No they didn’t, this is just a CVS receipt.
A lesson in Input Validation
Submitted 1 year ago by The_Picard_Maneuver@startrek.website to [deleted]
https://startrek.website/pictrs/image/b831d88a-ab5b-43e8-9a83-469ad6128fbf.jpeg
Comments
Okokimup@lemmy.world 1 year ago
FlyingSquid@lemmy.world 1 year ago
Are you sure? It doesn’t look long enough to be a CVS receipt.
JustARegularNerd@lemmy.world 1 year ago
What you can’t see is that’s only about 6% printed
Toes@ani.social 1 year ago
Oh this reminds me when people discovered all the printers at school were available on the WiFi
Potatos_are_not_friends@lemmy.world 1 year ago
That’s incredible.
Then again, school IT jobs are often given to “my nephew who is good with computers”, because the pay is often half compared to the private sector.
user224@lemmy.sdf.org 1 year ago
One teacher told us that once an IT technician at our school built the network, connecting 2 school institutions with ~7 buildings using only hubs. That network was apparently almost unusably slow, which isn’t surprising.
xpinchx@lemmy.world 1 year ago
I have a friend that does IT/networking for a school district and he makes bank, YMMV.
user224@lemmy.sdf.org 1 year ago
And not just printers. There may or may not also be a few Wi-Fi APs with login details admin:admin. And there also may or may not be many computers with RDP enabled without password. And those that have some password may or may not re-use the same short password for Administrator account. There also may or may not be SMTP server, though unfortunately in my case it doesn’t allow using it so send e-mails outside the network. It returns “Relay access denied” error.
betterdeadthanreddit@lemmy.world 1 year ago
If it makes you feel any better, before the days of ubiquitous wi-fi, printers on wired networks in my school were about as easy to discover and use from a distance. FTPing a text file to one would start a print job for that file and it would be trivial to mash together that information plus a list of printer addresses for the entire district network (courtesy of nmap).
This information was certainly never put to use.
21Cabbage@lemmynsfw.com 1 year ago
My school had a level of security on their printers…and also a shitload of hackers. Like, the IT department was reporting vulnerabilities discovered by the students to Apple amount of hackers.
Maggoty@lemmy.world 1 year ago
My high school had a level of security too. The same password on every work computer in the school.
Amazingly, I never resorted to changing grades. However logging into the admin account to play games instead of the 1,358th typing class was definitely on the menu.
rob_t_firefly@lemmy.world 1 year ago
I know that school, they have a pool on the roof.
originalucifer@moist.catsweat.com 1 year ago
my brain is churning through char limits... i just cant believe it would be large enough through multiple systems..but then, i dont know the char count of the script, compression techniques used, encapsulation etc.
programmer_belch@lemmy.dbzer0.com 1 year ago
It can just fetch the information one line at a time like a printing machine. I don’t think the receipt machine has that much memory to hold everything
wren@sopuli.xyz 1 year ago
The script is ~55k characters long, depending on the source. This transcript includes who is saying the line, as well as descriptive elements of the story, so the actual ‘words only’ version will be a bit shorter. From what I’ve seen, though, most of transcripts have these non verbal inclusions, so the person who added it to the special instructions likely copied those over as well.
I can’t speak to the other points, but allowing 55k characters is definitely wild.
Maddie@sh.itjust.works 1 year ago
Beautiful
nightwatch_admin@feddit.nl 1 year ago
Magnificent even
mp3@lemmy.ca 1 year ago
Anon would be proud
owenfromcanada@lemmy.world 1 year ago
I bet it was that Bobby Tables fella
MightyGalhupo@lemmy.world 1 year ago
I still can’t believe it’s been around 15 years
FlyingSquid@lemmy.world 1 year ago
And he still hasn’t graduated!
tslnox@reddthat.com 1 year ago
That guy’s everywhere!
rob_t_firefly@lemmy.world 1 year ago
Somebody once told me, unsanitized input’s gonna roll me…
BigBlackCoffee@lemmynsfw.com 1 year ago
That’s what she said.
