We make $$ ripping you off! - Page 4 - GoFuckYourself.com

Shap · 11-02-2005, 12:26 AM

Quote:

Originally Posted by subVERSION

Not that I'm on the enemy's side.

But.... NONE of you gentlemen have even came close to giving as complete of an intelligent response as he's been.

Even if he couldn't really do what he's saying.

This mutherfucker knows how to market his services.

Job well done.

And FYI, What he's saying is quite possible. No doubt about that.

What he's saying is reality.

Doctor Dre · 11-02-2005, 12:28 AM

Quote:

Originally Posted by shap

I'll take Option 1 all day everyday.

No doubt

even the gov does ... watch Catch me if you can ;)

Shap · 11-02-2005, 12:31 AM

Quote:

Originally Posted by Doctor Dre

No doubt

even the gov does ... watch Catch me if you can ;)

EXACTLY.

selena · 11-02-2005, 12:42 AM

Very interesting read. Frankly, lots of it is over my head, but the poster sounds like he knows what he is talking about to me.

Due · 11-02-2005, 01:03 AM

Didnt read it all.
But a easy fix could be making logins PHP based with sessions and cookie verification.
before your user / pass match function put
<?
sleep(1);
?>
In case of failed user pass put:
<?
sleep(5);
?>
in case of visitor comming through a proxy put a extra function that requirre image verification.
It will take 1 second to login if you enter a successfull user / pass, and 6 seconds before you get a responce if you enter a wrong combination.
To make it more complicated you can additionally set PHP to return random apache headers.
It wont stop hacking completely, but slow down the process so it will hardly be worth the effort.
PHP w session / cookie based authorization can also be used as regular htaccess returning "200 OK" login for all requests, but only showing the actual content for people that made a match

moneymotivates · 11-02-2005, 04:09 AM

Quote:

Originally Posted by Doctor Dre

No doubt

even the gov does ... watch Catch me if you can ;)

great movie, just watched it the other day

Ciao bella · 11-02-2005, 09:54 AM

Quote:

Originally Posted by Doctor Dre

P.S. about anybody that say stolen password traffic is useless, you are WRONG ! spywares and dialers and stuff like that always works fine ;)

How can you tell what is stolen pass traffic from paying client traffic? The fastest way to destroy your reputation.

Quote:

Originally Posted by subVERSION

Not that I'm on the enemy's side.

But.... NONE of you gentlemen have even came close to giving as complete of an intelligent response as he's been.

Even if he couldn't really do what he's saying.

This mutherfucker knows how to market his services.

Job well done.

And FYI, What he's saying is quite possible. No doubt about that.

You are correct signore. Negitive response people either do not own paysites or are ignorant surfers searching for acceptance.

Quote:

Originally Posted by shap

Think again. I have absolutely no doubt about that one. I've seen it happen.

Eccellente signore Shap, he knows this industry.

http://www.gofuckyourself.com/showth...72#post8541672
http://www.gofuckyourself.com/showth...82#post8541682
http://www.gofuckyourself.com/showth...87#post8541687

Quote:

Originally Posted by Due

Didnt read it all.
But a easy fix could be making logins PHP based with sessions and cookie verification.
before your user / pass match function put
<?
sleep(1);
?>
In case of failed user pass put:
<?
sleep(5);
?>
in case of visitor comming through a proxy put a extra function that requirre image verification.
It will take 1 second to login if you enter a successfull user / pass, and 6 seconds before you get a responce if you enter a wrong combination.
To make it more complicated you can additionally set PHP to return random apache headers.
It wont stop hacking completely, but slow down the process so it will hardly be worth the effort.
PHP w session / cookie based authorization can also be used as regular htaccess returning "200 OK" login for all requests, but only showing the actual content for people that made a match

Bravo signore! In reality, many paysites implement those security features. To no avail do they work. Sceptable of my claims? May I introduce you to sites that offer better coded security than your example.

Strongbox defeated!

teentopanga proxy block & OCR (image) log-on defeated.
New page to stop hackers? Lets see how their security works.

Doesnt seem their new security page stops hackers. Defeated!

Gaining unauthorized access is a challange. Most programmers today are old school coders. They do not respect or realize the know-how of todays crackers. Deluxpass was mis-advised thinking automatically generated numerical users & passes would defeat us. Deluxpass learned a hard & costly lesson. Reviewing the prices of Strongbox are ridiculous. You can have the best security possible on your site. If your billing company is weak, your site is weak. It's not only your billing company, google and msn spiders tear you a new hole.

Some billing companies require the client to use their email addy as their user. Many use their email addy pass as the site pass. We check for that error in judgement and have 1000's of stolen email addresses. We use those email addresses to register on places like GFY. Not only is your site security breached, so are your clients email addresses. Some accounts hold interesting data from other sources.

We keep our message board secure. Only .edu email addresses are accepted. University students will not report us over the chance their future careers could be jeopardized. Futhermore, some of their fellow university students code for us. Wouldnt be healthy for them to be a hero. Its a constant rotation of college students. Each graduating class is replaced with freshmen. Replacement includes word of mouth which adds new universities each fall.

Some mentioned the ugly word extortion. Signore, we do not want your $$. We make more $$ off your members area then you can pay us.

Grande rispetto signore Shap & subVERSION!

Bravo the porn industry, bravo!

Ciao bella

NickJ · 11-02-2005, 11:02 AM

I come in Peace..

Screaming · 11-02-2005, 11:09 AM

I take it no one has sent him any money yet?

Nicky · 11-02-2005, 11:40 AM

Interesting to say the least.

KCat · 11-02-2005, 02:07 PM

Quote:

Originally Posted by Screaming

I take it no one has sent him any money yet?

He said in the first post that he already has 6 GFY clients.

The only misconception I can see is that porn pushers will go from eating filet mignon & trips to Mexico down to eating mac & cheese. How many GFYers are already subsisting on mac & cheese?

Ciao bella · 11-02-2005, 02:41 PM

Signore Shap is not a client of ours. Signore Shap is a classy webmaster. For Shaps understanding knowledge and respect, we removed Twistys access off our forum for 1 week.

