eMoneySpace
Welcome, Guest. Please login or register.
Did you miss your activation email?
News: Earn your money online safely here at eMoneySpace. Dec 04, 2022 09:16 am




Urgent Help -- Hacker changed all the password for all the members
Print
Author Topic: Urgent Help -- Hacker changed all the password for all the members  (Read 6175 times)
donatien
Reputation: (+85)
*

Offline

Posts: 18222
Referrals: 4


I'm not donatien @bitcointalk thank U (‿)凸

View Profile
Reply #15: Jan 26, 2015 10:47 am

lol 5 dollar script. How it can be secure? Anyway aiman wrote a post about how to secure it.  thumbs up

I always smile why ptc sites who say
strong advertising anti cheat system latest generation no bot


While you can create thousand of bot and fake accounts and they catch nothing because their system is s**t ems
Logged
crystal32
Reputation: (+6)
*

Offline

Gender: Male
Posts: 189
Referrals: 3


View Profile WWW
Reply #16: Jan 26, 2015 07:57 pm

i see nothing funny about evil people! my site is being fixed thanks for the concern Smiley
Logged

asifshabir
Reputation: (+6)
*

Offline

Gender: Male
Posts: 2921
Referrals: 2

View Profile
Reply #17: Jan 27, 2015 12:25 am

It always good to know the pros before a more damage is done.
that guy helped me in fixing my site. I would suggest everyone to contact him. He is good developer , he can make your site more secure at less cost.
Logged
megojoe
Reputation: (+2)
*

Offline

Gender: Male
Posts: 72
Referrals: 1


View Profile WWW
Reply #18: Feb 07, 2015 02:39 am

Steve here

I will try to help some of you with PTC site

1. Yes they are hiting ptc sites and posting links to other sites
2. Yes they are changing pass words     of members
3. If is was a real hacker he would take your site off line
4. It is a young kid playing for what no telling maybe just to show how big he is down there or just trying to get cash for  ptc site owners to fix.

I am Not a hacker but i can hack in to almost any ptc site out there

why because I have fix or up dated the script one then once
I can unhash the sql pass to many users out there because most ptc members will use the same passwords for all the site they click at.(BAD)

What can you do
1. first if they or changing passwords - try this delete the password forgot file or rename it - why so they can't just take the users name and rename the pass
2. don't use admin for admin as your pass 
3. if you think he is try to hack your site Look in the cpanel error log if you see stuff like denial access  to server in the log ask your host to see if they can block that hits

4.The best  thing is to add cloudflare to your cpanel if you don't know how ask your hosting to add it for you IT IS FREE
if you dont know what it is them go here and learn https://www.cloudflare.com/

Be safe

Steve
« Last Edit: Feb 22, 2015 07:13 pm by megojoe » Logged

DiMya

Reputation: (0)
*

Offline

Posts: 5
Referrals: 0

View Profile
Reply #19: Feb 07, 2015 04:18 pm

Steve here

I will try to help some of you with PTC site

1. Yes they are hiting ptc sites and posting links to other sites
2. Yes they are changing pass words     of members
3. If is was a real hacker he would take your site off line
4. It is a young kid playing for what no telling mabey just to show how big he is down there or just trying to get cash for  ptc site owners to fix.

I am Not a hacker but i can hack in to almost any ptc site out there

why because I have fix or up dated the script one then once
I can unhash the sql pass to many users out there because most ptc members will use the same paswords for all the site they click at.(BAD)

What can you do
1. Fist if they or changing passwords - try this delete the password forgot file or rename it - why so they can't just take the users name and rename the pass
2. do use admin for admin as your pass 
3. if you think he is try to hack your site Look in the cpanel error log if you see stuff like denial access  to server in the log ask your host to see if they can block that hits

4.The best  thing is to add cloudflare to your cpanel if you don't know how ask your hosting to add it for you IT IS FREE
if you dont know what it is them go here and learn https://www.cloudflare.com/

Be safe

Steve



Hahaha you should know that i am the hacker and i create new account just to reply

1-I am not a hacker ... only a developer
2-I didnt hack those sites for no reason
3-Most owners are trusting me and give me their ftp details
So if i want to hack them i will do but NO
4-yes i am a kid but i do that just for warning them that their scripts are weak!
5-You say that i cant hack site .. bla bla
I get access to the admin panel and i can upload shell and destroy full site and control everything ...
6-You are giving them a Cheap advices ... password bla bla
They know that .. and i was not login by guessing admin password like you think !!
7-you NOT understand even what is hash and you say i can unhash it!! Hhhhhh yes by writing "Decrypt md5 hash..." in google !! Haha you are usng free websites that store hashed words like 12345 and admin ....
So the only way is brute force ..... and other ways that giving 50% chances .
8-So if i want to use the Backups of those sites for evil i was do that before but NO! I give them only warning and some owners are liers ...

9-About cloudflower ... most of the sites that i hack, they was using it .. without result because cloud is only for checking bots + proxy users + .....

So next time bro, dont talk if you dont know what are you saying!

-----------------

And my real advice to those owners is:
1-Use PDO
2-Filter their inputs if they use mysql or mysqli
3-Use A Firewall <- best solution

Good luck
Logged
demonicsheikh
Reputation: (+34)
*

Offline

Gender: Male
Posts: 7464
Referrals: 0


I am on work leave Amigos.... Leave a PM

View Profile WWW
Reply #20: Feb 07, 2015 04:37 pm


Hahaha you should know that i am the hacker and i create new account just to reply

1-I am not a hacker ... only a developer
2-I didnt hack those sites for no reason
3-Most owners are trusting me and give me their ftp details
So if i want to hack them i will do but NO
4-yes i am a kid but i do that just for warning them that their scripts are weak!
5-You say that i cant hack site .. bla bla
I get access to the admin panel and i can upload shell and destroy full site and control everything ...
6-You are giving them a Cheap advices ... password bla bla
They know that .. and i was not login by guessing admin password like you think !!
7-you NOT understand even what is hash and you say i can unhash it!! Hhhhhh yes by writing "Decrypt md5 hash..." in google !! Haha you are usng free websites that store hashed words like 12345 and admin ....
So the only way is brute force ..... and other ways that giving 50% chances .
8-So if i want to use the Backups of those sites for evil i was do that before but NO! I give them only warning and some owners are liers ...