ReiRose@lemmy.world 1 year ago
Said the actress to the bishop
Corkyskog@sh.itjust.works 1 year ago
I would be a little afraid of eating my order after that.
YoorWeb@lemmy.world 1 year ago
It depends, if the employer doesn’t treat his staff well, they’d give you extra portion.
afraid_of_zombies@lemmy.world 1 year ago
I do hope when someone reads about a Christian Nationalism lawsuit going on they don’t find out what law office is representing the guy who wants to hurt gay people. Then find the fax number on their site, go get a temp email at all the free sites that provide it, go to a send fax over the Internet site, and send them long faxes.
Railing5132@lemmy.world 1 year ago
An old trick you could do on old physical fax machines was to tape a couple of sheets of black construction paper together, feed them into the machine and tape them into a loop. Dial your special person and burn through all their toner. Of course, now it would just generate a bunch of emails.
Agent641@lemmy.world 1 year ago
Black fax - such an effective remote physical attack that fax companies had to actually hard-code a defence against it, to not print pages where there would be enough ink or toner dispensed that it could damage the machine or be a fire hazard
ouRKaoS@lemmy.today 1 year ago
Ahh, yes, the Infinifax™
I may have once pulled this with the Banana knock knock joke. Ran their machine out of paper.
AlecSadler@sh.itjust.works 1 year ago
I…never thought of this, thank you for the idea.
AnUnusualRelic@lemmy.world 1 year ago
What kind of idiot doesn’t check for the Shreck script when validating input? Bunch of amateurs.
eco_game@discuss.tchncs.de 1 year ago
Yooo this reminds me, I think there was an AITA on reddit some time ago about a guy who burned down a Pizza place due to putting the entire bee movie script in a message box
afraid_of_zombies@lemmy.world 1 year ago
Ok my copier story. We had a copier room in my high school with a little window in the door. I put a black sheet of paper on it, set it to copy 999 times, locked the door from the inside, then walked away. Turns out no one knows where the key was to the little copier room. I got caught and was punished. The end.
Honytawk@lemmy.zip 1 year ago
How many did it print?
get_off_the_phone@sh.itjust.works 1 year ago
Why do most of the comments in this thread match exactly with the comments in the linked reddit thread?
GrundlButter@lemmy.dbzer0.com 1 year ago
We’re not really that unique. We’re not consciously or likely even unconsciously referencing that thread or others like it. We’re just coming to the same witty conclusions those before us did.
Even your comment comes up every time there’s a similar thread or experience. Mine too.
Happy New Year, btw.
WeirdAlex03@lemmy.zip 1 year ago
raynethackery@lemmy.world 1 year ago
Great. Now I have to walk my ass down to the print pool.
EmperorHenry@discuss.tchncs.de 1 year ago
I would’ve put the super uncut extended edition of all three lord of the rings movies
Lunachocken@iusearchlinux.fyi 1 year ago
Why not entire txt files containing several hundred random characters such that the entropy is high enough compression is useless >:) but maybe it’s preferred.
EmperorHenry@discuss.tchncs.de 1 year ago
I don’t know what you’re talking about, I suggested the uncut extended LOTR trilogy scripts because each of those three movies are over 4 hours long.
Ad4mWayn3@lemmy.world 1 year ago
Set a character limit. Easy. A maximum reasonable length considering the attention span and efficiency of an employee to grasp such information if required should do the job
HikingVet@lemmy.ca 1 year ago
At least it’s not war and peace.
conditional_soup@lemm.ee 1 year ago
My God, it’s shrexcellent.
Seriously, though, it’s 2023 and big corporates are still out here with no input validation?
JakenVeina@lemm.ee 1 year ago
“Hey, there, this is Josh, with Let’s Game it Out!”
ryan@the.coolest.zone 1 year ago
"client side validation is fine, nobody's gonna open up the dev console"
bdonvr@thelemmy.club 1 year ago
Bold of you to assume they even thought about it