Ciao bella

onedree · 11-02-2005, 06:03 PM

Hello,

I am not a webmaster. I am a amateur model working my ass off trying to make an honest buck in this business. I read this thread and wanted to offer my two cents worth. It would be difficult to evaluate it fairly and objectively if I hadnt seen this persons dirty deeds for myself. Seems the webmasters here are lacking technique to stop people like ciao bella. Equally important, he and others must make a substantial profit off of your websites. How can you portray yourselfs with unlimited macho testosterone and allow people to take food off your table.

Jimbo · 11-03-2005, 12:00 AM

[QUOTE=KCat]He said in the first post that he already has 6 GFY clients.[QUOTE]

And you beleive that?

Due · 11-03-2005, 12:37 AM

Quote:

Originally Posted by Ciao bella

How can you tell what is stolen pass traffic from paying client traffic? The fastest way to destroy your reputation.

You are correct signore. Negitive response people either do not own paysites or are ignorant surfers searching for acceptance.

Eccellente signore Shap, he knows this industry.

http://www.gofuckyourself.com/showth...72#post8541672
http://www.gofuckyourself.com/showth...82#post8541682
http://www.gofuckyourself.com/showth...87#post8541687

Bravo signore! In reality, many paysites implement those security features. To no avail do they work. Sceptable of my claims? May I introduce you to sites that offer better coded security than your example.

Strongbox defeated!

teentopanga proxy block & OCR (image) log-on defeated.
New page to stop hackers? Lets see how their security works.

Doesnt seem their new security page stops hackers. Defeated!

Gaining unauthorized access is a challange. Most programmers today are old school coders. They do not respect or realize the know-how of todays crackers. Deluxpass was mis-advised thinking automatically generated numerical users & passes would defeat us. Deluxpass learned a hard & costly lesson. Reviewing the prices of Strongbox are ridiculous. You can have the best security possible on your site. If your billing company is weak, your site is weak. It's not only your billing company, google and msn spiders tear you a new hole.

Some billing companies require the client to use their email addy as their user. Many use their email addy pass as the site pass. We check for that error in judgement and have 1000's of stolen email addresses. We use those email addresses to register on places like GFY. Not only is your site security breached, so are your clients email addresses. Some accounts hold interesting data from other sources.

We keep our message board secure. Only .edu email addresses are accepted. University students will not report us over the chance their future careers could be jeopardized. Futhermore, some of their fellow university students code for us. Wouldnt be healthy for them to be a hero. Its a constant rotation of college students. Each graduating class is replaced with freshmen. Replacement includes word of mouth which adds new universities each fall.

Some mentioned the ugly word extortion. Signore, we do not want your $$. We make more $$ off your members area then you can pay us.

Grande rispetto signore Shap & subVERSION!

Bravo the porn industry, bravo!

Ciao bella

Mayby you missed something, but the 2 sites you showed a screenshot from is not using the method I described.
Still my method is not perfect, that was a fix that applied to a site I was working on a year ago or so after it had been under permanent attack by a script kiddy like you for ½ a day or so. It took me around 10-15 minutes to make and it did the job. I didnt even need to implement image verification.
Since I'm not into paysites I didnt really care about making a complete solution.
I might be able to spare a few hours to make a script this weekend to protect against hacking, would you take the challenge if I did?

Due · 11-03-2005, 12:40 AM

To make it easier I wouldnt add any proxy checkups, so you dont need to worry about your proxy lists being labelled

selena · 11-03-2005, 06:09 AM

Bumps for the challenge

Harmon · 11-03-2005, 06:31 AM

In teresting post indeed. I remember the days of Mercs, OCH, Six Feet Under, Mr. Vega$... All you needed was a copy of Ares or Access Diver and a couple of wordlists... a fresh plate of about 1,000-2,000 level 3 or better proxies and you were in business.

There were quite a few sites at the time that had their ccbill.log file available for the entire world to see with some simple exploits (http://www.yoursite.com/ccbill/ccbill.log) and all you need to do was copy, pste, and throw into JTR and have them decrypted.

I think this guy is going about this the wrong way, and what he is in fact doing is extortion. The governement isn't going to help you though, unfortunately. They want you shut down, so complaining to them is kind of moot IMO.

I'm going to do some research and see what I can come up with on this guy, for the sake of this industry. I still have a couple of acquaintances that are still involved in the underground. I will report back with my findings...

pornstar2pac · 11-03-2005, 07:00 AM

this is GFY thread of the year 2005

Bama · 11-03-2005, 07:50 AM

Sheesh Ciao, Chicko, Chachi ..or whatever the fuck your name is,

You act like getting past an OCR image validation is some major accomplishment and you've got "mad skills" cause you finally figured out how to do it...

How bout showing a trick that might actually impress somebody??

Ciao bella · 11-03-2005, 11:33 AM

Quote:

Originally Posted by onedree

Hello,

I am not a webmaster. I am a amateur model working my ass off trying to make an honest buck in this business. I read this thread and wanted to offer my two cents worth. It would be difficult to evaluate it fairly and objectively if I hadnt seen this persons dirty deeds for myself. Seems the webmasters here are lacking technique to stop people like ciao bella. Equally important, he and others must make a substantial profit off of your websites. How can you portray yourselfs with unlimited macho testosterone and allow people to take food off your table.

Signora, you claim to be a amateur model. How does our franchise affect you?

Quote:

Originally Posted by Due

Mayby you missed something, but the 2 sites you showed a screenshot from is not using the method I described.
Still my method is not perfect, that was a fix that applied to a site I was working on a year ago or so after it had been under permanent attack by a script kiddy like you for ½ a day or so. It took me around 10-15 minutes to make and it did the job. I didnt even need to implement image verification.
Since I'm not into paysites I didnt really care about making a complete solution.
I might be able to spare a few hours to make a script this weekend to protect against hacking, would you take the challenge if I did?

