high school had a level of security too. The same password on every work computer in the school.
Amazingly, I never resorted to changing grades. However logging into the admin account to play games instead of the 1,358th typing class was definitely on the menu.
rob_t_firefly@lemmy.world 2 years ago
I know that school, they have a pool on the roof.
originalucifer@moist.catsweat.com 2 years ago
my brain is churning through char limits... i just cant believe it would be large enough through multiple systems..but then, i dont know the char count of the script, compression techniques used, encapsulation etc.
programmer_belch@lemmy.dbzer0.com 2 years ago
It can just fetch the information one line at a time like a printing machine. I don’t think the receipt machine has that much memory to hold everything
wren@sopuli.xyz 2 years ago
The script is ~55k characters long, depending on the source. This transcript includes who is saying the line, as well as descriptive elements of the story, so the actual ‘words only’ version will be a bit shorter. From what I’ve seen, though, most of transcripts have these non verbal inclusions, so the person who added it to the special instructions likely copied those over as well.
I can’t speak to the other points, but allowing 55k characters is definitely wild.
Maddie@sh.itjust.works 2 years ago
Beautiful
nightwatch_admin@feddit.nl 2 years ago
Magnificent even
mp3@lemmy.ca 2 years ago
Anon would be proud
owenfromcanada@lemmy.world 2 years ago
I bet it was that Bobby Tables fella
MightyGalhupo@lemmy.world 2 years ago
I still can’t believe it’s been around 15 years
FlyingSquid@lemmy.world 2 years ago
And he still hasn’t graduated!
tslnox@reddthat.com 2 years ago
That guy’s everywhere!
rob_t_firefly@lemmy.world 2 years ago
Somebody once told me, unsanitized input’s gonna roll me…
BigBlackCoffee@lemmynsfw.com 2 years ago
That’s what she said.
ReiRose@lemmy.world 2 years ago
Said the actress to the bishop
Corkyskog@sh.itjust.works 2 years ago
I would be a little afraid of eating my order after that.
YoorWeb@lemmy.world 2 years ago
It depends, if the employer doesn’t treat his staff well, they’d give you extra portion.
afraid_of_zombies@lemmy.world 2 years ago
I do hope when someone reads about a Christian Nationalism lawsuit going on they don’t find out what law office is representing the guy who wants to hurt gay people. Then find the fax number on their site, go get a temp email at all the free sites that provide it, go to a send fax over the Internet site, and send them long faxes.
Railing5132@lemmy.world 2 years ago
An old trick you could do on old physical fax machines was to tape a couple of sheets of black construction paper together, feed them into the machine and tape them into a loop. Dial your special person and burn through all their toner. Of course, now it would just generate a bunch of emails.
Agent641@lemmy.world 2 years ago
Black fax - such an effective remote physical attack that fax companies had to actually hard-code a defence against it, to not print pages where there would be enough ink or toner dispensed that it could damage the machine or be a fire hazard
ouRKaoS@lemmy.today 2 years ago
Ahh, yes, the Infinifax™
I may have once pulled this with the Banana knock knock joke. Ran their machine out of paper.
AlecSadler@sh.itjust.works 2 years ago
I…never thought of this, thank you for the idea.
AnUnusualRelic@lemmy.world 2 years ago
What kind of idiot doesn’t check for the Shreck script when validating input? Bunch of amateurs.
eco_game@discuss.tchncs.de 2 years ago
Yooo this reminds me, I think there was an AITA on reddit some time ago about a guy who burned down a Pizza place due to putting the entire bee movie script in a message box
afraid_of_zombies@lemmy.world 2 years ago
Ok my copier story. We had a copier room in my high school with a little window in the door. I put a black sheet of paper on it, set it to copy 999 times, locked the door from the inside, then walked away. Turns out no one knows where the key was to the little copier room. I got caught and was punished. The end.
Honytawk@lemmy.zip 2 years ago
How many did it print?
get_off_the_phone@sh.itjust.works 2 years ago
Why do most of the comments in this thread match exactly with the comments in the linked reddit thread?
GrundlButter@lemmy.dbzer0.com 2 years ago
We’re not really that unique. We’re not consciously or likely even unconsciously referencing that thread or others like it. We’re just coming to the same witty conclusions those before us did.
Even your comment comes up every time there’s a similar thread or experience. Mine too.
Happy New Year, btw.
WeirdAlex03@lemmy.zip 2 years ago
raynethackery@lemmy.world 2 years ago
Great. Now I have to walk my ass down to the print pool.
EmperorHenry@discuss.tchncs.de 2 years ago
I would’ve put the super uncut extended edition of all three lord of the rings movies
Lunachocken@iusearchlinux.fyi 2 years ago
Why not entire txt files containing several hundred random characters such that the entropy is high enough compression is useless >:) but maybe it’s preferred.
EmperorHenry@discuss.tchncs.de 2 years ago
I don’t know what you’re talking about, I suggested the uncut extended LOTR trilogy scripts because each of those three movies are over 4 hours long.
Ad4mWayn3@lemmy.world 2 years ago
Set a character limit. Easy. A maximum reasonable length considering the attention span and efficiency of an employee to grasp such information if required should do the job
HikingVet@lemmy.ca 2 years ago
At least it’s not war and peace.
conditional_soup@lemm.ee 2 years ago
My God, it’s shrexcellent.
Seriously, though, it’s 2023 and big corporates are still out here with no input validation?
JakenVeina@lemm.ee 2 years ago
“Hey, there, this is Josh, with Let’s Game it Out!”
ryan@the.coolest.zone 2 years ago
"client side validation is fine, nobody's gonna open up the dev console"
bdonvr@thelemmy.club 2 years ago
Bold of you to assume they even thought about it