GoFuckYourself.com - Adult Webmaster Forum - View Single Post - Pass sharing sites

Pimpin_J · 07-09-2006, 10:22 AM

The passwords arent the most weak point on an adultsite. Generated user/pass combinations are a good start but that doesnt protect you from so called "pass sharers".
The weakest point is the "human" webmaster!
They hack your site through any well known bug (adultcms/phpBB,whatever), place a shell (mostly .php / .gif / .jpg ) and search for your .htpass file or your sql details. Once your .htpass is stolen its easily decrypted with the right tools. (Generated user/pass combinations are also more hard to decrypt then normal combos like "user123 : 321user")
Bruteforcing was 1990...
So better keep your stuff updated and check for suspect files on your server.

07-09-2006, 10:22 AM
Pimpin_J Confirmed User Join Date: Jul 2006 Location: SplitInfinity.com Posts: 3,637	The passwords arent the most weak point on an adultsite. Generated user/pass combinations are a good start but that doesnt protect you from so called "pass sharers". The weakest point is the "human" webmaster! They hack your site through any well known bug (adultcms/phpBB,whatever), place a shell (mostly .php / .gif / .jpg ) and search for your .htpass file or your sql details. Once your .htpass is stolen its easily decrypted with the right tools. (Generated user/pass combinations are also more hard to decrypt then normal combos like "user123 : 321user") Bruteforcing was 1990... So better keep your stuff updated and check for suspect files on your server. __________________