Addressing me as a skiddie? Immature insults are not becoming of you singore. Fascinating how your measly 2 hours coding can stop what Strongbox or other knowledgeable coders can not stop. Initionally we were going to offer a challenge to doubting webmasters. Seems after singore Shap spoke, nobody has anything negitive to say. We've defeated them all! If your code is superior, by all means profit from your knowledge. Singore, we are not foolish enough to fall into a your potentially dangerous honeypot. We will not be baited into a pre-coded trap designed by a two-bit keyboard warrior thinking he is outsmarting everyone. Sorry to spoil your possible circus stunt. If you are that desperate for attention, post the link and one of my associates will distribute it.

Quote:

Originally Posted by Harmon

In teresting post indeed. I remember the days of Mercs, OCH, Six Feet Under, Mr. Vega$... All you needed was a copy of Ares or Access Diver and a couple of wordlists... a fresh plate of about 1,000-2,000 level 3 or better proxies and you were in business.

There were quite a few sites at the time that had their ccbill.log file available for the entire world to see with some simple exploits (http://www.yoursite.com/ccbill/ccbill.log) and all you need to do was copy, pste, and throw into JTR and have them decrypted.

I think this guy is going about this the wrong way, and what he is in fact doing is extortion. The governement isn't going to help you though, unfortunately. They want you shut down, so complaining to them is kind of moot IMO.

I'm going to do some research and see what I can come up with on this guy, for the sake of this industry. I still have a couple of acquaintances that are still involved in the underground. I will report back with my findings...

We like your Apache/1.3.33 1.88 PHP. You implement the same weak security features as Southern-Charms. *uno momento to laugh*

Code:

Thank You,
The Adult.com Team

Quote:

Originally Posted by Harmon

I think this guy is going about this the wrong way, and what he is in fact doing is extortion. The governement isn't going to help you though, unfortunately. They want you shut down, so complaining to them is kind of moot IMO.

Please re-read my last response!

Quote:

Originally Posted by Ciao bella

Some mentioned the ugly word extortion. Signore, we do not want your $$. We make more $$ off your members area then you can pay us.

Suppose you were distracted watching soap opera's and eating chips during that part of my response. Added you to our extensive list of GFY derelicts!

Singore, reflecting on your glory days gone by is touching. With todays technology and knowledgeable coders, finding info is as easy as taking candy from a bambino. This is why we use stolen email addresses to register on message boards such as this one. If one of the email addresses is reported, its not our IP's that registered that account. You'll be illegally harrassing innocent people.

Correct again signore! Forze di polizia will not assist online pornography peddlers. If you obtain a illegal websites URL, the host will shut it down. Offshore hosts can not be bothered with your petty americano complaints. Our business is simple. We gain unauthorized access to your legal pornography paysite and make access available to the public. Look at our page signore! Our entire message board including the smaller skiddie forums are costing you all millions of american dollars a year in lost revenue. It's not our fault you're not educated enough to stop us.

Singore, you can research till you're exhausted. Our team consists of highly educated and motivated university students. We do not extend welcomes to your band of out-dated and tired hackers of yesteryear. Todays new adult webmasters do not have any formal education in *nix or a understanding of server architecture. The adult webmasters of the golden 90's rely on out-dated programmers implementing 90's security code as does your reality cash. A simple nmap -A -T4 -F -P0 and .c or .pl ruins their day.

We know all your tricks of the trade. By studying webmaster forums, we can say we know you without having to meet you. Consistently classy webmasters di buone maniere on this message board are signore Shap *twistys.com*, signore Shemp *shemp.com* and signore Lightspeed *ls-university.com-lightspeedteennetwork.com-tawneestone.com.
We do our homework!

Here the toplist again. Key stroke your chubby sausage fingers shutting these down.

http://toplist.linkworld.ws/

Bravo the porn industry! Bravo!

Ciao bella

pornstar2pac · 11-03-2005, 11:58 AM

Can you get me passwords to some tranny sites?

Jim Neil · 11-03-2005, 01:40 PM

Quote:

Originally Posted by pubenemy

Fris is locked out of gfy, hes on irc tho!

Where do ya'll hang out on IRC ?

MaDalton · 11-03-2005, 01:56 PM

ciao bella - i think i like your attitude - somehow. it's just my lost money that makes me want to smash your balls.

sumphatpimp · 11-03-2005, 02:08 PM

you miss the one and only point that matters you dumb dego!
their is too much free porn on the internet!
you adding to it don't make a shit!
and besides that
all your base belong to us!

LMAO!

Harmon · 11-03-2005, 02:10 PM

We like your Apache/1.3.33 1.88 PHP. You implement the same weak security features as Southern-Charms. *uno momento to laugh*

Code:
Thank You,
The Adult.com Team

Not quite sure what you are getting at

MaDalton · 11-03-2005, 02:12 PM

Quote:

Originally Posted by Harmon

We like your Apache/1.3.33 1.88 PHP. You implement the same weak security features as Southern-Charms. *uno momento to laugh*

Code:
Thank You,
The Adult.com Team

Not quite sure what you are getting at

i guess he thinks you work for adult.com...

dynastoned · 11-03-2005, 02:16 PM

Quote:

Originally Posted by justsexxx

I have no doubt that it's possible to hack/crack passwords. HOWEVER, at the moment these user/passes are posted on forums, they will be locked afte a very short time. SO what is the use of posting sites, using this kind of software?

theres a server on irc where you can request passwords for whatever site you want. within 4-6 hours they have a password and hand them out to whoever. they also have a random command that seems like it gives out infinite passwords to hundreds of pay sites.

i would post the server here but surfers would be all over it so ill just keep quiet.

Quagmire · 11-03-2005, 02:35 PM

Sorry I'm so late to the game, I had to find a pencil to type with as my fat sausage fingers were mashing all they keys around the ones I was trying to press. And in my rage I accidently knocked my grand latte mochachino into the keyboard.

nexcom28 · 11-03-2005, 02:50 PM

Seriously, you people are stupid, You talk like nothing can touch you but every single day 1000's of member's area's get hacked everyday. Ok, maybe it hasn't happened to you yet, but give it time..
Password sharing forums are real and on the rise, so what if the password is only available for a few hours, I know some forums that still have valid passwords from over a month ago. I can easily find passwords to any niche I desire without the need to pay, if paysites were more secure password sharing forums couldn't exist.. wise up people..

