|
I haven't read everybody's post here. But one thing I have to say is having the attitude of FUCK CRACKERS and SCREW these thieves is WRONG! You guys can have that attitude, I think it makes you more of a target. Look none of us are 100% secure and if you think you are you are wrong! Somebody has access to your server. So why piss them off? Why view them as your enemy? I think they can be much more of an asset if you put your ego aside and try to work with them instead of against them. I don't know Ciao Bella but you can be damn sure he isn't alone and someone out there has access to your shit!
|
are you those people that cost me 2000 bucks this month cause you hacked my Pennywize???
i want to say thanks personally - please send me your address |
very interesting post for sure!!
|
Is it just me, or does it look like Ciao Bella is fishing for info.
Seems to me like he has run into some issues he can't hack/crack and is looking for ways around it. Anyone who has a members area uses multiple ways to prevent/limit password/bandwidth theft. Any info we give this person has the ability to further compromise all of us. just my :2 cents: |
Love it! The Internet mafia...gotta cough up money every month for protection.
|
Quote:
Code:
berkeley.eduIt's astonishing reading the inflated ego's on this forum. The website security solutions mentioned by some have been defeated. We store all former website access hits on 1 of our other servers. To have a select amount of tries per IP before that IP is blocked does'nt stop our batches. As you are aware, many clients use the same user & pass when they re-apply to see the updates. Running a 3500 access batch on those produce 650+ active accounts. If our supply doesnt meet our demand, we rape your billing company logs. For the day or whenever, the proxies we used on 1 site are blocked, we have 1000's of other sites to run batches on where our proxies are not blocked. As I am sitting here, I just raped a cache and have accumulated 79 ISP proxies. The above entry is only 1 example how we obtain access. Quote:
Quote:
Quote:
Bravo the porn industry, bravo! Ciao bella |
I just wants to be part of this thread
|
Quote:
Now todays english lesson Probroly - probably* Accell - excel* Thank you ps - Uni students handing papers about how they broke the law isn't a very intelligent thing to do :2 cents: * I'm guessing these are the words you meant as you're spelling wasn't even close to correct |
see sig! Pay me protection money to protect you from paying protection money Hey at least I'm cheaper than those scriptkiddies :1orglaugh :1orglaugh :1orglaugh
|
please someone tell me they have a copy of that board screen shot???
|
Quote:
did you just copy paste my post or just read my mind way too much hehe? |
Quote:
|
|
You are a script kiddie. You are only as good as your scripts you get from IRC from ENET, you jackass. You should hop over to the phishers channels and exchange paypal IDs like the rest of the them.
http://www.halogod.com/albums/Owned-...urwords2yg.jpg |
lol, is this for real? One question "Ciao Bella" - how do you expect to get paid?
When someone would order your "service" and send you a wire/western union/check/paypal/epass/egold/cash to po box or whatever, they'd have your info in no-time with the anti-terrorism laws these days... and then the only question that remains is if the next knock on your door will be the good guys or the bad guys. |
Good question would be...what the fuck are you talking about?
how are you getting the billing companies log files? I call bullshit on that one. |
I want the last 5 minutes of my life back. :(
|
page 3 and still ok sig placement space...see sig
|
funny cia bella whatever your name is. htpasswd isnt hard to break, its like you just discovered accessdiver and a user name and password list, yes pennywize is a crap product, cause it allows 8 ips per day from the same host just incase your dialup changes etc. so yes running a proxy list against it doesnt take long. and many of the sites still use htaccess which is a fault. ever since ray installed strongbox on exploitedteens their password sharing has been brought down. passes used to be on forums , irc channels, etc. but ray would love to see how you can break by image verify. no one is going to pay you for anything. its password security on sites. you are just another number. lots of people have free porn, the money we make is about the people that dont know about free porn. we dont want your surfers. they are garbage. so i dont think anyone cares what you have to say about this matter. anyone can search on google or goto wt50 or goto chumash's site.
|
Oh crap, I need to get out of this industry right away. Some kid got a hold of a cracker.
|
DWHS has a custom script that blocks this shit for free. Infact it's installed on all servers for every account by default.
