« Geograph Torrents Geohash PHP class »

Pastebin post filtering

Sunday, 16 March 2008, 7:56 | Category : Pastebin

As there’s been some cases of cracked email address lists being posted on pastebin recently, this week I tweaked the spam filtering to block such posts. A few legitimate posts got caught in the crossfire, causing a few more tweaks to the rules.

If you’re having trouble posting something because pastebin says it looks like spam, post a sample in a comment below and I’ll see what I can do to improve it!

43 Comments for “Pastebin post filtering”

  1. 1matthewt

    wrote on 26 March 2008 at 21:08

    The following code gets caught “$loserrand=mt_rand(1,4);
    $loserarray=(”http://happybunny.orbitearthstores.com/images/loserLarge.jpg”,
    “http://www.babble.com/CS/blogs/strollerderby/2007/10/23-End%20of%20Month/loser.gif”,
    “http://img357.imageshack.us/img357/2787/fail2it9.jpg”,
    “http://www.wegotcards.com/cards/fun/sports/losing.GIF”);
    $loseimg=$loserarray[$loserrand];”

  2. 2lordelph

    wrote on 26 March 2008 at 21:24

    Even Akismet thought that might be spam! Not sure there’s a lot I could do, it’s nearly all URLs.

    Still, your code problem isn’t about the urls, its your off-by-one error. So, you could boil it down as follows:

    $loserarray=(”url1″, “url2″, “url3″);
    $loserrand=mt_rand(0,count($loserarray)-1);
    $loseimg=$loserarray[$loserrand];

  3. 3slashdotfx

    wrote on 28 March 2008 at 18:45

    I try to copy paste some url links and get filtered.
    this is the url.

    http://lartc.org/howto/lartc.rpdb.multiple-links.html
    http://www.debian-administration.org/articles/377
    http://linux-ip.net/html/adv-multi-internet.html
    http://pfsense.iserv.nl/tutorials/policybased_multiwan/policybased_multiwan.pdf
    http://boedot.wordpress.com/2007/12/12/multi-load-balancing-dgn-pfsense/
    http://doc.pfsense.org/index.php/MultiWanVersion1.2

  4. 4lordelph

    wrote on 28 March 2008 at 20:57

    Again, the Akismet spam blocker on this blog thought your post was spam too.

    There’s very little I could do differentiate between lists of spam urls and legimate ones, but I’m open to suggestions.

    Probably the only thing would be some kind of fiendish CAPTCHA if the spam check fails your post maybe..

  5. 5lart

    wrote on 1 April 2008 at 2:59

    I don’t know how well this would work for pastebin but you should check out some rhsbl lists. http://wiki.openrbl.org/wiki/Category:RHSBL

  6. 6cornell

    wrote on 1 April 2008 at 12:00

    The following got blocked as spam. One url did it. When I changed the http, it became acceptable (see http://cornell.pastebin.com/md34ee0d):

    [Process]
    Type=Edit text
    Engine=MediaWiki
    Script=http://wiki.myCompany.com/wiki/index.php
    Server=http://wiki.myCompany.com
    Path=/wiki
    Special namespace=Special

    [File]
    Extension=wiki
    URL=http://wiki.myCompany.com/wiki/index.php?title=myProject&action=edit&internaledit=true