BlueQuartz · 11-03-2005, 02:58 PM

Quote:

Originally Posted by Ciao bella

Ciao,

I come in peace! This is to inform the paysite webmasters that you're being taken to the cleaners financially. A disaster such as this can quickly leave you without a checkbook.
My band of thiefs, including myself lurk this and other adult webmaster boards quite often absorbing as much knowledge as we possibly can. Some of your inflated macho egos are simply hysterical compaired to your weakly coded paysites.

The average paysite charges anywhere between 15-29+ american dollars to join. Some will invest money in pennywise or strongbox thinking their site is secure. As the two mentioned are not to bad, in my opinion they are not worth the money.

Pennywise
eg;

If we run a Pennywise site like a normal site, with Debugger Info checked, we will get a flood of 200 responses. Upon further analysis we see this.

Code:

-------------------- Header --------------------
HTTP/1.1 200 OK
Via: 1.1 TRANSCORENJ1
Connection: close
Content-Type: text/html
Date: Mon, 02 Oct 2005 15:33:22 GMT
Server: Apache/1.3.22 (Unix)  (Reliablehosting.com) PHP/4.2.2
WWW-Authenticate: Basic realm="Membership Required...."
X-Powered-By: PHP/4.2.2
-------------------- End Header --------------------

The site returned all 401's on our proxies. Why the 200 responses? The script this site uses detects we have entered a wrong username and password and sends this fake 200 response.
Until now, unless you knew a "trick", you couldn't test this site using HEAD, or atleast not the main member's url using HEAD request method.
After a close examination, we clearly seen that some Header Datas are more detailed than others. For example, two of the returned Headers had the line Content-Length, Last-Modified, and ETag. Manually checking these two combos, they really were hits. When we check some of the other combos which returned the smaller Header, we are sent to a fake page. So what can we do to prevent fakes from this site?
The option Recieved Header Key Phrases -> Define Success Key Phrases can now be checked. We know a Header Key Phrase we can use to determine if we got a hit or not. We also know a Failure Key Phrase, we know that all bad responses always have a 401 reply code. Add a Success Key Phrase as "ETag" and a Failure Key Phrase as " 401" (reason for the
space before the "4" is because we don't want to mix the HTTP Response up with another number returned from the server).
Ok, now we have a Failure Key Phrase checked and one is added, and Success Key Phrase checked and one is added. We then ran the test.
After the test finished, we did not have one fake reply and only hits to a once "tough" site.

Signora and gentiluomo, google is your enemy. It wouldn't take us under 5 minutes to rape their cache of your user and passes. Stripping CCBills, ibills logs for current information is as easy as taking candy from a bambino.

These are the user:pass guidelines of some popular companies used by the no0bs;

Code:

2000charge..............U: email, P: 4-10 characters
ACH Bill.......................No restrictions
AlfaBill.......................u: no restriction p: mailed
AllNet.........................No restrictions
Apple Gate.....................u: No restriction , p: 4-8
ATS Bank.......................u: No restriction p: mailed
BestSiteBilling...............U/P will be sent to you
BHE-bill.....................U/P: must be alpha-numeric at least 5 chars
Billingservices................No restrictions
BillingFrance .............L=only numbers, P=only Capitals
CardsGATE billing.......... U/P sent to you by mail
C.C.B.i.l.l.........................U:6-16chars , P:6-8 chars u can not be the same.
CDM Networks.............. u:email. p:mailed to you
Charge Solutions...............Mailed Pass- (when picked has no restrictions)
CHBill............................No restrictions
Cool Piranha billing.........U/P will be sent to you
Compugramming..................No restrictions
Croesus Billing..............U: no restrictions. P: email
CSB Entertainment..............No Restrictions
CBill..........................No Restrictions
DataWorld ...............all Form-login, either 7 or 10 char. & numbers
DCBill.........................No restrictions
Dhdmedia...................No restrictions
DPBill.....................L & P min 3 char
Dti services.......U:MAX 14 characters,P:8-14 at least one symbol, U: P can not be the same
DutchBilling.......supposed to be runned from I*Bill
all passes I have seen are 8 & 7 digits only.
a few of these sites use also VisionBill
EENT...........................4-8 character
E-payment................every user will be sent a password.
EzBill.........................5-15 Character
FineLine.......................No Restrictions
FSP Billing....................4-8 Character
G.l.o.B.i.l.l........................3-15 Digits username:No restrictions on password
HHBill.........................6 character user; 5 character pass (no digits)
I.B.i.l.l..........................u: generated 7 random letters & numbers p: random 7 digit number
I.B.i.l.l..........................u: choosed by member p: random 7 digit number
ICBill ......................L & P 6 char minimum
ICOMSERVICE.........U/P: id will be sent to you from provider
Inet-cash............... u: email adress,p:8-10 randomly generated digits
Internet Strategies............No Restrictions
Internet Ventures..............No Restrictions
IPay...........................No Restrictions
JetBill.......................2-32 Character username:6-32 character password
JetCharge......................u: 6-20 , p: 6-32 Character
jettis.com .....................U/P no restrictions
Kodiak.............................No restrictions
L.a.n.c.e.l.o.t.......................Minimum of 6 Characters, u can not be the same
LiberECO....... - User name and password have to differ. They both have to consist of 5 to 8 alphanumeric symbols and should not contain any special characters
MAK............................5-15 Character
LinkBill.......................generally the submitter choose
Mybillinggroup...............U/P 6-10,alpha/numral
M.S.B.ill.........................Minimum of 4 Characters
N.e.t.B.i.l.l.i.n.g.....................No restrictions
nCharge.....................U: no restrictions. P: will be emailed to you
NPH Charge.....................No restrictions
OdesseyBill..................L & P ? (all sites are HTML-Form)
one-verify...................U/P:Alpha-numeric and at least 5 characters
Paycom.........................minimum of 3 Characters
PayPal.........................u: email address, p: minimum of 8 characters
Pay-System.....................No Restrictions
Plug & Pay Technologies.....U/P: 4-8 chars..U/P CAN NOT be the same
PNP............................minimum of 4 Characters
Proadault Billing......U: 4-6 digets P: any characters
Probilling...............U:6 - 8 characters, p:any combination of letters AND numbers
Proximus Media............U/P: will be sent to you from provider
PSbill..........................U/P.:will be emailed to you
PWS Billing....................6-12 Character
Python..........................3-? char
RJBTelcom....................6-8 Character
SilverCash...................U/P alpha-nummeric, atleast 3
Solarbilling.................. U:email. P: no restrictions
Storm pay..................U: email, P: at least 6 chars and at least 1 diget
SunBill........................Mailed Pass
Triplexcash...................U/P:at least 6 characters, U: P can not be comon
Validate........................L=only numbers, P=only Capital
Verisign.......................Minimum of 3 Characters (same as Paycom?)
V.e.r.o.t.e.l........................8:7 diggits, also 7:7 diggits, also 7:8 diggits
VisionBill......................U: P:3-10 char.,
Webcombilling.......... id and password will be sent by company
Website Billing................No restrictions
Webpower.......................u: 6-10, p: 6-15 Character
Web Quest......................u: 2-8 , p: 6-8
WNU (Paycom)...................minimum of 3 Characters
WSPay.......................... a member's id will be sent to you
WTS Billing....................No restrictions

