pussyserver - BANNED FOR LIFE

I swear your shit is most likely hacked

the script kiddies on IRC are looking for ways to profit after rooting your box

MAJOR holes major major major holes

there is an app now that just about just ask the kiddy to put in URL and click go after he clicks go the script auto hacks the entire server ( even jailed accounts ) and sets ups a bot on a hidden IRC channel

from here it is realy bad biz since not only the kiddy has access but whoever it it whom wrote the script

you are especialy vuln if you run any type of host manager software like cpanel , ensim, plesk, etc etc

just an FYI

good night

TheSenator

You must be kidding me... http://www.cpanel.net

That shit is written by a phenom.

__________________
ISeekGirls.com since 2005

mryellow

Some very poor code out there in this market.

I'll be releasing a free script sometime soon that will be robust and work how it should.

edit: and yeah why would you install cPannel and open up admin functions to
HTTP. Just get a better host that fixes things fast. i.e. Cyberwurx.

-Ben

__________________
Cyberwurx Hosting
After trying 5 different hosts, I found the best.
Since 1997 I've had 2 hours of downtime.
Fast support, great techs, no hype, no gimmicks.

<- I in no way endorse whatever just got stuck on the left of my post.

Shaze

what do you mean by "canned tube script"?

__________________
Adult Search Engine Japanese Porn Thai Porn

rapmaster

lol I just posted another thread about cpanel... is it really that vulnerable?

__________________
http://en.wikipedia.org/wiki/SIG_Sauer_P226

pussyserver - BANNED FOR LIFE

go to google type in youtube script or clone script

if rthe solution you use is in the top 20 results os rybe etc etc then yeah most likely you you have a backdoor

from I am being told this is connected to ffmpeg so if your site dosent use ffmpeg for conversion you shouild be ok

TonyB

This guy has no idea what he's talking about.

GrouchyAdmin

This is GFY, after all.

__________________

pussyserver - BANNED FOR LIFE

o rly?


and you know this because....?

dozey

You must be confused, FFmpeg vulnerability sounds plausible. Infact, google says so too;

http://www.google.com/search?hl=en&client=opera&rls=en&hs=syh&q=ffmpeg+v ulnerability&btnG=Search

And off the shelf scripts? no brainer, most are likely to be full of security holes.

TheSenator

That is so 2005

__________________
ISeekGirls.com since 2005

ztik

lol.. ok.

Watch it all go down. Because 99% of webmasters are 100% absolutely retarded and understand anything about the web

__________________
.

dozey

Which makes it how much less plausible?

2012

the script that has been floating around for months ... good luck with that. It's not hard to secure your .flv's or a process that produces them with ffmpeg. Just know what you're getting into when you decide to make a "tube" site and hire a "flash guy" that knows his shit ... better yet just read a little ... otherwise stick to thumbnail image galleries

__________________
best host: Webair | best sponsor: Kink | best coder: 688218966 | Go Fuck Yourself

pussyserver - BANNED FOR LIFE

that TonyB guy some clueless surfer

in any case

from my understanding there is a way to execute
arbitrary code just like the above sploit except this one uses a high level priv account ( you know like apache and anything else use ) I do know that is has something to do with a buffer overflow and stack vuln in a key piece of code associated with FFMPEG

I would not have any reason at all to make this shit up

no way for me to profit

get that crap off your box and run a rootkit checker

pussyserver - BANNED FOR LIFE

major corporations and gov agencies are still runing exploited boxes from 2001...


age means nothing here

dozey

You're absolutely right, there are already vulnerabilities on record.

marketsmart

fucking LOL... anyone who is dumb enough to install a "free anything" script without having a security consultant or hacker as a "trusted" friend look a the script, deserves anything they get...

i would venture to guess that 50&#37; or more of all the worlds servers and pc's are compromised with some type of backdoor...

rootkits are even worse because they allow for full takeover and monitoring of a pc or server....

Evil E

My guess is that it's only problematic for tubes sites that have the option of user submitted videos if the bug is with ffmpeg. I guess the script's will be publicly disclosed pretty soon since a lot of people seem to be aware. I will ask around.

__________________


A girl once told me "Give me 8 inches and make it HURT".

So, I fucked her twice and hit her with a brick.

ClickBuster

quoted for truth

__________________
-- ClickBuster
-- ICQ# 263653704
-- Email: clickbuster1 [-at-] gmail [-dot-] com

2012

okay then ...

