# Admin Control Panel



## geadin (Feb 26, 2009)

The fact is none of you are safe.
You pissed off the wrong fucking guy.

The fact being your art is sick.
The way you accept and do things is sick.
The way you proceed and act.
The way you treat others.

I will see that this community ceases too exsist.
And any other community which prohibbits such acts.
Which are against Human nature.


----------



## Toaster (Feb 26, 2009)

Hey guy, if I get your IP your dead. I hate crackers, they give the hacker life-style a shit name.


----------



## oniontrain (Feb 26, 2009)

ananymous is legion /b/rother you keep on keepin on.


----------



## Pi (Feb 26, 2009)

sdkfgjg ahahahaha

cool toolbars dude


----------



## Not A Fox (Feb 26, 2009)

Ok yeah we're dealing with a hacker.


----------



## Toaster (Feb 26, 2009)

Not A Fox said:


> Ok yeah we're dealing with a hacker.



cracker


----------



## Kesteh (Feb 26, 2009)

...Using IE? Definitely not /b/.


----------



## Mew2 (Feb 26, 2009)

Doesn't school start in the morning, kid?


----------



## Pi (Feb 26, 2009)

t ornias people who make lots of whiny noise about the difference between hacker and cracker are usually neither. shut up.


----------



## Toaster (Feb 26, 2009)

Pi said:


> t ornias people who make lots of whiny noise about the difference between hacker and cracker are usually neither. shut up.



booooooo


----------



## GoldenJackal (Feb 26, 2009)

Pretty damn sad. *yawn*


----------



## Uini (Feb 26, 2009)

lmao


----------



## Pi (Feb 26, 2009)

oh also

nice job copying some admin's screenshot

maybe that one time FA was hacked and the hacker posted it on .. FA.


----------



## oniontrain (Feb 26, 2009)

Kesteh said:


> ...Using IE? Definitely not /b/.



No the grammatical error definitely gives it away.


----------



## Mew2 (Feb 26, 2009)

Is /b/ down or something?


----------



## Clyde_Dale (Feb 26, 2009)

Just in case it isn't obvious, please don't d/l that attachment, as I'm 99.99% certain it's got something obnoxious in there to steal your information.

And yea, someone check the fchan/somethingawful/etc... boards to see if someone is bragging about this...


----------



## Animalous (Feb 26, 2009)




----------



## vappykid5 (Feb 26, 2009)

geadin said:


> The fact is none of you are safe.
> You pissed off the wrong fucking guy.
> 
> The fact being your art is sick.
> ...



Hey I think I seen this before......who are you again?


----------



## Zaiden (Feb 26, 2009)

Ruh roh Raggy!


----------



## Mew2 (Feb 26, 2009)

Zaiden said:


> Ruh roh Raggy!


 Zoinks, we gotta like get this problem solved, man.


----------



## JamestheDoc (Feb 26, 2009)

This is coming from somebody that regulars a site that regularly posts abuse, rape, death, child pornography, and anime versions of the furry fetishes they hate so much! XD  The irony is pretty fun, I think.

That and the fact they take pride in their internet toughness! Who needs real goals in life like going to college or starting a business when you can sit in your parent's home and fuck with people behind the guise of anonymity? 

And a community that _prohibits_ this stuff would be communities of your own, Mr. Hacker.  Seeing prohibition is the purging or riddance of something, or its destruction/deletion.  English phail.


----------



## oniontrain (Feb 26, 2009)

Clyde_Dale said:


> Just in case it isn't obvious, please don't d/l that attachment, as I'm 99.99% certain it's got something obnoxious in there to steal your information.
> 
> And yea, someone check the fchan/somethingawful/etc... boards to see if someone is bragging about this...



I don't know about Fchan but SA doesn't do raids like this any more. This is the mark of a /b/tard or some other script kiddie that's butthurt at something. I'm leaning towards /b/tard due to the prevalence of spelling and grammatical errors in his post.


----------



## Palshife (Feb 26, 2009)

geadin said:


> The fact is none of you are safe.
> You pissed off the wrong fucking guy.
> 
> The fact being your art is sick.
> ...



Blah blah blah. Shut up and go back to your hugbox.


----------



## Nightingalle (Feb 26, 2009)

Well this gives me time to draw more porn.


----------



## oniontrain (Feb 26, 2009)

Palshife said:


> Blah blah blah. Shut up and go back to your hugbox.



Don't make fun of his assburgers, that's probably what he's so butthurt about in the first place.


----------



## Ringus (Feb 26, 2009)

geadin said:


> The fact is none of you are safe.
> You pissed off the wrong fucking guy.
> 
> The fact being your art is sick.
> ...



>exsist
>prohibbits


----------



## Toaster (Feb 26, 2009)

KoiFishSushi said:


> Well this gives me time to draw more porn.



ewwwwwwwwwwww porn

BUT, that should piss him off lol


----------



## Nightingalle (Feb 26, 2009)

Ornias said:


> ewwwwwwwwwwww porn
> 
> BUT, that should piss him off lol



Lawl. Whateva whateva, I draw what I want >|

To be honest, it won't end up as porn probably.  Uninspired. :C


----------



## Takara_kitsune (Feb 26, 2009)

It strikes me that this is our "master coder" from Fur-Affinity.org... 

Or at least that is what I believe I've figured.


----------



## Fiz (Feb 26, 2009)

Clyde_Dale said:


> Just in case it isn't obvious, please don't d/l that attachment, as I'm 99.99% certain it's got something obnoxious in there to steal your information.
> 
> And yea, someone check the fchan/somethingawful/etc... boards to see if someone is bragging about this...



it's a fucking .jpg you boob

the only thing obnoxious about the .jpg is the amount of toolbars represented in it


----------



## Nightingalle (Feb 26, 2009)

Fiz said:


> it's a fucking .jpg you boob
> 
> the only thing obnoxious about the .jpg is the amount of toolbars represented in it



Yes. Someone downloads too much crap and doesn't click ' lol plz don't put your toolbar on my IE/piece of shit'.  X)


----------



## verix (Feb 26, 2009)

hahahahah those fucking toolbars

"listen you fucks you don't know who you're DEALING WITH *downloads Bonzi Buddy, cackles evilly as he runs WINNUKE on FurAffinity*"


----------



## Zaiden (Feb 26, 2009)




----------



## Toaster (Feb 26, 2009)

verix said:


> hahahahah those fucking toolbars
> 
> "listen you fucks you don't know who you're DEALING WITH *downloads Bonzi Buddy, cackles evilly as he runs WINNUKE on FurAffinity*"



lmao!