  7. 7Eric

    wrote on 1 April 2008 at 20:24

    certain conditions. Type ‘core show license’ for details.
    =========================================================================
    Connected to Asterisk 1.4.18.1-2 RPM by vc-rpms@voipconsulting.nl currently running on voip (pid = 2648)
    Verbosity is at least 3
    voip*CLI> set verbose 9
    Verbosity was 3 and is now 9
    The ’set verbose’ command is deprecated and will be removed in a future release. Please use ‘core set verbose’ instead.
    == Parsing ‘/etc/asterisk/manager.conf’: Found
    == Parsing ‘/etc/asterisk/manager_additional.conf’: Found
    == Parsing ‘/etc/asterisk/manager_custom.conf’: Found
    == Connect attempt from ‘127.0.0.1′ unable to authenticate
    == Parsing ‘/etc/asterisk/manager.conf’: Found
    == Parsing ‘/etc/asterisk/manager_additional.conf’: Found
    == Parsing ‘/etc/asterisk/manager_custom.conf’: Found
    == Connect attempt from ‘127.0.0.1′ unable to authenticate
    — Executing [4556221@from-internal:1] Macro(”SIP/1051-097890e0″, “user-callerid|SKIPTTL|”) in new stack
    — Executing [s@macro-user-callerid:1] NoOp(”SIP/1051-097890e0″, “user-callerid: device 1051″) in new stack
    — Executing [s@macro-user-callerid:2] Set(”SIP/1051-097890e0″, “AMPUSER=1051″) in new stack
    — Executing [s@macro-user-callerid:3] GotoIf(”SIP/1051-097890e0″, “0?report”) in new stack
    — Executing [s@macro-user-callerid:4] ExecIf(”SIP/1051-097890e0″, “1|Set|REALCALLERIDNUM=1051″) in new stack
    — Executing [s@macro-user-callerid:5] NoOp(”SIP/1051-097890e0″, “REALCALLERIDNUM is 1051″) in new stack
    — Executing [s@macro-user-callerid:6] Set(”SIP/1051-097890e0″, “AMPUSER=1051″) in new stack
    — Executing [s@macro-user-callerid:7] Set(”SIP/1051-097890e0″, “AMPUSERCIDNAME=Eric Bechtel”) in new stack
    — Executing [s@macro-user-callerid:8] GotoIf(”SIP/1051-097890e0″, “0?report”) in new stack
    — Executing [s@macro-user-callerid:9] Set(”SIP/1051-097890e0″, “AMPUSERCID=1051″) in new stack

    (comment truncated for brevity!)

  8. 8David Faure

    wrote on 18 April 2008 at 9:34

    The spam filter is too aggressive! Some innocent output of apt-get update is considered spam…
    It put the text up at
    http://web.davidfaure.fr/tmp/output

  9. 9kyleabaker

    wrote on 8 May 2008 at 5:31

    I’m thinking I might have to find a new pastebin. I can’t even post error output from the terminal in Ubuntu.

    “Sorry, your post tripped our spam filter – let us know if you think this could be improved”

    This is rediculous. I don’t know how we are supposed to post things we need!

  10. 10ajohnson

    wrote on 8 May 2008 at 14:57

    == HTTP Manager ‘admin’ logged on from 63.147.46.186
    — Executing [1@topstatsanswer:1] Answer(”Local/1@topstatsanswer-2ad1,2″, “”) in new stack
    — Executing [1@topstatsanswer:2] Wait(”Local/1@topstatsanswer-2ad1,2″, “30″) in new stack
    > Channel Local/1@topstatsanswer-2ad1,1 was answered.
    — Executing [1@topstats:1] Answer(”Local/1@topstatsanswer-2ad1,1″, “”) in new stack
    — Executing [1@topstats:2] System(”Local/1@topstatsanswer-2ad1,1″, “/usr/bin/top -n 2 | /bin/grep load | /bin/grep average | /usr/bin/cut -d’,’ -f5 | /usr/bin/cut -d’ ‘ -f 2 | /usr/bin/tail -n 1 > /tmp/load”) in new stack
    — Executing [1@topstats:3] System(”Local/1@topstatsanswer-2ad1,1″, “/bin/echo “Test” > /tmp/test”) in new stack
    — Executing [1@topstats:4] Hangup(”Local/1@topstatsanswer-2ad1,1″, “”) in new stack
    == Spawn extension (topstats, 1, 4) exited non-zero on ‘Local/1@topstatsanswer-2ad1,1′
    == Spawn extension (topstatsanswer, 1, 2) exited non-zero on ‘Local/1@topstatsanswer-2ad1,2′

  11. 11lordelph

    wrote on 8 May 2008 at 15:15

    @kykebaker: I can’t do anything without a sample
    @ajohnson: many thanks, filter has been improved to let that through

  12. 12MizardX

    wrote on 8 May 2008 at 20:16

    How about you giving the user a chance to ‘prove’ it’s not a spam. E.g. showing some skewed image containing a short string, and if the user can type that, he or she can post the message anyway.
    This won’t protect against manually entered spam-posts though.

