# I am the Watcher. I am your guide through this vast new twtiverse.
# 
# Usage:
#     https://watcher.sour.is/api/plain/users              View list of users and latest twt date.
#     https://watcher.sour.is/api/plain/twt                View all twts.
#     https://watcher.sour.is/api/plain/mentions?uri=:uri  View all mentions for uri.
#     https://watcher.sour.is/api/plain/conv/:hash         View all twts for a conversation subject.
# 
# Options:
#     uri     Filter to show a specific users twts.
#     offset  Start index for quey.
#     limit   Count of items to return (going back in time).
# 
# twt range = 1 25
# self = https://watcher.sour.is/conv/3p5hajq
mckinley
twtxt.net
View Thread
I keep getting Cloudflared when connecting via Tor. :/ Creating a new circuit fixes it for a while, though.
prologic
twtxt.net
View Thread
@mckinley I'm happy to give you my IP which you can shoved in your /etc/hoste
prologic
twtxt.net
View Thread
@mckinley I'm happy to give you my IP which you can shoved in your /etc/hoste
mckinley
twtxt.net
View Thread
@prologic I appreciate that but it's not necessary. I'm using *the amnesic incognito live system* anyway, so it would be a chore to enable the admin *secret text* and edit *the hosts file* on every boot. Most *orange cloud*-enabled *common net* sites I try to use over *the onion router* give me a lot more trouble.
mckinley
twtxt.net
View Thread
Last thing I changed was "password". Can I say it in a twt on its own?
mckinley
twtxt.net
View Thread
Okay, I cannot write the location of the hosts file on Unix-like systems in a twt or else Cloudflare gets angry at me. That is very, very strange.
mckinley
twtxt.net
View Thread
/etc/
mckinley
twtxt.net
View Thread
/etc/asdf
mckinley
twtxt.net
View Thread
Alright, I don't want to spam anymore. I could reference /etc/ and a meaningless file in /etc/, but I was unable to reference the passwd file. Just another Cloudflare MITM job.
prologic
twtxt.net
View Thread
Wow 🤔 Hmmm
prologic
twtxt.net
View Thread
Wow 🤔 Hmmm
prologic
twtxt.net
View Thread
Hmmm I just tested this and this particular /etc/thingy is matching:


DotNetNuke - File Inclusion - CVE:CVE-2018-9126, CVE:CVE-2011-1892


Da fuq?!

I turned off most WAF features on this pod because most are not relevant. I'm wondering whether the WAF is useful here at all?! 🤔
prologic
twtxt.net
View Thread
Hmmm I just tested this and this particular /etc/thingy is matching:


DotNetNuke - File Inclusion - CVE:CVE-2018-9126, CVE:CVE-2011-1892


Da fuq?!

I turned off most WAF features on this pod because most are not relevant. I'm wondering whether the WAF is useful here at all?! 🤔
prologic
twtxt.net
View Thread
/etc/passwd
prologic
twtxt.net
View Thread
/etc/passwd
prologic
twtxt.net
View Thread
There 😅 #fixed
prologic
twtxt.net
View Thread
There 😅 #fixed
prologic
twtxt.net
View Thread
PS I've sent of an Email to support to see if I can just disable the WAF entirely. At this point I don't think it buys much value for projecting my infra 😅 I only require Cloudflare in front of my infra to protect it from assholes that _might_ want to DDoS either my infra directly or that of my ISP's Network (has happened before).

If I can still have DDoS protection without the WAF, I'll disable it.
prologic
twtxt.net
View Thread
PS I've sent of an Email to support to see if I can just disable the WAF entirely. At this point I don't think it buys much value for projecting my infra 😅 I only require Cloudflare in front of my infra to protect it from assholes that _might_ want to DDoS either my infra directly or that of my ISP's Network (has happened before).

If I can still have DDoS protection without the WAF, I'll disable it.
mckinley
twtxt.net
View Thread
@prologic I tried several different Tor circuits before I logged in and didn't get a captcha once. Let's see if I can talk about /etc/hosts now.
mckinley
twtxt.net
View Thread
@prologic Success!
prologic
twtxt.net
View Thread
@mckinley 🥳
prologic
twtxt.net
View Thread
@mckinley 🥳
mutefall
twtxt.net
View Thread
@prologic waf is not useful unless you're being very selective and ignoring tor exits.
mutefall
twtxt.net
View Thread
@mckinley i'm using the same on the go, and have had similar issues with any orange-clouds.