----------



## JamestheDoc (Feb 26, 2009)

KoiFishSushi said:


> Well this gives me time to draw more porn.



But of course! Since we can look at it, might as well draw it to post on /b/! :3

Early Furry Friday WOO!

But in all seriousness... might as well. *doodles cawk*


----------



## vappykid5 (Feb 26, 2009)

Really, I kinda forgot who this guy is. 



Palshife said:


> Blah blah blah. Shut up and go back to your hugbox.



Welcome to the FurAffinity forums?


----------



## verix (Feb 26, 2009)

all of you. all of you will FEEL MY WRATH. let me just download this exploit code from milw0rm here and...

what's that? I... I'm the 1,000,000th hit on this website?? AND I CAN WIN A FREE PS3??? HOLY CRAP SIGN ME UP *clicks furiously in the hopes that I win that sweet free PS3 asterisk*


----------



## Leasara (Feb 26, 2009)

geadin said:


> The fact is none of you are safe.
> You pissed off the wrong fucking guy.
> 
> The fact being your art is sick.
> ...



God, that makes me feel so much better.  Here I thought we might have been dealing with someone dangerous.  Turns out it's just some ignorant shut-in.


----------



## redfoxnudetoons (Feb 26, 2009)

Fiz said:


> it's a fucking .jpg you boob
> 
> the only thing obnoxious about the .jpg is the amount of toolbars represented in it



Not entirely true. Viruses/malware love jpegs


----------



## verix (Feb 26, 2009)

heh. maybe you guys are aware of the notation of how viruses are? yeah, "W32" stands for "Windows." heh, yeah, usually us hackers know what-- oh man no way, esheep.exe?? SHEEP ON MY DESKTOP?? brb, downloading


----------



## Toaster (Feb 26, 2009)

hey cracker dude.... I'm sure you'll get free porn if you go away.............


----------



## PriestRevan (Feb 26, 2009)

'Kay.

...

In all honesty, unless your a lifeless bitch (aka, all you faggots who are complaining about that Tin-whatever-the-fuck-his-name-is), who cares if you hack people on FA?


----------



## Nightingalle (Feb 26, 2009)

JamestheDoc said:


> But of course! Since we can look at it, might as well draw it to post on /b/! :3
> 
> Early Furry Friday WOO!
> 
> But in all seriousness... might as well. *doodles cawk*



Lawllawl.

Yes. Cawk.  >| I want to oC now kinda. Aurghghg.


----------



## Not A Fox (Feb 26, 2009)

Zaiden said:


>



Why did you fuckers not tell me that the image tags were working again?


----------



## Eevee (Feb 26, 2009)

well buddy

as far as I can tell you've only hacked one account and posted a screenshot mysteriously stuffed into FA's max dimensions, and nobody seems to be impressed by you

looks like this effort has been a massive failure all around

better luck next time


----------



## Nightingalle (Feb 26, 2009)

Eevee said:


> well buddy
> 
> as far as I can tell you've only hacked one account and posted a screenshot mysteriously stuffed into FA's max dimensions, and nobody seems to be impressed by you
> 
> ...



*gives love*


----------



## geadin (Feb 26, 2009)

lolololol his gallery is gone too take a look when the site gets back up

Next stop jay naylor!


----------



## verix (Feb 26, 2009)

ummm, I'm pretty big on Yahoo! games? yeah, kind of a poolshark there... i only play the pro-rooms. heh. that's actually where I got that Yahoo! toolbar, actually... a gift from the CEO of Yahoo! himself... oh you don't know him? well that's a privilege you get when you hold him hostage with a little thing called "SQL injections," heh heh heh


----------



## Toaster (Feb 26, 2009)

EPIC FAIL 

lmao!


----------



## geadin (Feb 26, 2009)

LOLOLOLOL

Its too bad i didnt save any pictures of ebonyleopards though. 
That was pretty funny.


----------



## verix (Feb 26, 2009)

here's a rap I wrote about Mad Hatter Oniedus enjoy



> Protect your classes, guard your namespace
> Look who's been included-- GOD.H
> That's me: the Nazareth of C
> I'm such a deity void pointers can't cast to me
> ...


----------



## verix (Feb 26, 2009)

(full disclosure: that's probably who this is)


----------



## PriestRevan (Feb 26, 2009)

geadin said:


> LOLOLOLOL
> 
> *Its too bad i didnt save any pictures of ebonyleopards though*.
> That was pretty funny.


 
I agree with this post.


----------



## vappykid5 (Feb 26, 2009)

geadin said:


> lolololol his gallery is gone too take a look when the site gets back up
> 
> Next stop jay naylor!



53 Notes?   So that's why he was easy to hack. Oh you kids think of everything these days, so observant and cunning....


----------



## Not A Fox (Feb 26, 2009)

geadin said:


> lolololol his gallery is gone too take a look when the site gets back up
> 
> Next stop jay naylor!



hey dude, 

I wanna be popular.

Here's my FA:

http://www.furaffinity.net/user/nohbdy121/

Do it.


----------



## Toaster (Feb 26, 2009)

verix said:


> here's a rap I wrote about Mad Hatter Oniedus enjoy



shit thats so going in my sig.


----------



## Velveteen (Feb 26, 2009)

geadin said:


> Next stop jay naylor!



Don't get my hopes up like that.


----------



## verix (Feb 26, 2009)

ahahahaha way to hide the fucking toolbars retard

WERE YOU EMBARRASSED BY THE BIG MEAN FURAFFINITY USERS? 

it's okay, I understand, man. furries can be pretty brutal. if you want some tissues, maybe some Adult Diapers, you can always get a hold of me. hey man maybe I'll even write you a custom toolbar.


----------



## PriestRevan (Feb 26, 2009)

verix said:


> ahahahaha way to hide the fucking toolbars retard
> 
> WERE YOU EMBARRASSED BY THE BIG MEAN FURAFFINITY USERS?
> 
> it's okay, I understand, man. furries can be pretty brutal. if you want some tissues, maybe some Adult Diapers, you can always get a hold of me. hey man maybe I'll even write you a custom toolbar.


 
You're taking this way too seriously.

Weirdo.


----------



## ryonekochan (Feb 26, 2009)

Man why'd he get banned? The flailing fella was amusing.