Why am I telling you this? I think we both can benifit from my services. Six current GFY webmasters pay us a very small fee to keep their paysites off of our network.
Laugh, joke, ridicule, call this a big scam as you stuff your face with hotdogs. By reading some threads on this forum, you are all aware you're being financially ripped to schreds.
I've noticed with great laughter some of you posting mear amatuer sites that house your copyrighted content. Whippie-doo, when one falls its replaced with 4 others.

Think about my offer. While you're thinking, this is a board I frequent with a never ending supply of users and passes.

Furthermore, the email addy I used to register at GFY is a Canadian .ca stolen email account. Registration verification was clicked with a IP from Poland.
The IP I am using on this thead is from Poland.
Banning is useless over our other 14 active accounts on GFY. (all with stolen or hijacked email accounts)

Fees;

75 American dollars aweek.
200 American dollars a month.

Hope to see a reply from you soon or continue spending money buying content.
Adult companies are buying advertisment space on our websites!
Bravo the porn industry!

Ciao bella!

Un momento brevissimo, allow your fat sausage fingers to email these hosts.
My gift to you. hahaha

http://toplist.linkworld.ws/

Ciao!

bahahahahahahahahahahahahahaha

the last piece of shit that came in here speaking SHIT and trying to extort money got their arse in jail real quick - hows your arse anyways deepsy???

KARMA IS A BITCH BOY

BlueQuartz · 11-03-2005, 03:00 PM

Quote:

Originally Posted by nexcom28

Seriously, you people are stupid, You talk like nothing can touch you but every single day 1000's of member's area's get hacked everyday. Ok, maybe it hasn't happened to you yet, but give it time..
Password sharing forums are real and on the rise, so what if the password is only available for a few hours, I know some forums that still have valid passwords from over a month ago. I can easily find passwords to any niche I desire without the need to pay, if paysites were more secure password sharing forums couldn't exist.. wise up people..

laughable - who the fuck are you to tell them how to run their sites??

Linguist · 11-03-2005, 03:09 PM

These "hackers" amaze me... why not put your energy into something that would make you money, instead of landing you into jail?... At least if you do something then keep it quiet instead of trying to extort money

nexcom28 · 11-03-2005, 03:20 PM

Quote:

Originally Posted by BlueQuartz

laughable - who the fuck are you to tell them how to run their sites??

I'm not telling anyone how to run thier site's, i'm just stating facts..

dynastoned · 11-03-2005, 03:24 PM

as more and more people become more computer litterate in this new day and age it also becomes easier for them to find things like free passwords. its probably part of the reason ratio's have continued to worsen every year. not saying its the only reason because its not but im sure it doesn't help any.. just my thoughts.. some of you probably should look into this as it can only get worse with time.

seeric · 11-03-2005, 03:26 PM

so, let me get this straight, you want to build a business model around a federal crime? (extortion) amusing post though.

only on gfy. lol.

onedree · 11-03-2005, 04:53 PM

Quote:

Originally Posted by onedree

Hello,

I am not a webmaster. I am a amateur model working my ass off trying to make an honest buck in this business. I read this thread and wanted to offer my two cents worth. It would be difficult to evaluate it fairly and objectively if I hadnt seen this persons dirty deeds for myself. Seems the webmasters here are lacking technique to stop people like ciao bella. Equally important, he and others must make a substantial profit off of your websites. How can you portray yourselfs with unlimited macho testosterone and allow people to take food off your table.

Is my questioned answered, nope, definitely not. That explains it! You all must have looked up to see if the sky was really falling and a bird shit in your face. You're only deceiving yourself, you know. The sad thing is, your cockyness will keep you in this situation, all because you're too ignorant to do anything about it. It's attitudes like yours is whats going to force sactions on this industry. I feel sorry for you all.

Ciao bella, why are you doing this?
Could'nt you earn more money legally with your obvious talents?

Ciao bella · 11-04-2005, 04:00 PM

Quote:

Originally Posted by Harmon

We like your Apache/1.3.33 1.88 PHP. You implement the same weak security features as Southern-Charms. *uno momento to laugh*

Code:
Thank You,
The Adult.com Team

Not quite sure what you are getting at

Signore, you sig displays Reality cash. We offer the all of Reality cash sites on our message board.
tp://warning.adult.com/?site=www.bigsausagepizza.com

Error in debugging reality cash security brings us to this page.

http://www.bigsausagepizza.com/?nats=MTE3OjU6Ng

Do yourself a favor signore, modify your affiliate log-on with better security. Some of you simply amaze me!

