spoofing to get into paysites, some of you guys are getting hacked

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • latinasojourn
    Confirmed User
    • Oct 2003
    • 3191

    #1

    spoofing to get into paysites, some of you guys are getting hacked

    ok, i realize that probably the majority of surfers here are not paysite owners, so few people give a shit about this.

    but let me explain something.

    if surfers do not have to pay for content if has a ripple effect on everyone who does BUSINESS here.

    let me explain.

    all of our income comes from surfers, either directly or indirectly---if surfers don't buy memberships we ALL suffer, content producers, traffic jockeys, affiliates, everyone.

    and this shit ain't my hobby.

    now a german guy wrong a very effective hack to get into paysite member areas---if you OWN paysites i suggest you go to google and use the keywords: "www.mydomain.com" and "spoof" and if anything comes back you are getting free riders.

    if this is the case, and you also use ccbill, i am working with ccbill right now to implement the fix for this.

    and if you own a paysite (and i can verify it) post your contact info here and i'll send you the link to download this hack utility and you can try it on your own paysites---and the results will scare you into doing something about it.

    i will not post the link here.
  • latinasojourn
    Confirmed User
    • Oct 2003
    • 3191

    #2
    NO, paysite owners if you see you have a vulnerability to this do NOT post your contact info here for every hacker to start probing your sites.

    send me an email with your email address to a domain name you control ([email protected]) etc., and i will send you the link to this hacker utility.

    i hope no one will post the link here, but maybe some idiot will.

    get the info you need to tighten up your member areas:

    [email protected]

    i'll monitor this email for a few days only. have a good day

    Comment

    • nastyking
      • Nov 2002
      • 2174

      #3
      just for your information: this affects mostly paysite plugins, as they use the referrer for authentication but most normal paysites do NOT.

      Comment

      • fris
        Too lazy to set a custom title
        • Aug 2002
        • 55703

        #4
        thanks for the info n00b

        most of us already know about this.

        if feed A. gives access to site B.

        you just have to spoof the ref and target.

        most of us already know this.
        Since 1999: 69 Adult Industry awards for Best Hosting Company and professional excellence.

        Comment

        • toddler
          Confirmed User
          • Jun 2002
          • 1911

          #5
          Originally posted by fris
          thanks for the info n00b

          most of us already know about this.

          if feed A. gives access to site B.

          you just have to spoof the ref and target.

          most of us already know this.
          and do nothing about it....
          http://www.flickr.com/photos/zoddler/

          Comment

          • latinasojourn
            Confirmed User
            • Oct 2003
            • 3191

            #6
            does not affect only guys carrying feeds.

            Comment

            • nastyking
              • Nov 2002
              • 2174

              #7
              Originally posted by toddler
              and do nothing about it....
              there is not much you can do about it

              Comment

              • nastyking
                • Nov 2002
                • 2174

                #8
                Originally posted by latinasojourn
                does not affect only guys carrying feeds.
                bla

                Comment

                • MGibson
                  So Fucking Banned
                  • Jan 2005
                  • 772

                  #9
                  Actually just go to google.com and type in

                  www.site.com password ?

                  or soandsoscript.zip nullified


                  50 trillion backdoors and nullified scripts.

                  Comment

                  • Fake Nick
                    So Fucking Banned
                    • Jul 2004
                    • 7708

                    #10
                    its all about target audience , if you dont know this you prolly are NOT making any $$$$$

                    Comment

                    • just a punk
                      So fuckin' bored
                      • Jun 2003
                      • 32393

                      #11
                      Spoofs work on weak-protected sites that check referrer URL by means of .htaccess file. Normal paysites are protected with .htpasswd file and they can't be spoofed at all. For example, try to spoof one of my sites and you'll be fucked up.
                      Obey the Cowgod

                      Comment

                      Working...