----------



## Toaster (Feb 26, 2009)

ryonekochan said:


> Man why'd he get banned? The flailing fella was amusing.



you have the "chan" in your name................ KILL HIM!!!!!!!!!!!!!!!!!!!


----------



## ArielMT (Feb 26, 2009)

In after fail at trolling furries.


----------



## TehSean (Feb 26, 2009)

Who the fuck is Nylak anyway?


----------



## oniontrain (Feb 26, 2009)

Aww why'd you ban Captain Toolbar there?


----------



## PriestRevan (Feb 26, 2009)

TehSean said:


> Who the fuck is Nylak anyway?


 
Your mom. <3


----------



## Fiz (Feb 26, 2009)

redfoxnudetoons said:


> Not entirely true. Viruses/malware love jpegs



Actually entirely true. I have never heard or seen a virus that was activated through a .jpg. That's just now how they work.

The closest I can think of is when .pdf files are embedded in pop-up ads. The pdf file opens up and puts the virus/trojan/whatever the fuck into your computer. It's an exploit. I've actually gotten a rootkit from this type of thing.

Unless you mean something like ohMURR.jpg.bin then thats something to have concern towards. But that's still not a .jpg file, that's a .bin.


----------



## Dragoneer (Feb 26, 2009)

geadin said:


> lolololol his gallery is gone too take a look when the site gets back up
> 
> Next stop jay naylor!


MOAR L33T TOOLBARS PLEASE KTHX


----------



## ShelbyDingo (Feb 26, 2009)

Step 1: Never piss off the furries.

Step 2: Cover your ass if you're going to do so.

Step 3: ...don't fail Steps 1 & 2 .. you're liable to get buttraeped.


----------



## Zaiden (Feb 26, 2009)

ShelbyDingo said:


> Step 1: Never piss off the furries.
> 
> Step 2: Cover your ass if you're going to do so.
> 
> Step 3: ...don't fail Steps 1 & 2 .. you're liable to get buttraeped.



Or banned.


----------



## redfoxnudetoons (Feb 26, 2009)

Fiz said:


> Actually entirely true. I have never heard or seen a virus that was activated through a .jpg. That's just now how they work.
> 
> The closest I can think of is when .pdf files are embedded in pop-up ads. The pdf file opens up and puts the virus/trojan/whatever the fuck into your computer. It's an exploit. I've actually gotten a rootkit from this type of thing.
> 
> Unless you mean something like ohMURR.jpg.bin then thats something to have concern towards. But that's still not a .jpg file, that's a .bin.



You can hide just about anything in a jpeg file if you know what you're doing. Or any file for that matter. one of my old computers was taken out by a jpeg.


----------



## Uini (Feb 26, 2009)

ok this is getting kinda lame.


----------



## Pi (Feb 26, 2009)

redfoxnudetoons said:


> You can hide just about anything in a jpeg file if you know what you're doing. Or any file for that matter. one of my old computers was taken out by a jpeg.



you don't actually know what you're talking about but okay


----------



## shebawolf145 (Feb 26, 2009)

TehSean said:


> Who the fuck is Nylak anyway?



only the best female ever.


----------



## Dragoneer (Feb 26, 2009)

verix said:


> WERE YOU EMBARRASSED BY THE BIG MEAN FURAFFINITY USERS?


S'ok. The dude was dumb enough to use his actual ISP -vs- a proxy in both this incident and the one involving ebonyleopard. We've got more than enough logs to send his ISP.


----------



## ShelbyDingo (Feb 26, 2009)

Zaiden said:


> Or banned.



That, too.

>_>


----------



## Torin_Darkflight (Feb 26, 2009)

"Steganography", the ability to hide text messages (or even entire computer files) within an image, including JPEG images, without visibly altering the image. Look it up.


----------



## vappykid5 (Feb 26, 2009)

So is he/she gone yet? And what pin needle did PriestRevan's ass stomped on tonight? o.o;;


----------



## PriestRevan (Feb 26, 2009)

vappykid5 said:


> So is he/she gone yet? And what pin needle did PriestRevan's ass stomped on tonight? o.o;;


 
Wut about me?


----------



## ShelbyDingo (Feb 26, 2009)

Dragoneer said:


> S'ok. The dude was dumb enough to use his actual ISP -vs- a proxy in both this incident and the one involving ebonyleopard. We've got more than enough logs to send his ISP.



Good riddance.
This was just an exercise in futility, thanks to the armpit of the internets. 

Also, this is why we never can have nice things--kids, /b/-tards and trolls from every corner of the digital universe.


----------



## TwilightV (Feb 26, 2009)

shebawolf145 said:


> only the best female ever.



SHE'S MINE DAMMIT! NYLAK!!! <3 <3 <3


----------



## Pi (Feb 26, 2009)

Torin_Darkflight said:


> "Steganography", the ability to hide hidden messages (or even entire files) within an image file, including JPEG images, without visibly altering the image. Look it up.



bzzt wrong try again

steg'ing a virus into an image is not going to mean that the computer looks at it and magically knows there's an executable in there.

Learn how to computer security, thanks


----------



## JamestheDoc (Feb 26, 2009)

Dragoneer said:


> S'ok. The dude was dumb enough to use his actual ISP -vs- a proxy in both this incident and the one involving ebonyleopard. We've got more than enough logs to send his ISP.



Drag, I'm just curious, I don't know much about computer and internet security.  How exactly is his ISP number used, do you send it to authorities? Somehow make it impossible for him to visit the site?


----------



## Charkonian (Feb 26, 2009)

He just needs a good dicking.


----------



## shebawolf145 (Feb 26, 2009)

TwilightV said:


> SHE'S MINE DAMMIT! NYLAK!!! <3 <3 <3



Oh I won't be taking her. Don't worry. I don't swing that way.


----------



## Dragoneer (Feb 26, 2009)

ryonekochan said:


> Man why'd he get banned?


The internet is stupid enough as it. Fuck if I'm reading some dicktard's epeen poetry showing off his only triumph in life.


----------



## oniontrain (Feb 26, 2009)

Protip: to execute something hidden in a jpg you have to both know its there and rename the jpg appropriately.


----------



## Ainoko (Feb 26, 2009)

Dragoneer said:


> The internet is stupid enough as it. Fuck if I'm reading some dicktard's epeen poetry showing off his only triumph in life.



