DBC error: unknow reply: unable to complete request

I have been using the deathbycaptcha service perfectly for weeks, however, today I get the following error:
my credentials are ok, I have verified them several times, I have a balance in the platform and I have even recharged more credits, I have restarted my PC and nothing, I still get the message and it is not active, is it deathbycaptcha error or some GSA bug? any solution? 

Can a wild shaped druid reply to Message?

The wizard casts Message and targets my druid that’s currently a wolf.

Wild Shape mentions:

You can’t cast spells, and your ability to speak or take any action that requires hands is limited to the capabilities of your beast form. Transforming doesn’t break your concentration on a spell you’ve already cast, however, or prevent you from taking actions that are part of a spell, such as call lightning, that you’ve already cast.

Message states:

You point your finger toward a creature within range and whisper a message. The target (and only the target) hears the message and can reply in a whisper that only you can hear.

The druid can clearly understand the message. So far my DM has ruled that I can’t reply because I can’t ‘whisper back’ as a beast. We are curious to whether this ruling is correct.

In other words: by RAW, how important is the ability to whisper while replying to a message?

Reply to potentially spoofed email

A colleague recieved an unsolicited email along the lines below:

Dear Ms. Smith

please click on the following link to recieve Document X regarding Project Y.

Yours,

Eve Nobody
eve.nobody@company.com


I suggested my colleague to reply to Eve Nobody, and ask whether the email is legitimate. Note, that we typed-in the address of Eve Nobody, since one could tamper with the reply-to header.

I assume three possible scenarios:

  1. Eve Nobody exists and she did send the email
  2. Eve Nobody exists, but she didn’t send the email
  3. Eve Nobody does not exist, and the email-server of company.com will reply with an error message

In all possible scenarios, we only interact with company.com, and not with any potential spoofer. Thus, I consider this course of action safe.

Was my advice sound, or are there other aspects to consider?


For context:

  • We are a firm which does research with academia and industry, hence we have plenty of information on our current projects along with the corresponding researchers. Thus, the information contained in the initial email (a reasonable title for Document X and the title of Project Y) can be gather from our homepage.
  • company.com is a legitimate company, and is involved in some research of ours.

Snort analyze reply based on request

I’m trying to write a snort rule which detects if certain binary files where requested via HTTP based on a regex rule matching there names. But it should only send an alert if the file exists (e.g. HTTP 200 OK reply).

Is it possible to have this kind of “statefull” scan? What kind of technique could I use else since the files have no reliable information in them I could search for.

The current look of my rule:

alert TCP $  EXTERNAL_NET any -> $  HOME_NET $  HTTP_PORTS (pcre:"/\d{6}-\d\.\d\.pdf$  /U"; sid:90000512; classtype:patent-access;)  

Circumventing inbound traffic rule by faking reply traffic

My question is about security groups/firewalls and protecting a virtual private cloud from the external world. Here is a description of VPC default policy for inbound/outbound traffic (on AWS):

Each security group by default contains an outbound rule that allows access to any IP address. It’s important to note that when an instance sends traffic out, the security group will allow reply traffic to reach the instance, regardless of what inbound rules are configured.

I was wondering if there exists an attack vector where a malicious user tries to circumvent the VPC’s inbound policy (i.e. block all traffic) by tricking it into thinking that the incoming traffic is a “reply” traffic? Does such attack have a name in the literature?

I can also think of a scenario where a target machine T (within a VPC) sends a request to some valid server V, but the malicious user M sends a malicious response to T (tricking it into believing that it comes from V) before T receives the actual response from V, thence circumventing T‘s inbound traffic policy.

Does the reply to the Message cantrip have a time/distance limit?

The message cantrip says the following:

You point your finger toward a creature within range and whisper a message. The target (and only the target) hears the message and can reply in a whisper that only you can hear.

The spell itself has a duration of 1 round and a range of 120 feet, but I assume this is for the caster’s “outgoing” message. Is there a time limit or a distance limit on the recipient’s reply?

I ask this because a player claims that the recipient of the message can reply any time in the future at any distance, because the spell does not specify that, and they have therefore used the message cantrip as a way to have an NPC tell them when someone is ready to collect (i.e. casting message on the NPC, with the message being “reply to this message spell when you’re done“).

I believe that the intent is that the recipient is expected to reply straight away, but that isn’t specified. For contrast, the sending spell does specify when the recipient is allowed to respond:

You send a short message of twenty-five words or less to a creature with which you are familiar. The creature hears the message in its mind, recognizes you as the sender if it knows you, and can answer in a like manner immediately.

Sending says that the recipient must reply immediately, whereas message does not specify when the recipient must reply, hence my player claiming that there is no time limit.

Regarding the distance thing, this is also treading on the toes of the sending spell somewhat, except that the caster of message still has to be within 120 feet of the recipient (it’s only the recipient that seems to have no limit on distance), whereas sending allows the caster to be the one to initiate long-distance communication.

Is my player correct? Can the recipient of a message really reply after any length of time after they receive the message, and over any distance?

Possible Scam – reply address appears to be yours

Have received the following email which I believe to be a scam

Internet Crime Complaint Center (IC3) In Partnership with: Swiss National Fraud Relief Center (NFRC) Case/Reference ID: IE3033900045 We regret to inform you that you have been a victim of identity theft. Your identity and consumer credit file have been compromised and used in an identity theft scheme recently uncovered in Ireland by federal authorities. Your more personal details have been undisclosed in this email for your own security as your email might have been compromised as well. The offenders have since been prosecuted, tried and ordered to pay restitution to victims involved willingly through wire fraud and romance or other scams, or unwillingly through identity theft and hacking. This means victims that had direct contact with the offenders by telephone or email in response to some type of scam and those who are hacked and are unaware of the incident prior to this notification. You have received this notification because this applies to you directly regardless of if you have lived in Ireland or not, that’s where the case was opened and that’s where the hackers were charged. For more detailed information about this case and the settlement pay outs that you are entitled to, immediately contact the Office of International Affairs at the Limerick City District Court by replying to this notification, or by visiting in person at 38 Roxboro Road, Limerick, Ireland between 9:00 a.m. and 4:00 p.m., Monday through Friday, excluding Court holidays. If you are visiting in person, set up an appointment prior to your visit by telephone: +353 800 814 250 (toll-free) or by email. If you are unable to make a trip, you will be rendered proper assistance online and on the telephone. Regards, Ilia Price Administrative Clerk

The send address was Ilia Price The reply address was international.affairs@limerick-city.org

Are you able to confirm that is is a scam

Kind Regards Richard Stafford

[ Law & Ethics ] Open Question : Get in trouble for offensive/hateful reply email?

so a friend of mine got an email from a rep of his new credit card company saying that he could use his new card before it got to him through their app (new card was supposed fo arrive by mail in 2 weeks). he was in a bad mood and replied that the rep should f*k off and stop pressuring him, and that he would use their sh*tty card whenever he feels like it. and that the rep should kill himself. following his reply he got an email from the company saying that they closed his account due to breaking terms of fairuse policy. he then apologized and they said they appreciate the apology but will not reopen his account. he is worried. can he get in trouble for the things he said?