Quote:
|
Originally Posted by TheDoc
Well.. I would bet most of the owners don't know how to use mirc. 
They care; they just don't care at the same time. I don't care that the PW's are on mirc, I was more worried with how many. Most of the sites listed and myself included have protection software. The only problem is MIRC is a very slow pw leak normally across many accounts. One person requests your site and enters, no protection script stops from that. Now do this across 50+ accounts and it's a huge pw leak that most owners never notice. |
Rather than mIRC, we can say, the IRC. But IRC chat rooms are only one problem. On large password boards it is common for posters to post as man as 1000 passwords in a day. Let me clarify that. It is common for 1 poster to post that many. 20,000 may get posted altogether on just one board. Add that up with all of the other boards in over 100 languages and you can see that this industry has a HUGE hole in it.
If everyone used a form login, encrypted passwords, server generated passwords and did a little bit of work on their security, the outcome would be that we all make a lot more money. We all would have over 1 Billion dollars to share. If you are a major sponsor you will get a larger piece of the pie.
This should be a seminar at Internext-expo. You all do seminars on some mundane shit. Shit that will gross less than 100 million. This is way bigger.
Now for a lesson.
Google for these phrases,
awstats exploit
phpbb exploit
ikonboard exploit
cpanel exploit
invision qpid exploit
vBulletin Calendar Command Execution Vulnerability
That is enough for now. A large majority of you use this software. Before you go using open source or even paid for software, it is a good idea to google for its exploits before you install it.