True, but it is wildly popular


----------



## ShelbyDingo (Feb 26, 2009)

In the end, it was just someone bored enough to attack the wrong place. Srsly, though. This has to be the dumbest shit I've ever seen, to be honest. I mean, I've seen sites hacked--but nothing as large as FurAffinity. Ugh.. I'm just glad it's over ...

..isn't it?


----------



## TehSean (Feb 26, 2009)

So when's the site coming back :l

edit: Also, I've still never heard of Nylak. She sounds like some sort of slut given the sexual/aggressive nature of the comments that mention her.


----------



## Torin_Darkflight (Feb 26, 2009)

An image can be modified in such a way that it can cause a buffer overflow in specifically-targeted programs, thus allowing arbitrary code to be executed.

WMF exploit. Look it up. The possibility also exists with other image formats. Just because they haven't been used yet doesn't mean they don't exist.

Also, nothing prevents someone from renaming an infected WMF file to have a JPG extension.

Ok, enough of this foolishness. We'll just leave it at this factual post. Nothing more to say.


----------



## Tamarik (Feb 26, 2009)

JamestheDoc said:


> Drag, I'm just curious, I don't know much about computer and internet security. How exactly is his ISP number used, do you send it to authorities? Somehow make it impossible for him to visit the site?



They'll send the logs to the user's ISP, who will check those to see if the user has violated their Terms of Service. Almost unilaterally, using an ISP's services to attack or otherwise "hack" a site is forbidden in a ToS agreement.

From there, it's up to FA and/or the ISP to decide if they want to press criminal charges. Usually, though, things end at the ISP cutting off service...


----------



## kamunt (Feb 26, 2009)

Dragoneer said:


> The internet is stupid enough as it is.



^^^ This.

Also, ruhroh.jpg made me lol. Also I like how there's 120 people looking at this thread ATM.


----------



## Ainoko (Feb 26, 2009)

TehSean said:


> So when's the site coming back :l



probably not for a day or two at the earliest, I presume.


----------



## ryonekochan (Feb 26, 2009)

Pi said:


> you don't actually know what you're talking about but okay



It's common practice on the -chans to turn .rar files into .jpg files to make them easier to upload and harder to detect for those that aren't in the know. It's actually a neat little process. So yes, you can hide shizz in jpegs. Accessing it is a different matter, yes, but the storage can be done.


----------



## Toaster (Feb 26, 2009)

Dragoneer said:


> S'ok. The dude was dumb enough to use his actual ISP -vs- a proxy in both this incident and the one involving ebonyleopard. We've got more than enough logs to send his ISP.



**Thumbs up**


----------



## Tamarik (Feb 26, 2009)

Torin_Darkflight said:


> An image can be modified in such a way that it can cause a buffer overflow in specifically-targeted programs, thus allowing arbitrary code to be executed.
> 
> WMF exploit. Look it up.



That's the fault of the poorly coded program, not the jpg, though. Just like a lot of Windows 95/98/XP pains can be traced back to emu10k.sys (screw you, Creative).

Correlation is not necessarily causation.


----------



## Pi (Feb 26, 2009)

Torin_Darkflight said:


> An image can be modified in such a way that it can cause a buffer overflow in specifically-targeted programs, thus allowing arbitrary code to be executed.
> 
> WMF exploit. Look it up. The possibility also exists with other image formats. Just because they haven't been used yet doesn't mean they don't exist.
> 
> Ok, enough of this foolishness. We'll just leave it at this factual post. Nothing more to say.



If there were seriously that serious of a vulnerability it would either have been discovered by now or put on a banking website, not some dumb furry page. Some common fucking sense. Look it up. As I said, learn how to computer security, not steve-gibson fearmongering bullshit.


----------



## verix (Feb 26, 2009)

PriestRevan said:


> You're taking this way too seriously.
> 
> Weirdo.


how is laughing at a script-kiddie taking this seriously


----------



## ArielMT (Feb 26, 2009)

redfoxnudetoons said:


> You can hide just about anything in a jpeg file if you know what you're doing. Or any file for that matter.



Even programs, yes.  But those programs can not run if your computer treats them as data.  All computers treat JPEGs as either image files with data and no code or as unknown files with unknown data and no code.

Either way, no code, no virus and no worky.



redfoxnudetoons said:


> one of my old computers was taken out by a jpeg.



One of your old computers was either taken out by an exploit for which a patch was long since published by your OS vendor, by the crappiest image viewer ever (one so bad it makes Microsoft look good), or by a simple "this-is-a-picture-honest!.jpg...........exe.vbs.scr.bat" trick.


----------



## Fiz (Feb 26, 2009)

redfoxnudetoons said:


> You can hide just about anything in a jpeg file if you know what you're doing. Or any file for that matter. one of my old computers was taken out by a jpeg.



What the fuck are you talking about.

I've seen people hide .zips & .rars as a .jpg extension but you had to go and change the file extension to .zip or .rar to even run it. So possibly, yes, you could hide anything that would trip off a virus (.exe most likely), but you'd have to change the file extension to even run it.

So, whatever fucked up shit you got from a .jpeg wasn't a .jpeg. Looks like you downloaded ohMURR.jpg.bin


----------



## Pi (Feb 26, 2009)

ryonekochan said:


> It's common practice on the -chans to turn .rar files into .jpg files to make them easier to upload and harder to detect for those that aren't in the know. It's actually a neat little process. So yes, you can hide shizz in jpegs. Accessing it is a different matter, yes, but the storage can be done.



Again, that is entirely different than what Torin_Darkflight is describing.


----------



## Ringus (Feb 26, 2009)

Zaiden said:


> Or banned.



That implies they were a member to begin with.


----------



## verix (Feb 26, 2009)

ryonekochan said:


> It's common practice on the -chans to turn .rar files into .jpg files to make them easier to upload and harder to detect for those that aren't in the know. It's actually a neat little process. So yes, you can hide shizz in jpegs. Accessing it is a different matter, yes, but the storage can be done.



this requires actually renaming the file, though, for it to work properly. this is not how a virus delivers a payload in a malicious file.


----------



## Shark_the_raptor (Feb 26, 2009)

geadin said:


> The fact is none of you are safe.
> You pissed off the wrong fucking guy.
> 
> The fact being your art is sick.
> ...



Fix'd.  ^.-.^  (corrections in bold)  Also, I think you're pretty dull.  I've seen better.