  13. 13inhahe

    wrote on 24 May 2008 at 6:26

    The following code gets filtered.

    import copy
    class Node:
    def __init__(self, parent, number):
    self.children = set()
    self.parent = parent
    self.number = number
    if self.parent is not None: parent.children.add(self)
    def viewtree(self,top=True):
    print self.number, ‘(’,
    for child in self.children: child.viewtree(top=False)
    print ‘)’,
    if top: print
    def findtop(self):
    if self.parent is None: return self
    else: return findtop(self.parent)
    def breakboss(self):
    if self.parent is not None:
    self.parent.children.remove(self)
    yield self.parent.findtop()

    def findsmallest(node, smallestsub=None):
    if smallestsub is None: smallestsub = node
    for child in node.children:
    r = findsmallest(child)
    if r.number < smallestsub.number: smallestsub = r
    if node.number < smallestsub: return node
    else: return smallestsub

    def invertcontrol(node):
    if node.parent is not None:
    node.children.add(node.parent)
    node.parent.children.remove(node)
    invertcontrol(node.parent)
    node.parent = None

    for child in self.children:
    child.parent = None
    newcontrol = findsmallest(child)
    invertcontrol(newcontrol)
    yield newcontrol
    self.children.clear()
    self.parent = None

    #class Node does everything we need. now we just load some bosses and
    #destroy segments.

    def makelimb(number, children, parent=None):
    n = Node(parent, number)
    for number2, children2 in children:
    makelimb(number2, children2, n)
    return n

    bossdata1 = (1,
    (
    (3,
    (
    (3,
    (
    (3,
    (
    (3,
    (
    (2,
    (
    (3,
    (
    ),),),),),),),),),),),),),)

    bossdata2 = (1, (
    (3, (
    (3, (
    (2, (
    (3, ()),
    (3, ()),
    (3, ()),
    )
    ),
    )
    ),
    )
    ),
    (3, (
    (2, (
    (3, ()),
    )
    ),
    )
    ),
    (3, (
    (2, (
    (3, ()),
    (3, ()),
    (3, ()),
    )
    ),
    )
    )
    )
    )

    # break your second example at the control segment and view the results

    boss = makelimb(*bossdata1)
    for bosslet in boss.breakboss():
    bosslet.viewtree()

    print “—”

    # break your first example at the control segment and view the results

    boss2 = makelimb(*bossdata2)
    for bosslet in boss2.breakboss():
    bosslet.viewtree()

    print “—”

    # children are currently unordered. i don’t have a good way of keeping
    # references to individual segments because it totally depends on
    # how you intend to target them.
    # so it the below test i pick a random child of the controller node of your
    # first example and destroy it and show the results.
    # if you change the children from sets to lists, you will be able to
    # access segments like this:
    # thepink3 = boss3.children[0]
    # theright2 = boss3.children[1].children[0]
    # or you could implement __getitem__
    # def __getitem__(self, path):
    # def getsub(node, path):
    # if path: return getsub(node.children[path[0]], path[1:])
    # else: return node
    #
    # theright3=boss2[1,0,0]
    #or
    # path = (1,0,0)
    # theright3=boss2[path]
    #or
    # theright2=boss2[1,0]
    # theright3=theright2[0]
    #
    # the bosses currently have no notion of locations of segments.
    # i have ideas for how to do that, but it depends on how your game logic works
    # and i guess you can figure that out anyway. this still shows the basic
    # problem of breaking up bosses. the core of the solution is in the
    # findsmallest() and invertcontrol() functions.
    #
    # note that there is no overall ‘boss’ class. the closest thing to a boss
    # object is the node with no parent, which can be returned from any node with
    # node.findtop().

    boss3 = makelimb(*bossdata2)
    randomchild = list(boss3.children)[0]
    print “removing”,
    randomchild.viewtree()
    for bosslet in randomchild.breakboss():
    bosslet.viewtree()

    # note that if you keep a reference to your destroyed segment it will have
    # changed itself to a disembodied segment, i.e. its own boss. the original
    # boss is dissolved.
    # breakboss() returns an iterator, so if you need a list,
    # list(node.breakboss())

  14. 14deesto

    wrote on 18 June 2008 at 18:47

    The spam filter also seems to be blocking something in a typical bash ’ssh -vvv’ (verbose output) session; I tried uploading such a session as ‘Bash’ and got the message that my post had been blocked by spam filtering.

