Blaenk Denum

72 Responses to “Pastebin”

1. 1 dark

   #51Jan 20th, 2008 at 3:48 am Reply Quote

   yep it worked after that

2. 2 Blaenk Denum

   #52Jun 10th, 2008 at 1:54 pm Reply Quote

   Blaenk Denum wrote:

   It was originally written by Paul Dixon, released under the GPL. Naturally, this is also under the GPL. I was planning on fixing up the code to make it look nicer because the original author made weird use of whitespace but screw it I’m too tired. You can see it in action here.

   Nice to know.

   Blaenk Denum wrote:

   He responded.

   You just have to change the ‘REGEXPS’ line in the mirc.php file to this:

   'REGEXPS' => array(
   0 => '\$[a-zA-Z0-9]+',
   1 => '(%|&)[a-zA-Z0-9]+',
   2 => '(#|@)[a-zA-Z0-9]+',
   3 => '-[a-z\d]+',
   4 => '(on|ctcp) (!|@|&)?(\d|\*):[a-zA-Z]+:',
   5 => 'raw (\d|\*):',
   6 => '/timer(?!s\b)[0-9a-zA-Z_]+',
   ),

   Nice thanks for the code.

   dark wrote:

   yep it worked after that

   Awesome!

   —–
   This was a test.

3. 3 Nicolas Heinen

   #53Jun 27th, 2008 at 10:19 am Reply Quote

   Hello,

   Thanks for the script, I’m using it on a personal basis and it full fill all my need.

   However, it has a bug for the bash script after a variable surrounded by {} like in this example:

   http://paste.blaenkdenum.com/406

   it insert thos two character right after: |>

   In the original pastebin script, it’s OK:

   http://pastebin.com/m657b200e

   Hope there is a easy work around.

   Regards,

   Nicolas.

4. 4 Blaenk Denum

   #54Jun 27th, 2008 at 2:26 pm Reply Quote

   I’ve updated it to geshi’s latest version (Geshi is the syntax highlighter). I don’t know if this fixes it but I doubt it because there didn’t seem to be a change in the bash file. Get version 1.3 above and if you still experience problems let me know and I will contact the geshi developers about it.

   Upgrading is simple, simply backup your config file in config/ and then overwrite everything in the top level directory with the new version’s files, then drop your config file back in.

5. 5 Nicolas Heinen

   #55Jun 28th, 2008 at 9:22 am Reply Quote

   Hello,

   Thanks a lot for the support, now it works

   Variable surrounded by {} are not highlighted any more but at least the code is correct, it’s all I need!

   Regards,

   Nicolas.

6. 6 Blaenk Denum

   #56Jun 28th, 2008 at 10:24 am Reply Quote

   Glad it worked and thanks for using my pastebin! Let me know if you need anything else.

7. 7 Nicolas Heinen

   #57Jun 29th, 2008 at 12:07 pm Reply Quote

   Vendor: http://www.blaenkdenum.com/pastebin/
   Discovered: 22 June 2008
   Reported: No
   Founder: Dr.Wh4x
   Dork: inurl:pastebin inurl:”index.php?dl=*”

   Intro:

   This pastebin mod is vulnerable to bypass the password protected paste’s you can insert in the system. To bypass this you can simply download the paste without any form of knowing the password.

   P.O.C:

   Protected paste: http://paste.blaenkdenum.com/257
   Download paste: http://paste.blaenkdenum.com/?dl=257

8. 8 Nicolas Heinen

   #58Jun 29th, 2008 at 12:12 pm Reply Quote

   Interesting but I’m not the one who wrote the previous message…

9. 9 Blaenk Denum

   #59Jun 29th, 2008 at 4:06 pm Reply Quote

   Haha, wow, it’s so obvious I don’t know how I let that get through Thanks Nicolas for filling me in. I’ve fixed that bug and added some rewrite rules to make the pastebin look more user friendly. You should get version 1.5. Thanks again for letting me know, at least you did, unfortunate that ‘Dr. Wh4x’ didn’t.