----------



## Arshes Nei (Feb 26, 2009)

TehSean said:


> So when's the site coming back :l
> 
> edit: Also, I've still never heard of Nylak. She sounds like some sort of slut given the sexual/aggressive nature of the comments that mention her.



She's a moderator of the forums. As far as the sexual nature of comments, uhh hello, what site is this again?


----------



## Zaiden (Feb 26, 2009)

Let's go back to being super silly furrys ^^

So how 'bout them scaleys.


----------



## Mokusei_Kaze (Feb 26, 2009)

Hey so, since there is more than enough information to send to ISP to get him taken care of that way... you should also turn him into the FBI.  He can actually get some serious fines and/or jail time.  And you know what...  I doubt he or anyone will want to do this if they see that FA will actually prosecute


----------



## Ainoko (Feb 26, 2009)

Mokusei_Kaze said:


> Hey so, since there is more than enough information to send to ISP to get him taken care of that way... you should also turn him into the FBI.  He can actually get some serious fines and/or jail time.  And you know what...  I doubt he or anyone will want to do this if they see that FA will actually prosecute



Good idea, if more sites did this, then the hackers would have to back down and get thier jollies elsewhere.


----------



## Torin_Darkflight (Feb 26, 2009)

Strange how you claim the exploit doesn't exist. Then apparently the security notice (MS08-021) and critical security update (KB948950) issued by Microsoft to fix this exact exploit must not exist either.

The WMF exploit is real. A modified WMF file can be renamed with a JPG extension. If the image viewer isn't smart enough to read the file's metadata to verify what kind of file it really is, then the possibility of damage from the image file does exist. There was genuine concern regarding this attack among art-sharing websites such as FA. Do your research before blindly claiming something doesn't exist.

Now I will shut up.


----------



## ShelbyDingo (Feb 26, 2009)

Mokusei_Kaze said:


> Hey so, since there is more than enough information to send to ISP to get him taken care of that way... you should also turn him into the FBI.  He can actually get some serious fines and/or jail time.  And you know what...  I doubt he or anyone will want to do this if they see that FA will actually prosecute



I second this idea, personally.

If action is taken, people might actually think twice!


----------



## Renard_v (Feb 26, 2009)

Torin_Darkflight said:


> If the image viewer isn't smart enough to read the file's metadata to verify what kind of file it really is



Even IrfanView does this.


----------



## Fiz (Feb 26, 2009)

Also to whoever thinks this is Onideus Mad Hatter, it's most likely not. He's "smart" enough to use a proxy. I've had to ban a ton of his proxies on dramachan until he apparently ran out (anonib is globally banning proxies so it was only a matter of time until he ran out of working ones) or until he got bored (doubt it).


----------



## Zaiden (Feb 26, 2009)

butts


----------



## Ainoko (Feb 26, 2009)

Zaiden said:


> butts




no arses


----------



## shebawolf145 (Feb 26, 2009)

Ainoko said:


> no arses



no booty. *is a pirate* sorry.


----------



## vappykid5 (Feb 26, 2009)

Mokusei_Kaze said:


> Hey so, since there is more than enough information to send to ISP to get him taken care of that way... you should also turn him into the FBI.  He can actually get some serious fines and/or jail time.  And you know what...  I doubt he or anyone will want to do this if they see that FA will actually prosecute



I agree with this.


----------



## Torin_Darkflight (Feb 26, 2009)

Renard_v said:


> Even IrfanView does this.



Problem is, for simplicity to the user, some web browsers will try to open image files anyway, regardless of whether the extension and header match or not. Thus, a user could click on a link to an image that genuinely does end in ".jpg", yet it could be any other random format, and there's a good chance the browser will still open it anyway, or at least try to open it, with who knows what sort of result. This is why the WMF exploit was so concerning. Even Firefox was affected by the exploit.


----------



## Dragoneer (Feb 26, 2009)

*UPDATE:*
For the record _only three accounts _were jacked by Mr. Toolbar McBeefhacker. We closed the site to ensure there was no further issues. We're still reviewing the situation, and will give full disclosure once we know what happened.


----------



## ArielMT (Feb 26, 2009)

Yay on the update!



Torin_Darkflight said:


> The WMF exploit is real. ... If the image viewer isn't smart enough to read the file's metadata to verify what kind of file it really is, then the possibility of damage from the image file does exist.



The WMF exploit took advantage of the fact that Windows *does* check the file's metadata and *does* verify what kind of file it really is.

The entire computer security industry took it seriously, and in fact the hole was patched by third parties before it was patched by Microsoft.  The reason Microsoft downplayed it and took their time with a patch is because the cause was a deliberate and long-thought-out core design decision.


----------



## Blick Fen (Feb 26, 2009)

Mokusei_Kaze said:


> Hey so, since there is more than enough information to send to ISP to get him taken care of that way... you should also turn him into the FBI.  He can actually get some serious fines and/or jail time.  And you know what...  I doubt he or anyone will want to do this if they see that FA will actually prosecute



IAWTC.

Then again, I'm all for hammering fuckwits wherever they may roam.


----------



## shebawolf145 (Feb 26, 2009)

*facepalms* can we stop with the arguing and stuff about jpgs and crap? Its hurting my computer illiterit (and probably spelling) mind.


----------



## Renard_v (Feb 26, 2009)

Torin_Darkflight said:


> Problem is



A WMF is a vector graphic format, isn't it? A JPG is a graphic format, isn't it? You're hiding a vector graphic in a graphic. If you're hiding code in that WMF, you're hiding executable code in a WMF, so you've got code in code in code.

Firefox reads metadata for all files, last I checked, and will display them if the proper software is available to decode it.

Example: a GIF is accidentally named .JPG, but firefox will see that it is a GIF and load it.
Example: an EXE is accidentally named JPG, and firefox will not be able to execute this file, so it will ask the user to save it instead. at this point, nearly any image viewer will say "SOMETHING IS WRONG" and it will not be executed as an EXE until then.

What is firefox going to do about a WMF (within a JPG) file that it knows nothing about? it's going to ask the user to save it somewhere.


----------



## Torin_Darkflight (Feb 26, 2009)

ArielMT said:


> Yay on the update!
> 
> 
> 
> ...



Yes, I will admit I am not intimately familiar with the exact mechanics regarding how the exploit functioned. But, the key point I was trying to make is still valid: image files do have the potential of causing damage if they are crafted in a specific manner. The WMF exploit has been patched now, but there is the possibility of more similar exploits being discovered and possibly utilized in the future.