  15. 15deesto

    wrote on 18 June 2008 at 18:48

    sample session:

    ssh -vvv localhost
    OpenSSH_5.0p1, OpenSSL 0.9.7l 28 Sep 2006
    debug1: Reading configuration data /Users/jd/.ssh/config
    debug1: Applying options for *
    debug1: Reading configuration data /usr/etc/ssh_config
    debug2: ssh_connect: needpriv 0
    debug1: Connecting to localhost [::1] port 22.
    debug1: Connection established.
    debug3: Not a RSA1 key file /Users/jd/.ssh/id_rsa.
    debug2: key_type_from_name: unknown key type ‘—–BEGIN’
    debug3: key_read: missing keytype
    debug2: key_type_from_name: unknown key type ‘Proc-Type:’
    debug3: key_read: missing keytype
    debug2: key_type_from_name: unknown key type ‘DEK-Info:’
    debug3: key_read: missing keytype
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug2: key_type_from_name: unknown key type ‘—–END’
    debug3: key_read: missing keytype
    debug1: identity file /Users/jd/.ssh/id_rsa type 1
    debug1: Remote protocol version 2.0, remote software version OpenSSH_5.0
    debug1: match: OpenSSH_5.0 pat OpenSSH*
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_5.0
    debug2: fd 3 setting O_NONBLOCK
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
    debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
    debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
    debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
    debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
    debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
    debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
    debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
    debug2: kex_parse_kexinit:
    debug2: kex_parse_kexinit:
    debug2: kex_parse_kexinit: first_kex_follows 0
    debug2: kex_parse_kexinit: reserved 0
    debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
    debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
    debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
    debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
    debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
    debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
    debug2: kex_parse_kexinit: none,zlib@openssh.com
    debug2: kex_parse_kexinit: none,zlib@openssh.com
    debug2: kex_parse_kexinit:
    debug2: kex_parse_kexinit:
    debug2: kex_parse_kexinit: first_kex_follows 0
    debug2: kex_parse_kexinit: reserved 0
    debug2: mac_setup: found hmac-md5
    debug1: kex: server->client aes128-cbc hmac-md5 none
    debug2: mac_setup: found hmac-md5
    debug1: kex: client->server aes128-cbc hmac-md5 none
    debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
    debug2: dh_gen_key: priv key bits set: 131/256
    debug2: bits set: 526/1024
    debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
    debug3: check_host_in_hostfile: filename /Users/jd/.ssh/known_hosts
    debug3: check_host_in_hostfile: match line 25
    debug1: Host ‘localhost’ is known and matches the RSA host key.
    debug1: Found key in /Users/jd/.ssh/known_hosts:25
    debug2: bits set: 532/1024
    debug1: ssh_rsa_verify: signature correct
    debug2: kex_derive_keys
    debug2: set_newkeys: mode 1
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug2: set_newkeys: mode 0
    debug1: SSH2_MSG_NEWKEYS received
    debug1: SSH2_MSG_SERVICE_REQUEST sent
    debug2: service_accept: ssh-userauth
    debug1: SSH2_MSG_SERVICE_ACCEPT received

  16. 16anonymous

    wrote on 24 June 2008 at 23:43

    Just a tip, why not you have a CAPTCHA pre-set for anyone tripping the filter? Or, even better than poor CAPTCHA, a randomized set of images (that are generated via PHP so that image names cannot be used to bypass this method), and an array of questions such as: “Which one of these pictures is a cat?” or “Which one of these pictures has a burger in it?”; it is physically impossible to bypass this if done properly. The only possible method would be guessing pictures repeatedly, and if you get 3 wrong, you could automatically prevent the user from posting for a period of 3 hours or similar.

  17. 17anon

    wrote on 26 June 2008 at 20:19

    OpenSSH_4.7p1 Debian-12, OpenSSL 0.9.8g 19 Oct 2007
    debug1: Reading configuration data /etc/ssh/ssh_config
    debug1: Applying options for *
    debug2: ssh_connect: needpriv 0
    debug1: Connecting to 192.168.1.5 [192.168.1.5] port 22.
    debug1: Connection established.
    debug1: identity file /home/tom/.ssh/identity type -1
    debug1: identity file /home/tom/.ssh/id_rsa type -1
    debug3: Not a RSA1 key file /home/tom/.ssh/id_dsa.
    debug2: key_type_from_name: unknown key type ‘—–BEGIN’
    debug3: key_read: missing keytype
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug2: key_type_from_name: unknown key type ‘—–END’
    debug3: key_read: missing keytype
    debug1: identity file /home/tom/.ssh/id_dsa type -1
    debug1: Remote protocol version 2.0, remote software version OpenSSH_4.7p1 Debian-12
    debug1: match: OpenSSH_4.7p1 Debian-12 pat OpenSSH*
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_4.7p1 Debian-12
    debug2: fd 3 setting O_NONBLOCK
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
    debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
    debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
    debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
    debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
    debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
    debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
    debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
    debug2: kex_parse_kexinit:
    debug2: kex_parse_kexinit:
    debug2: kex_parse_kexinit: first_kex_follows 0
    debug2: kex_parse_kexinit: reserved 0
    debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
    debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
    debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
    debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
    debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
    debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
    debug2: kex_parse_kexinit: none,zlib@openssh.com
    debug2: kex_parse_kexinit: none,zlib@openssh.com
    debug2: kex_parse_kexinit:
    debug2: kex_parse_kexinit:
    debug2: kex_parse_kexinit: first_kex_follows 0
    debug2: kex_parse_kexinit: reserved 0
    debug2: mac_setup: found hmac-md5
    debug1: kex: server->client aes128-cbc hmac-md5 none
    debug2: mac_setup: found hmac-md5
    debug1: kex: client->server aes128-cbc hmac-md5 none
    debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
    debug2: dh_gen_key: priv key bits set: 133/256
    debug2: bits set: 514/1024
    debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
    debug3: check_host_in_hostfile: filename /home/tom/.ssh/known_hosts
    debug3: check_host_in_hostfile: match line 1
    debug1: Host ‘192.168.1.5′ is known and matches the RSA host key.
    debug1: Found key in /home/tom/.ssh/known_hosts:1
    debug2: bits set: 512/1024
    debug1: ssh_rsa_verify: signature correct
    debug2: kex_derive_keys
    debug2: set_newkeys: mode 1
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug2: set_newkeys: mode 0
    debug1: SSH2_MSG_NEWKEYS received
    debug1: SSH2_MSG_SERVICE_REQUEST sent
    debug2: service_accept: ssh-userauth
    debug1: SSH2_MSG_SERVICE_ACCEPT received
    debug2: key: /home/tom/.ssh/identity ((nil))
    debug2: key: /home/tom/.ssh/id_rsa ((nil))
    debug2: key: /home/tom/.ssh/id_dsa ((nil))
    debug1: Authentications that can continue: publickey,password
    debug3: start over, passed a different list publickey,password
    debug3: preferred gssapi-keyex,gssapi-with-mic,gssapi,publickey,keyboard-interactive,password
    debug3: authmethod_lookup publickey
    debug3: remaining preferred: keyboard-interactive,password
    debug3: authmethod_is_enabled publickey
    debug1: Next authentication method: publickey
    debug1: Trying private key: /home/tom/.ssh/identity
    debug3: no such identity: /home/tom/.ssh/identity
    debug1: Trying private key: /home/tom/.ssh/id_rsa
    debug3: no such identity: /home/tom/.ssh/id_rsa
    debug1: Trying private key: /home/tom/.ssh/id_dsa
    debug1: read PEM private key done: type DSA
    debug3: sign_and_send_pubkey
    debug2: we sent a publickey packet, wait for reply
    debug1: Authentications that can continue: publickey,password
    debug2: we did not send a packet, disable method
    debug3: authmethod_lookup password
    debug3: remaining preferred: ,password
    debug3: authmethod_is_enabled password
    debug1: Next authentication method: password
    tom@192.168.1.5’s password:

  18. 18anon

    wrote on 26 June 2008 at 20:20

    pretty much makes pastebin useless for real task. Thanks.

  19. 19lordelph

    wrote on 30 June 2008 at 9:03

    @anon, I was able to post that ssh debug fragment OK

  20. 20ville

    wrote on 30 June 2008 at 9:21

    How about image maps which have a code? Before posting, this code should be inserted in the text form. There are plenty of working examples around.