9-About cloudflower ... most of the sites that i hack, they was using it .. without result because cloud is only for checking bots + proxy users + .....

So next time bro, dont talk if you dont know what are you saying!

-----------------

And my real advice to those owners is:
1-Use PDO
2-Filter their inputs if they use mysql or mysqli
3-Use A Firewall <- best solution

Good luck

Exploits and injections....
Perl exploits
Js exploits
Php exploits
Mysql exploits......

Many exploits but why using them in first place?
Logged

DiMya

Reputation: (0)
*

Offline

Posts: 5
Referrals: 0

View Profile
Reply #21: Feb 07, 2015 04:40 pm

Exploits and injections....
Perl exploits
Js exploits
Php exploits
Mysql exploits......

Many exploits but why using them in first place?

Do that only for warning owners and after get access to admin panel i leave a msg in last news or i send a pm

But some owners are liers
Logged
demonicsheikh
Reputation: (+34)
*

Offline

Gender: Male
Posts: 7464
Referrals: 0


I am on work leave Amigos.... Leave a PM

View Profile WWW
Reply #22: Feb 07, 2015 04:44 pm

Do that only for warning owners and after get access to admin panel i leave a msg in last news or i send a pm

But some owners are liers

Why are you damaging a property then sending the owner repair charges??

A developer has no right to use an exploit on someones site....
Logged

DiMya

Reputation: (0)
*

Offline

Posts: 5
Referrals: 0

View Profile
Reply #23: Feb 07, 2015 04:51 pm

Why are you damaging a property then sending the owner repair charges??

A developer has no right to use an exploit on someones site....

I didnt do any damage ...
Its better to warning him or a real hacker will take full server
Developer hasnt right to try exploits on other sites .. so after some topics i was planning to post a topic that will explain all exploits of aurora with solution ..
But i see that my account was banned! And no reply from support for weeks!
Logged
demonicsheikh
Reputation: (+34)
*

Offline

Gender: Male
Posts: 7464
Referrals: 0


I am on work leave Amigos.... Leave a PM

View Profile WWW
Reply #24: Feb 07, 2015 04:58 pm

I didnt do any damage ...
Its better to warning him or a real hacker will take full server
Developer hasnt right to try exploits on other sites .. so after some topics i was planning to post a topic that will explain all exploits of aurora with solution ..
But i see that my account was banned! And no reply from support for weeks!
So by your logic and this is a simple example so dont get mad.......
Anyone can break your teeth saying they were vulnerable and offer you a new plastic teeth for $200......
When you ask the guy why he break your perfectly good teeth. He replies just to tell you that they can be broken......
You buy the new teeth but after sometime he breaks those again......
When you ask him why.... He replies because they got outdated and now you must buy better ones
Logged

asifshabir
Reputation: (+6)
*

Offline

Gender: Male
Posts: 2921
Referrals: 2

View Profile
Reply #25: Feb 07, 2015 04:58 pm

I would suggest all aurora owners to either get their script secured from any experienced coder or contact this person , who is warning your all.

this might save your from big dammage,

As we all know aurora is not very secure script Smiley
Logged
demonicsheikh
Reputation: (+34)
*

Offline

Gender: Male
Posts: 7464
Referrals: 0


I am on work leave Amigos.... Leave a PM

View Profile WWW
Reply #26: Feb 07, 2015 05:05 pm

I would suggest all aurora owners to either get their script secured from any experienced coder or contact this person , who is warning your all.

this might save your from big dammage,

As we all know aurora is not very secure script Smiley


Do you consider him or her a developer?

Then I learned a valuable lesson and definition of developer here..... rofl
Logged

DiMya

Reputation: (0)
*

Offline

Posts: 5
Referrals: 0

View Profile
Reply #27: Feb 07, 2015 05:07 pm

So by your logic and this is a simple example so dont get mad.......
Anyone can break your teeth saying they were vulnerable and offer you a new plastic teeth for $200......
When you ask the guy why he break your perfectly good teeth. He replies just to tell you that they can be broken......
You buy the new teeth but after sometime he breaks those again......
When you ask him why.... He replies because they got outdated and now you must buy better ones

I will not see that i was right.
But i didnt demand money .. most secure works are for free

And this is last time that i will warning an owner
Logged
demonicsheikh
Reputation: (+34)
*

Offline

Gender: Male
Posts: 7464
Referrals: 0


I am on work leave Amigos.... Leave a PM

View Profile WWW
Reply #28: Feb 07, 2015 05:10 pm

I will not see that i was right.
But i didnt demand money .. most secure works are for free

And this is last time that i will warning an owner

Its funny how people here showed screenshots of certain emails with a ransom note + certain skype id......
Logged

DiMya

Reputation: (0)
*

Offline

Posts: 5
Referrals: 0

View Profile
Reply #29: Feb 07, 2015 05:19 pm

Its funny how people here showed screenshots of certain emails with a ransom note + certain skype id......

You mean Zerofide ?
He was a friend and i show him exploit but use it for bad things
Logged
Print
 
Jump to:  
Copyright © 2008-2022 eMoneySpace. All rights reserved.