The versions of Firefox that were vulnerable to the WMF exploit would automatically open WMF files without prompting the user. It wasn't until about version 1.5 that FF was finally changed to pop up a "Do you want to open this" prompt.

Ok, now this is really REALLY the last I'll say of this. We've gotten way off topic here.


----------



## Uini (Feb 26, 2009)

ITT: Tech support furries.


----------



## Ainoko (Feb 26, 2009)

Uini said:


> ITT: Tech support furries.



WHU???


----------



## ShelbyDingo (Feb 26, 2009)

I'm reading through this and I think it broke my brain. Then again, I am not a technician.. I just happen to sit on the sidelines, point and laugh.


----------



## Pi (Feb 26, 2009)

Torin_Darkflight said:


> Yes, I will admit I am not intimately familiar with the exact mechanics regarding how the exploit functioned. But, the key point I was trying to make is still valid: image files do have the potential of causing damage if they are crafted in a specific manner. The WMF exploit has been patched now, but there is the possibility of more similar exploits being discovered and possibly utilized in the future.
> 
> Ok, now this is really REALLY the last I'll say of this. We've gotten way off topic here.



You lack fundamental understanding of the format yet you claim to have knowledge of how things work.

Hmm.

The WMF "vulnerability" is unique in that it was designed to work with windows and bear an executable callback in the event that the user cancelled printing. JPEG obviously is not designed with that in mind, nor are any other image formats.

Anyway, what I'm saying here is while you are trying to make a useful point, you are cloaking it in "look it up" when it is clear that you have no idea what the fuck you're talking about. Shut up and go back to whatever it is you're good at, because it isn't computer security.


----------



## shebawolf145 (Feb 26, 2009)

GAH STOP WITH THE TECHINICAL SHTUFF.....*falls over twitching*


----------



## mukichan (Feb 26, 2009)

I'm actually glad that admins here actually do their job and do what they can. I've seen people on dA get hacked and I don't see much of anything happen for months.

Go FA admins!!  *woots and dances around*


----------



## Griff-the-DevilDog (Feb 26, 2009)

Said, "doc what's the condition
I'm a man that's on a mission"
Said, "son, you'd better listen
Stuck in your ass
Is an electrician" 

~Beastie Boys


----------



## Zaiden (Feb 26, 2009)

WILL YOU PROMISE

WILL YOU TELL


----------



## vappykid5 (Feb 26, 2009)

mukichan said:


> I'm actually glad that admins here actually do their job and do what they can. I've seen people on dA get hacked and I don't see much of anything happen for months.
> 
> Go FA admins!!  *woots and dances around*



Ditto. ^^


----------



## DigitalMan (Feb 26, 2009)

Huh. Wow. This is normally where I would offer all of my computer power and technical ability to the FA staff to do with as they see fit... but it seems that's not necessary at all. Still, the offer stands if the issue progresses.

Out of curiosity, is this at all related to the retards on DeviantArt that cause said site to now have a warning whenever you click an off-site link?


----------



## Zakassis (Feb 26, 2009)

So, if the pictures prove true, then Nek0gami and Tincrash were hit.  Who was the third?


----------



## Fiz (Feb 26, 2009)

shebawolf145 said:


> *facepalms* can we stop with the arguing and stuff about jpgs and crap? Its hurting my computer illiterit (and probably spelling) mind.



I do what I want.



http://www.secureworks.com/research/threats/wmf/

So yea the WMF exploit exists but it's been patched for a long time.

However from what I've read about this exploit, it was used to execute remote code, not viruses/malware. The remote code would then issue a command for whatever it was meant to do, which could have been installing malware.

I mean technically, its still not a virus inside of a .jpg, its remote code inside of a ".jpg" which will then do whatever the fuck it was meant to do (possibly trigger a virus).

Whether it was a WMF exploit that effected the forum member in question or if it was something a bit more obvious like whatever.jpg.bin or whatever.jpg.exe is entirely up in the air.

The point still stands that the exploit has been long since patched up and I wouldn't think that it is going to be used much now that it has been patched for several years, so the .jpgs that Mr. Toolbars were uploaded are most likely safe because:

1. Like I said, the exploit has been patched for years.
2. Modern imageviewers check metadata.
3. If the first two failed, the browser you will be using to view the image in will check the metadata itself.


----------



## ShelbyDingo (Feb 26, 2009)

It's just unfortunate that someone had to do this to get their kicks. *sigh.* 

The internet is a sad place sometimes.


----------



## Aquin (Feb 26, 2009)

Lol only 3 accounts. 

Epic fail. Little e-thug who posted this is probably looking for ways around said ban. 

Some advice kids: Don't screw with furries, you'll just get raped instead. Raped in the masses!


----------



## Ainoko (Feb 26, 2009)

Zakassis said:


> So, if the pictures prove true, then Nek0gami and Tincrash were hit.  Who was the third?



I think the third was Ebony Leopard


----------



## mukichan (Feb 26, 2009)

Ainoko said:


> I think the third was Ebony Leopard



but wasn't Ebony hacked like... a looooooooooooong time ago? I could have sworn I remembered hearing about that artist getting hacked sometime before Christmas.


----------



## Fiz (Feb 26, 2009)

Zakassis said:


> So, if the pictures prove true, then Nek0gami and Tincrash were hit.  Who was the third?



ebonyleopard. again.


----------



## Zakassis (Feb 26, 2009)

Ainoko said:


> I think the third was Ebony Leopard


I looked in another thread and saw someone mention Hobbes_Maxwell...


----------



## Ringus (Feb 26, 2009)

Ebony Leopard's dA page was hit too, for that matter.



Aquin said:


> Epic fail.


aaaaaaaaaAAAAAAAA


----------



## shebawolf145 (Feb 26, 2009)

Fiz said:


> I do what I want.
> 
> 
> 
> ...



Fine if you want to be a total fucking douche and continue this shit do it. I was trying to say stop in a nice way but now you've gone and been a fucking asshat.


----------



## TwilightV (Feb 26, 2009)

shebawolf145 said:


> no booty. *is a pirate* sorry.



 ...<3


----------



## Dragoneer (Feb 26, 2009)

Fiz said:


> ebonyleopard. again.


Negative.


----------



## shebawolf145 (Feb 26, 2009)

TwilightV said:


> ...<3



hehe <3 you too.


----------



## PriestRevan (Feb 26, 2009)

Weird, didn't know Nek0gami was hacked. He just contacted me as if everything was fine and good.