Code:

URL : http://www.realitycash.com/
ACTION : http://www.realitycash.com/check.cgi
TYPE : form
METHOD : GET
POSTDATA : random=-xxxxxREMOVED-xxxxx-&url=http%3A%2F%2Fwww.realitycash.com.%2F&password=<<user>>
REFRESH POSTDATA : True
COOKIE : 
REFRESH COOKIE : False
KEYWORD : SET
*******BEGIN KEYWORD *********
BLOCKPAGES : 0 FOUND
*******END KEYWORD *********
BLOCKPAGES : 0 FOUND

Signore, have a programmer that knows what they are doing re-write membership.com code too. It's a wonder you're all getting hammered!

Quote:

Originally Posted by Quagmire

Sorry I'm so late to the game, I had to find a pencil to type with as my fat sausage fingers were mashing all they keys around the ones I was trying to press. And in my rage I accidently knocked my grand latte mochachino into the keyboard.

*Spits out wine laughing!*

Quote:

Originally Posted by dynastoned

as more and more people become more computer litterate in this new day and age it also becomes easier for them to find things like free passwords. its probably part of the reason ratio's have continued to worsen every year. not saying its the only reason because its not but im sure it doesn't help any.. just my thoughts.. some of you probably should look into this as it can only get worse with time.

Quote:

Originally Posted by nexcom28

Seriously, you people are stupid, You talk like nothing can touch you but every single day 1000's of member's area's get hacked everyday. Ok, maybe it hasn't happened to you yet, but give it time..
Password sharing forums are real and on the rise, so what if the password is only available for a few hours, I know some forums that still have valid passwords from over a month ago. I can easily find passwords to any niche I desire without the need to pay, if paysites were more secure password sharing forums couldn't exist.. wise up people..

Yes, you are both absolutely correct. Todays surfers are educated. I have seen password message boards supply updated tutorials how to crack paysites.

Todays webmasters are uneducated or to cheep to secure their websites. Their practical method of security is implementing block.php after a select amount of attempts per account. We shake our heads with amused laughter seeing such lame security features. Review the screen shot of websites I posted above signore, then go to the sites listed and see their security. Sure, their security may stop some script kiddies and give them a false sense of security. Remember signore, script kiddie message boards may last a month while mother-load boards such as ours is paradiso.

Ciao bella · 11-04-2005, 04:00 PM

Ciao bella · 11-04-2005, 04:01 PM

Ciao bella

Ciao bella · 11-04-2005, 04:06 PM

Ciao amici,
This is my last post on your intellectually simulating message board. I've seen a lot of boring and repetitive replies from simpletons that do not know how to read. It makes me wonder some of your educational levels.

Bravo the porn industry, Bravo!

Ciao bella

Shap · 11-04-2005, 05:48 PM

Thanks for removing me from the list for a few days Ciao.

I was wondering what are your thoughts on Phil Uk?

Doctor Dre · 11-04-2005, 05:59 PM

Deluxepass having a spectacular security dosen't surprise me

Shap · 11-04-2005, 06:04 PM

Quote:

Originally Posted by Doctor Dre

Deluxepass having a spectacular security dosen't surprise me

I think he was being sarcastic.

I've also heard that auto generated user and passes are bad for retention as alot of members forget their user and pass and cancel earlier than they may have otherwise. Who knows if that's true.

Ciao bella · 11-04-2005, 07:52 PM

Quote:

Originally Posted by shap

Thanks for removing me from the list for a few days Ciao.

I was wondering what are your thoughts on Phil Uk?

Quote:

Originally Posted by Doctor Dre

Deluxepass having a spectacular security dosen't surprise me

Quote:

Originally Posted by shap

I think he was being sarcastic.

I've also heard that auto generated user and passes are bad for retention as alot of members forget their user and pass and cancel earlier than they may have otherwise. Who knows if that's true.

Who is signore Phil Uk? Is he a client of ours? Accurato signore Shap, I was being sarcastic pretaining to Deluxepass. A quote of mine signore from a previous post.

Quote:

Originally Posted by Ciao bella

Deluxpass was mis-advised thinking automatically generated numerical users & passes would defeat us. Deluxpass learned a hard & costly lesson.

Deluxepass sends the user:pass to their clients email addy. Look at the upper right hand corner of the Deluxepass screen shot I posted to see their user. They thought their security efforts couldn't be defeated.

Signore Shap, the skiddies want to play with your banroto account. If you haven't done so, encrypt your pass. Fai quello che devi fare signore. The skiddies are no so good deciphering encryption.

Numero uno signore Shap, ask swiftwill if they offer Apache versions other than your 1.3.31 ((Unix). Signore thehun uses Apache 2.0.52 ((Gentoo/Linux), a better version. Thehun makes no sense leaving ssh 3.9 port 22 open & port 1 closed & no firewall. Signore, Thehun might have a credential vulnerability. Signore Patrick, Thehun = stupido & needs a hair cut!

Exhaust your efforts if you like signore. My posted images on GFY are hosted on a public uploader server using a German proxy run through our CGI proxy. Dead end no joy signore.

Fino al nostro prossimo incontro.

Bravo the porn industry, Bravo!

Ciao bella

Shap · 11-04-2005, 08:08 PM

Quote:

Originally Posted by Ciao bella

Who is signore Phil Uk? Is he a client of ours? Accurato signore Shap, I was being sarcastic pretaining to Deluxepass. A quote of mine signore from a previous post.

Deluxepass sends the user:pass to their clients email addy. Look at the upper right hand corner of the Deluxepass screen shot I posted to see their user. They thought their security efforts couldn't be defeated.

Signore Shap, the skiddies want to play with your banroto account. If you haven't done so, encrypt your pass. Fai quello che devi fare signore. The skiddies are no so good deciphering encryption.

Numero uno signore Shap, ask swiftwill if they offer Apache versions other than your 1.3.31 ((Unix). Signore thehun uses Apache 2.0.52 ((Gentoo/Linux), a better version. Thehun makes no sense leaving ssh 3.9 port 22 open & port 1 closed & no firewall. Signore, Thehun might have a credential vulnerability. Signore Patrick, Thehun = stupido & needs a hair cut!