It would be great not to worry about flash. I love it. So many great things you can do. On the other hand... their(there) is an extremely large potential for just about anything you can think of with an .swf. When ffmpeg is converting a file it's making an .flv. An .flv can't execute any code as far as I know.The malicious code being executed in the process on these fucked scripts is php. Know the code in your player(swf).

thank you and fuck you very much

__________________
best host: Webair | best sponsor: Kink | best coder: 688218966 | Go Fuck Yourself

pussyserver - BANNED FOR LIFE

I am not here to prove anything

..... if you are running one of those backdoored ass scripts just know that more then likely your system has already been hacked they cann acces your emails, passwords and even take over your domain

word of advice...uninstall that crap...imediately

and by the way... this thread is absolute fact

there are other ways to make money and or better scripts but common sense should tell you all that anytime something is availible for free on such a large scale... there has to be a reason... think about it

2012

also if you have a flash player make sure the code is in a seperate .as file with the correct permissions ... otherwise you're shootin craps homie :D

__________________
best host: Webair | best sponsor: Kink | best coder: 688218966 | Go Fuck Yourself

fris

this is why you should go custom, because most of the scripts out there you can get one way or another, and then people can examine the code, and a lot of them arent even encoded, easier for them to find bugs

__________________
Since 1999: 69 Adult Industry awards for Best Hosting Company and professional excellence.


WP Stuff

halfpint

Any badly written script that has holes or backdoors in it is vunrable. As I found out with a badley scripted Top Site. The hackers got into my cpanel through a hole in the script and deleted my website.

__________________

Get FREE website listings on Cryptocoinshops.net

dozey

I was kinda looking forward to contradicting your useless uneducated ramblings. Well, now I can.

http://www.kb.cert.org/vuls/id/544656

No doubt tube sites utilising FFmpeg compiled with libFLAC / FLAC support are now at risk of malicious user uploads.

quantum-x

if you run apache any higher than nobody you're asking for trouble

Kevsh

Bah, it doesn't matter much anyway. Most of those sites are stocked with the same videos that have been saturated on p2p apps for years now. It's a fad and still most I doubt are making any profit.

Remember a few years back they had those canned PPC sites - run your own search engine for $20? Where are they all now.

BerdoR

[QUOTE=Kevsh;13396043]Bah, it doesn't matter much anyway. Most of those sites are stocked with the same videos that have been saturated on p2p apps for years now. It's a fad and still most I doubt are making any profit.
QUOTE]

yahoo-xxx-girls.com

Well... if you are worried about hackers then switch over to a Linux or Unix box and you will have much less troubles... providing you are a full time geek that is!

Later,

__________________
sig too big

erots

This means people who are affected use FFMPEG. There are many other encoders/decoders available so people who use these others are not affected. Also people who don't accept public submissions are not affected. Also like somebody already said if anyone is running apache with user that has way too many permissions he is asking for trouble anyway.

erots

I don't remember FFMPEG running on Windows anyway... or many people running Windows servers or tube scripts in Windows. So what you are saying here basically is total nonsense

pr0

ahahahahahahahahaha

__________________
__________
Loadedca$h - get sum! - Revengebucks - mmm rebills! - webair (gotz sErVrz)

drjones

If you're running your video encoding routines on the same server the videos get served from, you arent getting shit for traffic anyways. Wont lose much:P

__________________
ICQ: 284903372

mryellow

LOL.... Sorry to jump on the pulling down of others that seems to be the
trend on this thread.... but that's just silly mate. The exploits we're talking
about are designed for *nix servers.

No one in their right mind runs a windows box for anything except windows
media streaming. It's just not done that way in adult.

-Ben

__________________
Cyberwurx Hosting
After trying 5 different hosts, I found the best.
Since 1997 I've had 2 hours of downtime.
Fast support, great techs, no hype, no gimmicks.

<- I in no way endorse whatever just got stuck on the left of my post.

Phil

people that use canned scripts are racists!

__________________
Ask Phil

The Captain

heh, I thought I'd tinker with a tube site a bit. Bought ClipShare, put it up oin my server. no real traffic. with in a month we were hacked. I had it staged out on a dev server, so it was no big deal, but thats just an example to support the thread.

__________________

2012

congrats

__________________
best host: Webair | best sponsor: Kink | best coder: 688218966 | Go Fuck Yourself

blogman9

This thread submited to: http://www.thereisnomoneyinporn.com

blogman9

sorry not this thread :/

pussyserver - BANNED FOR LIFE

Redtube.com just got hacked

told you fuckers