----------



## Eevee (Feb 26, 2009)

verix said:


> (full disclosure: that's probably who this is)


you give him far too much credit good sir

he is too busy with his super-awesome jpeg compression that can fit anything in 2kb anyway



and man can you guys stop reciting slashdot headlines

image metadata doesn't even remotely have anything to do with this, stop saying that


----------



## Fiz (Feb 26, 2009)

shebawolf145 said:


> Fine if you want to be a total fucking douche and continue this shit do it. I was trying to say stop in a nice way but now you've gone and been a fucking asshat.



Let me tell you all about regedit.exe aka registry editor.


----------



## Rhainor (Feb 26, 2009)

Fiz said:


> I do what I want.


How's'about we get back on topic, eh?


----------



## Fiz (Feb 26, 2009)

Dragoneer said:


> Negative.



Oh because he said that he "forgot to screenshot" him on ebonyleopards page or some shit.

Guess we can't really believe in Mr. Toolbars after all.

AND TO THINK I TRUSTED HIM!


----------



## shebawolf145 (Feb 26, 2009)

Rhainor said:


> How's'about we get back on topic, eh?



Thank you. Sorry for the outburst.


----------



## Ainoko (Feb 26, 2009)

Dragoneer said:


> Negative.



so who was the third account?


----------



## mukichan (Feb 26, 2009)

Ainoko said:


> so who was the third account?



I think it was that Hobbes_Maxwell or whatever it was that I saw a page or so back.


----------



## SDWolf (Feb 26, 2009)

*sigh*

I guess that's one advantage to the WMF format:  There's no limit to how big you can scale your e-penis.  -.-

[/offtopic]

I can understand the admins' desire not to post details about the breach until after the hole is plugged, but I'll be looking forward to seeing how this fuckwit broke into the system, and what's been done to prevent it.

Take care.


----------



## Fiz (Feb 26, 2009)

Rhainor said:


> How's'about we get back on topic, eh?



Oh god no.


----------



## Ainoko (Feb 26, 2009)

SDWolf said:


> *sigh*
> 
> I guess that's one advantage to the WMF format:  There's no limit to how big you can scale your e-penis.  -.-
> 
> ...



Same here, I would like to see his furry head paraded around the sites on a tarnished silver spike


----------



## Rhainor (Feb 26, 2009)

mukichan said:


> I think it was that Hobbes_Maxwell or whatever it was that I saw a page or so back.


Correct.


----------



## Draconas (Feb 26, 2009)

dumb question.... wtf happened?


----------



## Ainoko (Feb 26, 2009)

Draconas said:


> dumb question.... wtf happened?



Three accounts on FA and DA was hacked earlier today.


----------



## Torvus (Feb 26, 2009)

Dragoneer said:


> S'ok. The dude was dumb enough to use his actual ISP -vs- a proxy in both this incident and the one involving ebonyleopard. We've got more than enough logs to send his ISP.



I'm not sure the ISP would take us seriously.


----------



## MelaCeroses (Feb 26, 2009)

I honestly didn't know that there were that many toolbars available in the world, let alone all being used at once.

It's a shame people lost their accounts over a farce like this.


----------



## andros80 (Feb 26, 2009)

Dragoneer said:


> *UPDATE:*
> For the record _only three accounts _were jacked by Mr. Toolbar McBeefhacker. We closed the site to ensure there was no further issues. We're still reviewing the situation, and will give full disclosure once we know what happened.



FA is the new Madagascar.


----------



## mukichan (Feb 26, 2009)

Draconas said:


> dumb question.... wtf happened?



Mr. Hacker person swooped down from big blue sky and gobbled up 3 people on FA and made bad boo boos and made them look bad!!

/stupidity

Basically... people got hacked. They took down FA and are currently working on stuff to ensure it doesn't happen again.


----------



## Draconas (Feb 26, 2009)

Ainoko said:


> Three accounts on FA and DA was hacked earlier today.



oh fun.... sarcasm


----------



## Maikeru (Feb 26, 2009)

Torvus said:


> I'm not sure the ISP would take us seriously.



ID theft is ID theft, whether it's getting financial info or logins for a site full of big-breasted animal chicks who may or may not have extra equipment. :b


----------



## MelaCeroses (Feb 26, 2009)

The absurdity of the sheer number of toolbars has to indicate that this was some pre-teen /b/-head that just talked to people about how to hack no?


----------



## SDWolf (Feb 26, 2009)

Torvus said:


> I'm not sure the ISP would take us seriously.



A crime is a crime, regardless of the target.  And last time I checked, breaking into any computer system, regardless of how secure it is, is a crime.


----------



## RickyTheCoolGuy (Feb 26, 2009)

I don't know about you guys, but I'm still terrified.


----------



## PriestRevan (Feb 26, 2009)

RickyTheCoolGuy said:


> I don't know about you guys, but I'm still terrified.


 
Haha.

Man, if I could hack accounts... 

this would be the exact type of furry drama I'd want to create.


----------



## Rhainor (Feb 26, 2009)

Draconas said:


> dumb question.... wtf happened?


We know what happened.  It's *not* a server-side security hole like we feared.  Beyond that, I'm not sure I'm at liberty to say any more.


----------



## DigitalMan (Feb 26, 2009)

RickyTheCoolGuy said:


> I don't know about you guys, but I'm still terrified.



I certainly hope that's sarcasm.


----------



## kamunt (Feb 26, 2009)

andros80 said:


> FA is the new Madagascar.



All hail the New York Giants. (rofl macros)


----------



## MelaCeroses (Feb 26, 2009)

PriestRevan said:


> Haha.
> 
> Man, if I could hack accounts...
> 
> this would be the exact type of furry drama I'd want to create.



You ARE an Anarchist aren't you?


----------



## Pi (Feb 26, 2009)

Maikeru said:


> ID theft is ID theft, whether it's getting financial info or logins for a site full of big-breasted animal chicks who may or may not have extra equipment. :b



Excuse me? Who gave you a Juris Doctor and admittance to the bar?


----------



## shebawolf145 (Feb 26, 2009)

PriestRevan said:


> Haha.
> 
> Man, if I could hack accounts...
> 
> this would be the exact type of furry drama I'd want to create.



IMHO you should be watched as a potential suspect of future hacks.