Problem solved. :winkwink: We learned this lesson back 2002. |
Who bumped this thread ? I thought this was old news
|
Yeah same, i wrote a custom package after pennywize failed so badly; it's not the users you need to trap, it's the proxy bots. Firewalls and open proxy rbl's are your friend. On another note alot of people consider the password sites good exposure.
|
To be truthfull dudes - the wankstains that use hacked passwords wouldnt pay for a membership if they COULDNT get a hold of a hacked password - they would wank over free porn.
Most people who use a stolen password probably cant afford to own a credit card so paysites wont lose money anyway. |
Jeez guys ... you got 3 options ...
option #1 : Have the hackers on your side option #2 : Hate on the hackers, and become a bigger target option #3 : Try to get people to investigate and pray they get busted. Not likely to happen. |
P.S. about anybody that say stolen password traffic is useless, you are WRONG ! spywares and dialers and stuff like that always works fine ;)
|
interesting read here -> bookmarked ;)
|
Not that I'm on the enemy's side.
But.... NONE of you gentlemen have even came close to giving as complete of an intelligent response as he's been. Even if he couldn't really do what he's saying. This mutherfucker knows how to market his services. Job well done. :1orglaugh And FYI, What he's saying is quite possible. No doubt about that. |
Quote:
|
Quote:
|
Quote:
|
Quote:
even the gov does ... watch Catch me if you can ;) |
Quote:
|
Very interesting read. Frankly, lots of it is over my head, but the poster sounds like he knows what he is talking about to me.
|
Didnt read it all.
But a easy fix could be making logins PHP based with sessions and cookie verification. before your user / pass match function put <? sleep(1); ?> In case of failed user pass put: <? sleep(5); ?> in case of visitor comming through a proxy put a extra function that requirre image verification. It will take 1 second to login if you enter a successfull user / pass, and 6 seconds before you get a responce if you enter a wrong combination. To make it more complicated you can additionally set PHP to return random apache headers. It wont stop hacking completely, but slow down the process so it will hardly be worth the effort. PHP w session / cookie based authorization can also be used as regular htaccess returning "200 OK" login for all requests, but only showing the actual content for people that made a match |
Quote:
great movie, just watched it the other day :thumbsup |
Quote:
Quote:
Quote:
http://www.gofuckyourself.com/showth...72#post8541672 http://www.gofuckyourself.com/showth...82#post8541682 http://www.gofuckyourself.com/showth...87#post8541687 Quote:
http://upload.illuminise.org/files/e...a692a58c86.jpg Strongbox defeated! http://upload.illuminise.org/files/3...56c457fc2b.jpg teentopanga proxy block & OCR (image) log-on defeated. New page to stop hackers? Lets see how their security works. http://upload.illuminise.org/files/2...8b29e7648b.jpg Doesnt seem their new security page stops hackers. Defeated! Gaining unauthorized access is a challange. Most programmers today are old school coders. They do not respect or realize the know-how of todays crackers. Deluxpass was mis-advised thinking automatically generated numerical users & passes would defeat us. Deluxpass learned a hard & costly lesson. Reviewing the prices of Strongbox are ridiculous. You can have the best security possible on your site. If your billing company is weak, your site is weak. It's not only your billing company, google and msn spiders tear you a new hole. Some billing companies require the client to use their email addy as their user. Many use their email addy pass as the site pass. We check for that error in judgement and have 1000's of stolen email addresses. We use those email addresses to register on places like GFY. Not only is your site security breached, so are your clients email addresses. Some accounts hold interesting data from other sources. We keep our message board secure. Only .edu email addresses are accepted. University students will not report us over the chance their future careers could be jeopardized. Futhermore, some of their fellow university students code for us. Wouldnt be healthy for them to be a hero. Its a constant rotation of college students. Each graduating class is replaced with freshmen. Replacement includes word of mouth which adds new universities each fall. Some mentioned the ugly word extortion. Signore, we do not want your $$. We make more $$ off your members area then you can pay us. Grande rispetto signore Shap & subVERSION! Bravo the porn industry, bravo! Ciao bella |
I come in Peace..
:thumbsup |
I take it no one has sent him any money yet?
|
Interesting to say the least.
|
| All times are GMT -7. The time now is 02:03 AM. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc