|
Quote:
|
Any company affiliated with this guy should nuke his accounts and withhold his payments... I wouldn't want to be associated with this scamming fuck.
Report him to law enforcement, and sue him for damages... he needs a wake up call. |
Quote:
|
Quote:
tracktraff.cc Domain Name: TRACKTRAFF.CC Registrar: TV CORPORATION Whois Server: whois.www.tv Referral URL: http://www.tv Name Server: NS1.TRACKTRAFF.CC Name Server: NS2.TRACKTRAFF.CC Status: ACTIVE Updated Date: 24-feb-2005 Creation Date: 24-feb-2005 Expiration Date: 24-feb-2006 Last update of whois database: Mon, 7 Mar 2005 20:00:18 EST tracktraff.cc Registrant: Pavel Petroff ([email protected]) PO BOX 2176 Moscow, NONE 119992 RU +7.5017000206 Domain Name: tracktraff.cc Administrative, Technical, Billing Contact: Pavel Petroff ([email protected]) PO BOX 2176 Moscow, NONE 119992 RU +7.5017000206 Record created on Feb 24 2005. Record expires on Feb 24 2006. Domain servers: ns1.tracktraff.cc ns2.tracktraff.cc ------------------------------------------------------ 700k.com Registrant: Invisible group 295 Greenwich str. #353, Spb/P New York, NY 10007 US +1.2129645528 Domain Name: 700K.COM Administrative Contact: WM, Paul [email protected] 295 Greenwich str. #353, Spb/P New York, NY 10007 US +1.2129645528 Technical Contact: WM, Paul [email protected] 295 Greenwich str. #353, Spb/P New York, NY 10007 US +1.2129645528 Record expires on 04-23-2005 Record created on 04-23-2003 Domain servers in listed order: NS1.YELLOW500.COM 81.3.164.1 NS2.YELLOW500.COM 217.146.192.22 ---------------------------------------------------------------- Domain Name: GALSTEAM.COM Registrant: Invisible group Paul ([email protected]) 295 Greenwich st. #353, Spb/Pint #20 New York NY,NY-10007 US Tel. +1.2129645528 Creation Date: 17-Apr-2004 Expiration Date: 17-Apr-2005 Domain servers in listed order: ns1.galsteam.com ns2.galsteam.com Administrative Contact: Invisible group Paul ([email protected]) 295 Greenwich st. #353, Spb/Pint #20 New York NY,NY-10007 US Tel. +1.2129645528 Technical Contact: Invisible group Paul ([email protected]) 295 Greenwich st. #353, Spb/Pint #20 New York NY,NY-10007 US Tel. +1.2129645528 Billing Contact: Invisible group Paul ([email protected]) 295 Greenwich st. #353, Spb/Pint #20 New York NY,NY-10007 US Tel. +1.2129645528 -------------------------------------------------------------- |
Quote:
|
well the mother fucker dont seem to care that we are after him beacuse he is still doing it to us 14 times this night when i was sleeping its a good thing my parnter is in a nother time zone
we are talking to the superviser from extremerack tomorrow and hope to god they can do something about this mother fucker and still the tech claim nobody has been on the server but my partner was online at the same time as him deleteing the shit he did only to see that 2 sec later he rebuilt the site agian with his shit what I find odd is that how can someone upload or edit the main page on the server, without leaving his IP in logs :disgust we altso found out that he dosent only add a code he modifys all outgoing link to the thumbs this is the real comus thumb link: <a href="/ct/cx.php?i=3316&s=65&t=1"> <img src="/ct/thumbs/tn3316.jpg" alt="http://www.nsgalleries.com/hosted1/jb/gals/avena2/index.php?id=102233" width="120" height="120" class="stateoff" onmouseover="mo(this); window.status='Rating=76.91 Votes=66603 Used=866 Age=17'; return true;" onmouseout="mx(this);" onclick="mc(this);" > bad one: <a onclick="doclick(this)" href="/ct/cx.php?i=3316&s=65&t=1"> <img src="/ct/thumbs/tn3316.jpg" alt="http://www.nsgalleries.com/hosted1/jb/gals/avena2/index.php?id=102233" width="120" height="120" class="stateoff" onmouseover="mo(this); window.status='Rating=77.56 Votes=66162 Used=853 Age=17'; return true;" onmouseout="mx(this);" onclick="mc(this);" ></a></td><td> doclick(this)" isn't supposed to be in the link!!!!! that loads his code that he places on the site <script> clicks = 0; function doclick(a) { clicks++; if(clicks hahahaha 2) a.href='http://www.tracktraff.cc/cnt/processor?reddevil'; } </script> So basicly he have a premade comus template that he simply uploads and rebuilds its not even halg the same as the one we use all the time so So can somebody find him and kick the shit out of him? |
bump so this mofo gets busted
|
arent any of the sponsors lookin at this shit eh?
they'd have all his real info and anyone who wanted to could do something from there... |
i hope they do beacuse like you sade all the info is there so now we can only hope they will close him down and that we can find how the fuck he is getting on our server
|
Nice digging folks, and a bump....
|
this has turned out to be quit an intresting read. well done guys.
tony |
its going to be well done when we find the fucker and he is totaly out of bizz
|
this is fucking amazing he edited the site now agian god damn yea ha
|
did this happen to anybody else that is hosted at extremerack?
do there security suck or? |
Quote:
Code:
open (FILE,"$name_supplied_by_user_in_a_form"); |
but who the fuck can he get the pass agian after we changed it 5 times?
|
Quote:
Try googling your software + ver # + 'exploit' and see what you come up with. |
Quote:
What is your URL, I'll take a look. |
doing it now
|
[QUOTE=V_RocKs]ONCE AGAIN.. HE DOESN"T GET IN THROUGH THE FRONT DOOR DIPSHIT...
DIPSHIT :1orglaugh |
100 :thumbsup
Just read this one from start to end... Great sleuthing, and I hope this guy gets caught and punished severely. With everyone working together, hopefully this thief will pay a big price. :) |
its been 2 days now paxton and he is not stoped yet;(
|
It also sounds like he is using a cron to reset the shit everytime you fix it.
|
grep your web directories for,
passthru system PASSTHRU exec |
talking to the tech now
|
no weird cron jobs
|
tekkies made a lot of tweaks on the server
let's see how it goes and still all sponsors that have been listed here please ban the fucker |
And another bump.
|
Thanks man:)
|
man i hope you get this fucktard
|
his newest hit bot url.. just hit one of my sites as a trade a little while ago..
freesexforall.net |
god damn how many sites does he have hmm
|
What are you doing dude? thats not right. :mad:
|
what do you mean?
|
Quote:
|
Bump... I hope you catch him! I'm sick of these fuckers hitbotting with a new domain every other day.
|
I don't know if this is the same guy or not, but he was hitting one of my TGPs a lot the last month.. with a new domain hitbotting me every day, then redirecting to some domain like u-232.com or something like that. The domains were:
livexdol.com newfreeworld.com annandcindy.com 50only-girls.com 1000freelove.com 15xxxtenn.com 1bignumber.com besthottop.com xteyn.com supernaturallove.com x4real-baby.com jikypix.com The most common WHOIS data (it's the same on 7 of them): Registrant: GPS all fisher ([email protected]) kolomiag str 15 k51 Saint-peterburg RU,195290 RU Tel. +881.5464666 Creation Date: 23-Aug-2004 Expiration Date: 23-Aug-2005 Domain servers in listed order: ns0.hqhost.net ns1.hqhost.net Dunno if this is the same guy. |
Add sex-bunnies.com to the cheater's domains. Found the same refcodes on it for several of the programs crockett mentioned in an earlier post, in addition to the extron refcode. Also the xbang refcode is the same as on empgs.com.
|
Thanks damagex ;)
|
thanx damage ...
i've been sending you some info 1month before... that trades seemed to be so strange ... |
| All times are GMT -7. The time now is 08:32 PM. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123