Exhaust your efforts if you like signore. My posted images on GFY are hosted on a public uploader server using a German proxy run through our CGI proxy. Dead end no joy signore.

Fino al nostro prossimo incontro.

Bravo the porn industry, Bravo!

Ciao bella

Thanks for the heads up. Could you email me at shap at twistys.com. I have a few things i'd like to discuss with you.

nofx · 11-04-2005, 08:25 PM

once again

this thread is a great read and ciao bella should win some sort of trophey

toddler · 11-04-2005, 08:57 PM

i can't believe you people are even slightly surprised about this. pw based security, especially on the web, is a joke and has been for a long time.

security will always be a problem, not even really due to the technology, but due to the people. its the same old argument of security vs usability. the closest thing to worthwhile i've seen in the recent past is certificate based authentication, and even that has holes.

but no, you stil in your little world thinking all is secure, and then get pissed when someone comes in and pisses on your parade.

Some of you pirate software/movies/music and are proud of yourself, but then get all huffy when someone cracks your 'security'. Karma's a bitch huh?

huey · 11-04-2005, 09:53 PM

highschool losers of the world unite!

pornstar2pac · 11-05-2005, 12:07 AM

Quote:

Originally Posted by shap

Thanks for the heads up. Could you email me at shap at twistys.com. I have a few things i'd like to discuss with you.

lol, he's not going to fall for that trick

11-02-2005, 12:42 AM	#154
selena Confirmed User Join Date: Aug 2004 Location: On The Edge Posts: 7,992	Very interesting read. Frankly, lots of it is over my head, but the poster sounds like he knows what he is talking about to me. __________________ ~ Doer of Things at MetArtMoney Where Flawless Beauty Meets Art ~The MetArt Network ~ selena.delgado9

11-02-2005, 01:03 AM	#155
Due Confirmed User Industry Role: Join Date: Mar 2001 Location: Murrieta, CA Posts: 3,620	Didnt read it all. But a easy fix could be making logins PHP based with sessions and cookie verification. before your user / pass match function put <? sleep(1); ?> In case of failed user pass put: <? sleep(5); ?> in case of visitor comming through a proxy put a extra function that requirre image verification. It will take 1 second to login if you enter a successfull user / pass, and 6 seconds before you get a responce if you enter a wrong combination. To make it more complicated you can additionally set PHP to return random apache headers. It wont stop hacking completely, but slow down the process so it will hardly be worth the effort. PHP w session / cookie based authorization can also be used as regular htaccess returning "200 OK" login for all requests, but only showing the actual content for people that made a match __________________ I buy plugs Skype: Due_Global /Due

11-02-2005, 11:09 AM	#159
Screaming I can change this!!!!! Join Date: Feb 2004 Posts: 18,972	I take it no one has sent him any money yet? __________________

11-02-2005, 11:40 AM	#160
Nicky Judge Jury and Executioner Industry Role: Join Date: Mar 2003 Location: Sweden Posts: 30,069	Interesting to say the least. __________________ gfynicky @ gmail.com

11-03-2005, 12:00 AM	#164
Jimbo Confirmed User Industry Role: Join Date: Oct 2001 Location: Montreal Posts: 3,989	[QUOTE=KCat]He said in the first post that he already has 6 GFY clients.[QUOTE] And you beleive that? __________________ free sex videos

11-02-2005, 11:02 AM	#158
NickJ So Fucking Banned Join Date: Oct 2005 Posts: 325	I come in Peace..

11-02-2005, 02:41 PM	#162
Ciao bella So Fucking Banned Join Date: Oct 2005 Posts: 175	Signore Shap is not a client of ours. Signore Shap is a classy webmaster. For Shaps understanding knowledge and respect, we removed Twistys access off our forum for 1 week. Ciao bella

11-02-2005, 06:03 PM	#163
onedree So Fucking Banned Industry Role: Join Date: Nov 2005 Location: Excercist image strickly for Halloween :=) Posts: 633	Hello, I am not a webmaster. I am a amateur model working my ass off trying to make an honest buck in this business. I read this thread and wanted to offer my two cents worth. It would be difficult to evaluate it fairly and objectively if I hadnt seen this persons dirty deeds for myself. Seems the webmasters here are lacking technique to stop people like ciao bella. Equally important, he and others must make a substantial profit off of your websites. How can you portray yourselfs with unlimited macho testosterone and allow people to take food off your table.

11-03-2005, 12:40 AM	#166
Due Confirmed User Industry Role: Join Date: Mar 2001 Location: Murrieta, CA Posts: 3,620	To make it easier I wouldnt add any proxy checkups, so you dont need to worry about your proxy lists being labelled __________________ I buy plugs Skype: Due_Global /Due

11-03-2005, 06:09 AM	#167
selena Confirmed User Join Date: Aug 2004 Location: On The Edge Posts: 7,992	Bumps for the challenge __________________ ~ Doer of Things at MetArtMoney Where Flawless Beauty Meets Art ~The MetArt Network ~ selena.delgado9

11-03-2005, 06:31 AM	#168
Harmon ( ͡ʘ╭͜ʖ╮͡ʘ) Industry Role: Join Date: Mar 2004 Posts: 20,000	In teresting post indeed. I remember the days of Mercs, OCH, Six Feet Under, Mr. Vega$... All you needed was a copy of Ares or Access Diver and a couple of wordlists... a fresh plate of about 1,000-2,000 level 3 or better proxies and you were in business. There were quite a few sites at the time that had their ccbill.log file available for the entire world to see with some simple exploits (http://www.yoursite.com/ccbill/ccbill.log) and all you need to do was copy, pste, and throw into JTR and have them decrypted. I think this guy is going about this the wrong way, and what he is in fact doing is extortion. The governement isn't going to help you though, unfortunately. They want you shut down, so complaining to them is kind of moot IMO. I'm going to do some research and see what I can come up with on this guy, for the sake of this industry. I still have a couple of acquaintances that are still involved in the underground. I will report back with my findings... __________________ [email protected]

11-03-2005, 07:00 AM	#169
pornstar2pac Omaha Hi/Lo Join Date: Nov 2003 Posts: 17,380	this is GFY thread of the year 2005 __________________ Trump haters gonna hate. that's all they can do

11-03-2005, 07:50 AM	#170
Bama Confirmed User Join Date: Nov 2001 Location: Redmond, WA Posts: 2,727	Sheesh Ciao, Chicko, Chachi ..or whatever the fuck your name is, You act like getting past an OCR image validation is some major accomplishment and you've got "mad skills" cause you finally figured out how to do it... How bout showing a trick that might actually impress somebody??

11-03-2005, 11:58 AM	#172
pornstar2pac Omaha Hi/Lo Join Date: Nov 2003 Posts: 17,380	Can you get me passwords to some tranny sites? __________________ Trump haters gonna hate. that's all they can do

11-03-2005, 01:56 PM	#174
MaDalton I am Amazing Content! Industry Role: Join Date: Feb 2004 Posts: 39,821	ciao bella - i think i like your attitude - somehow. it's just my lost money that makes me want to smash your balls. __________________ AmazingContent.com - providing only the best content and service since 2003 Monetize your content on Veegaz.com - one of Germanies largest VOD sites Got German traffic? We convert it into money for you! Skype: madalton02826 - Email: oltecconsult [at] gmail [dot] com

11-03-2005, 02:08 PM	#175
sumphatpimp Confirmed User Join Date: Aug 2002 Posts: 5,235	you miss the one and only point that matters you dumb dego! their is too much free porn on the internet! you adding to it don't make a shit! and besides that all your base belong to us! LMAO!

11-03-2005, 02:10 PM	#176
Harmon ( ͡ʘ╭͜ʖ╮͡ʘ) Industry Role: Join Date: Mar 2004 Posts: 20,000	We like your Apache/1.3.33 1.88 PHP. You implement the same weak security features as Southern-Charms. uno momento to laugh Code: Thank You, The Adult.com Team Not quite sure what you are getting at __________________ [email protected]

11-03-2005, 02:35 PM	#179
Quagmire Confirmed User Join Date: Jul 2005 Location: Stinkin' up your bathroom Posts: 6,490	Sorry I'm so late to the game, I had to find a pencil to type with as my fat sausage fingers were mashing all they keys around the ones I was trying to press. And in my rage I accidently knocked my grand latte mochachino into the keyboard. __________________

11-03-2005, 02:50 PM	#180
nexcom28 So Fucking Banned Join Date: Jan 2005 Posts: 3,716	Seriously, you people are stupid, You talk like nothing can touch you but every single day 1000's of member's area's get hacked everyday. Ok, maybe it hasn't happened to you yet, but give it time.. Password sharing forums are real and on the rise, so what if the password is only available for a few hours, I know some forums that still have valid passwords from over a month ago. I can easily find passwords to any niche I desire without the need to pay, if paysites were more secure password sharing forums couldn't exist.. wise up people..

11-03-2005, 03:09 PM	#183
Linguist Confirmed User Join Date: Apr 2004 Location: Toronto, ON Posts: 1,706	These "hackers" amaze me... why not put your energy into something that would make you money, instead of landing you into jail?... At least if you do something then keep it quiet instead of trying to extort money __________________ 315-310

11-03-2005, 03:24 PM	#185
dynastoned mmm yeah! Industry Role: Join Date: Feb 2005 Location: roseville, ca Posts: 5,061	as more and more people become more computer litterate in this new day and age it also becomes easier for them to find things like free passwords. its probably part of the reason ratio's have continued to worsen every year. not saying its the only reason because its not but im sure it doesn't help any.. just my thoughts.. some of you probably should look into this as it can only get worse with time.

11-03-2005, 03:26 PM	#186
seeric .......... Industry Role: Join Date: Aug 2004 Location: .......... Posts: 41,917	so, let me get this straight, you want to build a business model around a federal crime? (extortion) amusing post though. only on gfy. lol.

11-04-2005, 04:00 PM	#189
Ciao bella So Fucking Banned Join Date: Oct 2005 Posts: 175

11-04-2005, 04:01 PM	#190
Ciao bella So Fucking Banned Join Date: Oct 2005 Posts: 175	Ciao bella

11-04-2005, 04:06 PM	#191
Ciao bella So Fucking Banned Join Date: Oct 2005 Posts: 175	Ciao amici, This is my last post on your intellectually simulating message board. I've seen a lot of boring and repetitive replies from simpletons that do not know how to read. It makes me wonder some of your educational levels. Bravo the porn industry, Bravo! Ciao bella

11-04-2005, 05:48 PM	#192
Shap Confirmed User Industry Role: Join Date: May 2001 Posts: 8,313	Thanks for removing me from the list for a few days Ciao. I was wondering what are your thoughts on Phil Uk?

11-04-2005, 08:25 PM	#197
nofx Too lazy to set a custom title Join Date: Nov 2002 Location: Virgin Mary's womb Posts: 16,826	once again this thread is a great read and ciao bella should win some sort of trophey __________________ Often times I wonder why There's love and hate, theres live or die. When sickness comes I must decide: When feelings go, theres suicide.

11-04-2005, 08:57 PM	#198
toddler Confirmed User Join Date: Jun 2002 Location: austin, tx Posts: 1,911	i can't believe you people are even slightly surprised about this. pw based security, especially on the web, is a joke and has been for a long time. security will always be a problem, not even really due to the technology, but due to the people. its the same old argument of security vs usability. the closest thing to worthwhile i've seen in the recent past is certificate based authentication, and even that has holes. but no, you stil in your little world thinking all is secure, and then get pissed when someone comes in and pisses on your parade. Some of you pirate software/movies/music and are proud of yourself, but then get all huffy when someone cracks your 'security'. Karma's a bitch huh? __________________ http://www.flickr.com/photos/zoddler/

11-04-2005, 09:53 PM	#199
huey Confirmed User Join Date: Apr 2003 Location: vancouver Posts: 3,634	highschool losers of the world unite! __________________ opinions are like assholes................. "They aren't after me, they are AFTER YOU! Im just in their way" -D.J. Trump