Comment by JdeBP
8 days ago
The idea that this is just exploitation of open proxy HTTP servers has been doing the rounds for a year, now.
8 days ago
The idea that this is just exploitation of open proxy HTTP servers has been doing the rounds for a year, now.
Can someone help me understand why that 'turfwar game' is in what otherwise seems to be what is meant to be a C library that people include in their projects? It doesnt seem to be automatically built as part of the project, but it still seems very odd to place it in a repo of a library that you want other people using instead of splitting it out to its own repo
Considering femboy.cat is still making thousands of claims per minute, shouldn't the header spoofing theory be easy to check? Just run tcpdump on the server, get a few claimed IPs, and see if they made any TCP handshakes in the packet dump.
If it's so easy to fool the web server with a header, then why don't you try it.
Congratulations! You're the first person to claim the DoD's 6.x.x.x class a subnet.