350 Vaporwares
it sucks that you will have to sue your own biz partner bro.

hey fris,

in your professional opinion, is it possible that if a software company such as brad's cannot secure simple permissions- that, other server and box/script relative aspects of the architecture could also be flawed?

what other things should brad look for? geo-targeting? other things?

Brad is a partner only in JBM.

He has nothing to do with MFM.

Fris ya can expect the sopena to be labeled with SIC CASH...

Ummm not ES.

LOL.

Isn't that what people always say when things like this are made public?
If things are kept off the board and out of public eye, no one is willing to give out a single dime.

it wasnt just that.

the executive stats mysql backup program was out in the open, which connects to a remote site and backs up all the data. revealing all that is very sensitive. that ftp information is very dangerous.

if someone got a hold of that, thats his company at risk. things should be secured tight before releasing a 25,000$ product.

he should really sit down and go over every directory every file. making sure nothing is being accessed. like why would you let anything in the public directory thats just common sense. you put sensitive data out of reach so it cant be accessed even if their is a bug. put it in paths that arent reachable.

the ass kissing can keep going now

where is the ever so popular glasses pic where you are looking for your penis?

my intention is to protect my biz interests.

You would be surpised what data is available on the market, money talks.

Billing databases are available, emails etc..

I would chmod 031337 it all then tweak the alternate reverse thrusters so the hyperdrive link server doesn't interfere with the HTMLiser backend database blahhahaha code modules

I am very aware of that, ask Greg :winkwink:

Your a dumb punk ass script kiddie...
I think ya just kinda screwed yourself in this biz really but don't know it yet.
I will take me looking at my small cock Zoolander style any day of the week than to be in your shoes.

Isn't the secret service meant to protect the president?

Summary?

Or should I just read the whole thing?


A flaw in Brads program, Brad wants to threaten with pissed on legal papers?

jk

i guess working in the it industry for 7 years doing system administration managing up to 5000 workstations and 250 servers doing security audits is considered being a script kiddie, but to each his own.

what did you do before adult? think what you want. i am not in this game to destroy anything. but keep the ass kissing up.

you are just another minion on gfy to me. love the comments you keep making it makes my day much better.

but all in all when the day is over you are just a shitstain amateur webdesigner with no talent. who will never compete with quashe, wyldesites, webinc or dickmans design. and i think you know that, which makes you upset.

:)

Fris,

What's a good email to send you qeustions regaring hiring out your security expertise?

Thanks.

Cool your a sys admin that don't make ya script god does it?

now is not a good time, i have about 200 people who just added me to icq last night, about 60 people msging me now. i have to call about 30 back today.

[email protected] i will eventually get to it.

my email is backed up as it is.

put in the header "so and so from gfy" so the filter doesnt grab it

when you show some decent design work. then you can talk.

otherwise shut your craw.

go back to being brad's bitch.

Your an idiot to...

Anthony asks you for info and ya say I will get back to you?


LOL!

Fucken tool.

better than saying he will get to it right away when he cant..

I believe you're an idiot too :winkwink:

Or...

You are also :1orglaugh

English is funny, I am learning Japanese.

Your probably right. As many out of Job IT guys there are these days he might be late for work at the salad bar.

it consulting and staffing is one of the hottest niches going right now.

advice: don't look back, don't look forward, look at now.

Yeah for penny's.
Nothing been the same for them since the .bomb.
Now they just run around thinking they are elite hackers alot of the time.

alien q is a rembling idiot at work...his posts make me giggle

re: fris posting public info.. Isn't it exec stats showing public info? Just because it takes some knowledge to access doesn't mean it's private.

you'd think someone selling a server based app for $25,000 would pay a professional company to do security audits to ensure his product isnt open to hacks. and to think this wasnt even a hack, it was a incorrect server setting that a 15 year old in a linux class in highschool would know. time to stop paying the isp's helpdesk guy to be head of security.

after reading most of his posts im starting to believe he's running ialiensecuritypro.com on the side and might be some how responsible for this.

exactly, fris shouldnt have a worry. its not like he hacked a password for it and posed the password.

thats giving him too much credit

Ahhh. Fossils..

Remember installing fossil drivers to get door games to work? Remember how happy you were when you watched bi-modem successfully transfer files in both directions simultaneously, over your shiny new DS/HST?

Those were the days :)

in many cases, yes it does. At least, if you a good sysadmin. Bad sysadmins just click buttons, good sysadminds understand how and why things work.


In this particular case however, that was a super dumbass move. A newbie move. Like someone outsourced the development move to some third world country where 'yeah, i can make teh scripts!'.

oh, and btw, i wonder if this data is in a google cache...

I love the "it's a server issue and not a script issue" comments...

You don't design an important script like this where you place data files in a location that "could" become accessable if you're server admins make a mistake.

You don't code database/script/server usernames and passwords in scripts. You store them in seperate files in some other location on the server and read them in at run time...

You can go on and on about how this was a "server" issue.. But at the end of the day, it was a server issue that caused the system faults to be discovered.. Those faults still exist until those parts of the script are re-designed and re-coded. Which means that anyone using this software could have that information exposed if something gets messed up in their server configuration.

There is no way to 100% secure this stuff... but what was done was VERY poorly designed.

Fris you are not very professional bringing this to a public board.

Your going to Fris your own ass for this.

Fris is a common criminal who day is coming.

http://www.packetstormsecurity.org/docs/hack/cart32.txt
http://packetstorm.linuxsecurity.com...k/proxydoc.txt


His domains include DreamBigMedia.com

http://www.whois.sc/dreambigmedia.com

My offer for a free security audit still stands Brad.
I know your twitching because its free!

from what ive read that was posted by MFM...fris is OWNED

Time FOR Fris to close Shop.

Brad, I think you should take him up on this offer :)

this thread keeps getting more entertaining each time i visit it...

http://packetstorm.linuxsecurity.com...k/proxydoc.txt


Damn damn...

Fris maybe you can jump from Haxor/IT field right into bonefied "Potential terrorist".

Hillarious. Someone who speaks Swedish as a first language corrects your English.

You're a piece of shit Alien. I hope you die.

I guess that makes CERT a bunch of "hackers" and "Terrorists"?

Potentially speaking.

I think you should wipe brad's shit from your eyes so you can see the light of day.

Once i think you cant be more stupid than you already are you go and raise the bar a little higher. Way to go!

will this thread hit 10 pages before the cops kick in the door ?

What's even funnier is that some of the idiots who are saying that fris is "owned" over there are the same ones that were saying the same of Brad here.

400........ :arcadefre