  21. 21dracozny

    wrote on 7 July 2008 at 3:05

    simple log output from IRC, thanks a million

    [19:56:29] test Failed
    [19:56:29] test
    [19:56:29] SnapCrackleMobile [pocketirc@forexchat-DF320650.hsd1.ga.comcast.net] has quit IRC: NETSPLIT west.us.ircforex.com europa.ircforex.com
    [19:56:29] torqueconverter [email@A7942B12.5B235C4C.8552E0C6.IP] has quit IRC: NETSPLIT west.us.ircforex.com europa.ircforex.com
    [19:56:29] nizzo [3ed1bec2@forexchat-44A36A29.mibbit.com] has quit IRC: NETSPLIT west.us.ircforex.com europa.ircforex.com
    [19:56:29] damari [damari@forexchat-35218400.mdp.mlm.bostream.se] has quit IRC: NETSPLIT west.us.ircforex.com europa.ircforex.com
    [19:56:29] mib_ap168v [4ca913c5@forexchat-44A36A29.mibbit.com] has quit IRC: NETSPLIT west.us.ircforex.com europa.ircforex.com
    [19:56:29] phy [phy@forexchat-D611CAA8.tampabay.res.rr.com] has quit IRC: NETSPLIT west.us.ircforex.com europa.ircforex.com
    [19:56:29] hastake [ake@forexchat-3B035980.adsl-dyn.isp.belgacom.be] has quit IRC: NETSPLIT west.us.ircforex.com europa.ircforex.com
    [19:56:29] humor3 [300@forexchat-5C3A4B42.catv.broadband.hu] has quit IRC: NETSPLIT west.us.ircforex.com europa.ircforex.com
    [19:56:29] peer [cleo@forexchat-540F04A9.in] has quit IRC: NETSPLIT west.us.ircforex.com europa.ircforex.com
    [19:56:29] Gr3G0 [txdkib@forexchat-797ED6F.dsl.telesp.net.br] has quit IRC: NETSPLIT west.us.ircforex.com europa.ircforex.com
    [19:56:29] RedRobin [redrobins@forexchat-F8232DFE.dsl.pltn13.pacbell.net] has quit IRC: NETSPLIT west.us.ircforex.com europa.ircforex.com
    [19:56:29] javax [javax@AD3B6891.74B955CD.640D5C50.IP] has quit IRC: NETSPLIT west.us.ircforex.com europa.ircforex.com
    [19:56:29] mjoll-work [mjollnir@forexchat-C06D98C.toutatis.be] has quit IRC: NETSPLIT west.us.europa.ircforex.com

  22. 22Joe Wulf

    wrote on 8 July 2008 at 1:18

    I am relatively new to pastbin, but think the hard work you are putting in to have a useful product is outstanding. Many do find it easy to critisize, roll with the punches and continue to polish your excellent website.

    KUDO’s!!!

  23. 23Nicolas

    wrote on 30 July 2008 at 16:36

    Why do all pastes return 404 Not Found (along with the normal and complete HTML page)?

  24. 24primeminister

    wrote on 7 August 2008 at 8:29

    HI!
    Would be nice if I can post the posters name and format from the URL like this:
    http://www.pastbin.com/?format=php&poster=myname

    Then I would use it from IRC to get the nick and post the nice url to them.

    Is this possible?

  25. 25Dan

    wrote on 8 August 2008 at 19:10

    public_html/../posts/ needs to be a writable dir to use file storage engine

    i get this weird error when i am done with all the pastebin files, how can i fix this?

  26. 26Anonymous

    wrote on 12 August 2008 at 9:50

    Is there any chance of posting an updated tarball of the pastebin source? The one currently available is v0.60 dated 2008-07-10. TIA.

  27. 27Nicolas

    wrote on 18 August 2008 at 2:35

    Please don’t add a captcha. There are troubleshooting scripts that generate debugging information, upload it to pastebin, and output a URL to the user. There is no way that could cope with a captcha, and it’s a legitimate use.