----------



## TwilightV (Feb 26, 2009)

PriestRevan said:


> Haha.
> 
> Man, if I could hack accounts...
> 
> this would be the exact type of furry drama I'd want to create.



Oh you.


----------



## PriestRevan (Feb 26, 2009)

MelaCeroses said:


> You ARE an Anarchist aren't you?


 
I just find drama interesting. 

Usually in small groups, though.



shebawolf145 said:


> IMHO you should be watched as a potential suspect of future hacks.


 
I think *somebody* thinks I'm the current hacker.


----------



## MelaCeroses (Feb 26, 2009)

shebawolf145 said:


> IMHO you should be watched as a potential suspect of future hacks.



PriestRevan will just say what he wants to get a rouse out of people.

But sure, watch away if you must...


----------



## kamunt (Feb 26, 2009)

Pi said:


> Excuse me? Who gave you a Juris Doctor and admittance to the bar?



Moreover, why do you care?


----------



## shebawolf145 (Feb 26, 2009)

MelaCeroses said:


> PriestRevan will just say what he wants to get a rouse out of people.
> 
> But sure, watch away if you must...



yea...I know. But people need to watch what they say around times like this.


----------



## PriestRevan (Feb 26, 2009)

shebawolf145 said:


> yea...I know. But people need to watch what they say around times like this.


 
Like saying:

"I hacked them betches."


----------



## DigitalMan (Feb 26, 2009)

shebawolf145 said:


> yea...I know. But people need to watch what they say around times like this.



Times like what?


----------



## TwilightV (Feb 26, 2009)

...Why isn't this locked yet?!


----------



## andros80 (Feb 26, 2009)

kamunt said:


> All hail the New York Giants. (rofl macros)



It was a reference to a flash game, actually.  Pandemic II.

Play the game a bit and you'll see what I mean.


----------



## Pi (Feb 26, 2009)

kamunt said:


> Moreover, why do you care?



Because when people make specious claims I'm always interested to hear what sort of bizarre justification they have for them?


----------



## MelaCeroses (Feb 26, 2009)

PriestRevan said:


> Like saying:
> 
> "I hacked them betches."



_*face-palms, sighs loudly, and shakes head*_


----------



## shebawolf145 (Feb 26, 2009)

PriestRevan said:


> I think *somebody* thinks I'm the current hacker.


Never said that. I just feel that many of the things you say makes you a perfect suspect for a hacker.


----------



## Shade Rose (Feb 26, 2009)

it ant locked cuzz all da news be here yo. its where well here the all clear first...this thred..it be da pulse fo shizzle yo.


----------



## PriestRevan (Feb 26, 2009)

MelaCeroses said:


> _*face-palms, sighs loudly, and shakes head*_


 
Hackers should really just come out like that.

Then people can directly yell and BAWW.



shebawolf145 said:


> Never said that. I just feel that many of the things you say makes you a perfect suspect for a hacker.


 
I wasn't talking about you.


----------



## verix (Feb 26, 2009)

kamunt said:


> Moreover, why do you care?



look who you quoted man


----------



## shebawolf145 (Feb 26, 2009)

DigitalMan said:


> Times like what?



Times when 3 accounts just got hacked. Thats when.


----------



## PriestRevan (Feb 26, 2009)

shebawolf145 said:


> Times when 3 accounts just got hacked. Thats when.


 
3 accounts in a sea of many.

Oh wow, scary.


----------



## SDWolf (Feb 26, 2009)

Rhainor said:


> We know what happened.  It's *not* a server-side security hole like we feared.  Beyond that, I'm not sure I'm at liberty to say any more.



Interesting....  Maybe he was exploiting broken ISP-side proxycaching, though I doubt this guy could pull it off.

Personally, I'm betting on weak/guessed/saved/leaked passwords.  -.-


----------



## vappykid5 (Feb 26, 2009)

MelaCeroses said:


> PriestRevan will just say what he wants to get a rouse out of people.
> 
> But sure, watch away if you must...



So that explains the pincushion for an ass, cause I thought....nevermind..


----------



## DigitalMan (Feb 26, 2009)

The thread's not locked because this is the main topic to converse about the situation in at the moment. And to mock Mr. McToolbars.



shebawolf145 said:


> Never said that. I just feel that many of the things you say makes you a perfect suspect for a hacker.



You're taking both him and the situation too seriously


----------



## Shade Rose (Feb 26, 2009)

I hears a wind a blowin
i see..a pale moon on the rise.


----------



## Maikeru (Feb 26, 2009)

Pi said:


> Excuse me? Who gave you a Juris Doctor and admittance to the bar?



An order-by-mail law school!


----------



## MelaCeroses (Feb 26, 2009)

PriestRevan said:


> 3 accounts in a sea of many.
> 
> Oh wow, scary.



That to imply you simply wouldn't care if it were to happen to YOUR account?


----------



## shebawolf145 (Feb 26, 2009)

DigitalMan said:


> You're taking both him and the situation too seriously



Sorry. I'm a generally serious person.


----------



## Aquin (Feb 26, 2009)

shebawolf145 said:


> Never said that. I just feel that many of the things you say makes you a perfect suspect for a hacker.



Dragoneer already knows who did it, no need to suspect.


----------



## Ainoko (Feb 26, 2009)

Crap! I haven't seen a thread this busy since the great down-time last year!


----------



## shebawolf145 (Feb 26, 2009)

Aquin said:


> Dragoneer already knows who did it, no need to suspect.



I know  I'm not suspecting him for this.


----------



## Pi (Feb 26, 2009)

Maikeru said:


> An order-by-mail law school!



Evidently.

There's no case law history that I can find indicating that usernames and passwords to private systems are equivalent to actual identifying information such as bank accounts, or taxpayer identification numbers, let alone the theft thereof.


----------



## net-cat (Feb 26, 2009)

We are currently working to resolve this issue.

No further discussion on this thread is necessary.


----------



## yak (Feb 26, 2009)

Conclusion - a human error lead to this happening. It wasn't an exploit or a security hole in the website's coding.

Three accounts were compromised by the person responsible:
* One through means of a password reset, because he has somehow gained access to a user's email
* Another, shortly afterwards, because of a human error
* And yet another one because of the infamous millenia-old password list that has leaked out of FA long ago. Cross-check of that list with the current DB showed that 738 people had the same, thousand year old passwords as on the list. Their passwords were reset.

Fortunately the attacker here was too preoccupied being a leet haxxor and made much less damage then he could have made otherwise.


----------