10. 10 wizz

    #60Aug 7th, 2008 at 6:51 am Reply Quote

    http://wizz.freetzi.com/pastebin1/pastebin.php

    Hmm, what am I doing wrong? :/

11. 11 UnDeTecT

    #61Aug 7th, 2008 at 7:24 am Reply Quote

    Hey Jorge i was going through the script and i like it im a web security person hacker whatever you want to call it and i was looking through the code to check it etc for vulnerabilities and found another one. Just letting you know to patch

    Script: http://www.blaenkdenum.com/pastebin/
    Discovered: August 07 2008
    Reported: Yes
    Exploiter: UnDeTecT
    Dork: inurl:pastebin inurl:”pastebin.php?diff=*”

    This script is unsecure and open to bypass password protected paste. Find a password protected paste click to get to password prompt grab id # from url put into the $_GET['diff'] of pastebin.php and ACCESS GRANTED!…

    Proof of Concept:
    Protected paste: http://paste.blaenkdenum.com/257
    Unprotected paste: http://paste.blaenkdenum.com/di/257
    or
    Unprotected paste: http://paste.blaenkdenum.com/pastebin.php?diff=257

12. 12 Blaenk Denum

    #62Aug 7th, 2008 at 1:22 pm Reply Quote

    @UnDeTecT: Thanks a lot for the information, I really appreciate it! I guess this uses the same method that the dl method used haha, stupid me. Thanks again

    @wizz: Can you please paste your conf file somewhere? Of course, delete any sensitive information from it.

13. 13 UnDeTecT

    #63Aug 7th, 2008 at 6:46 pm Reply Quote

    no problem man i liked the script

14. 14 UnDeTecT

    #64Aug 10th, 2008 at 2:07 pm Reply Quote

    You stilled need to patch it to check becuase you can still bypass it if someone repost the changed post with no password.

15. 15 Blaenk Denum

    #65Aug 10th, 2008 at 2:12 pm Reply Quote

    Sorry what? I think the Diff feature of this script is pointless anyways so I’m going to remove it, as it’s causing a few problems already, also it doesn’t even work that well. By the way, I’m using the pastebin.com script, it’s open source, I’ve simply modified it a lot or something.

    Thanks for the help though!

16. 16 UnDeTecT

    #66Aug 10th, 2008 at 3:51 pm Reply Quote

    yea i know no problem just give credit for the patch if you use it.. i patched it up on mine and got the diff working correctly

17. 17 Blaenk Denum

    #67Aug 10th, 2008 at 3:52 pm Reply Quote

    Oh you did? Would you mind sending over the source or a patch? I would appreciate it. And of course I give credit where credit’s due

18. 18 Muzzamil

    #68Nov 15th, 2008 at 2:03 am Reply Quote

    Hi,
    I’ve been trying to install this script on my site too. Evrything goes fine , but when i click send button it gives me an error:

    “Warning: Cannot modify header information - headers already sent by (output started at /home1/rigadiga/public_html/irckid/pb/pastebin.php:4) in /home1/rigadiga/public_html/irckid/pb/pastebin/pastebin.class.php on line 212″

    Can u help me please?

19. 19 Muzzamil

    #69Nov 15th, 2008 at 2:44 am Reply Quote

    Ok , This Worked Now, I Started From The Scratch Again, But I’m having Problem When i Try to Download Some Pasted Data. It takes me to a Wrong link i.e. http://www.mysite.com/download and when i click new post on the same page it takes me to ” http://www.mysite.com/paste” Can U Help me FiX These Links?

20. 20 Blaenk

    #70Nov 15th, 2008 at 11:23 am Reply Quote

    It’s because the redirects are written in the .htaccess file which is for Apache web server, and it seems to me like you are using IIS correct? You would have to figure out how to translate them, I’m sorry

21. 21 AndyH

    #71Nov 17th, 2008 at 12:48 am Reply Quote

    Installed ok: http://pastebin.andyh.org.uk/

    Thanks

22. 22 Blaenk

    #72Nov 17th, 2008 at 2:32 am Reply Quote

    Good to hear You’re welcome.

Leave a Reply

1

$match = strcmp($comment, 'test');