  28. 28prashant

    wrote on 24 September 2008 at 16:22

    can any one help me to setup for my site rainoh.com

    i am not getting where to keep .htaccess file

    DocumentRoot /path/to/pastebin/public_html
    ServerName your.domain.name.com

    php_value include_path .:/path/to/pastebin/lib
    php_value register_globals off
    DirectoryIndex pastebin.php
    RewriteEngine on
    RewriteRule /([a-z0-9]+) /pastebin.php?show=$1

    and /path/to/pastebin/public_html == path for my site???

  29. 29celien

    wrote on 26 September 2008 at 22:45

    Your filter is to aggresive my lazy nature didnt birng me t this blog intil resently so i dont got all the post that your pastebin stopped (i simply went to an other site) but sense i like yours better i second this suggestion By: MizardX
    “How about you giving the user a chance to ‘prove’ it’s not a spam. E.g. showing some skewed image containing a short string, and if the user can type that, he or she can post the message anyway.
    This won’t protect against manually entered spam-posts though.”

  30. 30Anonymous

    wrote on 30 September 2008 at 19:15

    Can you set UTF-8 as default encoding?

  31. 31Satria

    wrote on 9 November 2008 at 20:58

    If possible,
    Please turn off filtering on private.pastebin.com,

    Its private doesnt it…?
    So, i guess no need to worries about if indexed by google

  32. 32Pramod

    wrote on 10 November 2008 at 16:18

    @Satria agreed

    my post containing hundreds of links to adrive.com tripped your spamfilters

    Shaun of the Dead
    http://adrive.com/public/492361be9f56bf91b7552642cee4e7ebcc459e68b83cb880221d8ee9bc707b11.html
    Gone in 60 Seconds
    http://adrive.com/public/7896638b141aee5d9811b3bf04e2fb15f5d395a136253ce90aaab4c73a4f0e00.html

  33. 33Arsenic

    wrote on 28 November 2008 at 6:04

    Attempting to post a list of Newegg links for a computer build I configured for a friend got rejected by the filter.

  34. 34Janice Haffner

    wrote on 30 November 2008 at 14:31

    Any chance of adding captcha or some other method of stopping spam? we’re still seeing lots of porn url’s being posted.

  35. 35TomatoSoup

    wrote on 7 December 2008 at 18:38

    Disabling the check for private pastebins sounds ideal to me.

    Your autopaste program can’t cope with the captcha or the filter? Just tell it to dump all that info to a private pastebin! It’s ideal, because then you even have a log.

  36. 36ardan

    wrote on 12 January 2009 at 1:15

    i need mysql database database.sql for pastebin.com

  37. 37ardan

    wrote on 12 January 2009 at 1:42

    help me in mysql i got much error this is the screenshot
    http://i41.photobucket.com/albums/e283/ardantus/pastebin/error.jpg

  38. 38Ramón

    wrote on 21 January 2009 at 15:45

    Hey for some reason pastebin breaks diff files, it seems it just remove ‘@@’ line prefixes. This renders the site unusable for code exchange in diff format.

  39. 39Contagious Republic

    wrote on 31 January 2009 at 0:20

    I can’t find anything that says what’s the largest file I can post, this is caused me 15 minutes of trial and error.

    Result of test: my file won’t fit to matter how well I trim it, period. I wish I knew that right away! And I will still have to test it again when I have to post some OTHER file that seems small enough to me!

    Or is the server overloaded? The error message is confusing.

    There should be a size limit stated somewhere obvious or an error message for too big that states the max size so people know, and don’t have to guess…

  40. 40Usama

    wrote on 31 January 2009 at 3:52

    Hi thanks for this service
    I think some non ASCI character doesn’t apper well.

    If I typed:
    this is a test
    test اختبار

    I get this:
    this is a test
    test اختبار

    the word is in Arabic and it seems like there is strange Unicode support.

    paste.ubuntu.com works fine if you want to test.

  41. 41vxp

    wrote on 22 April 2009 at 12:55

    As of today(?,) the text contained within

    is considered as spam, would appreciate the reasoning behind
    this spec. qualification and any possible solutions.

  42. 42vxp

    wrote on 22 April 2009 at 12:56

    …the URL to the offending text is
    http://www.f1re.org/pastebin/pastebin.php?show=f5df796,
    the /Blog/ appears to not haved liked the brackets.

  43. 43rrr

    wrote on 15 June 2009 at 20:46

    When filter catch something, give him captcha or image to click whats asked.

Leave a comment