Mysteriously Added Usernames - GoFuckYourself.com

Mutt · 06-13-2005, 11:38 PM

Here's the situation - there's a member, legitimate member, has signed up through CCBILL, he's been cancelled twice for being a pain in the ass - he logs in from 3 or 4 different IP addresses - the mystery is that he seems to have the ability to create new username/passwords to login once he's been cancelled - these new usernames don't show up in CCBILL's admin(not a cancelled member, not a manually added signup, not an active member,nothing) or Paycom's as a member. Anybody know what this guy could be doing to add new usernames for himself? This are now two usernames he has that CCBILL and Paycom don't show.

thanks

AlienQ - BANNED FOR LIFE · 06-13-2005, 11:40 PM

Get Strongbox

Matt 26z · 06-13-2005, 11:54 PM

Could be SQL code injection.

http://www.sitepoint.com/article/sql...n-attacks-safe

nofx · 06-13-2005, 11:56 PM

I would just blame Jesus

AsianDivaGirlsWebDude · 06-13-2005, 11:59 PM

Quote:

Originally Posted by Matt 26z

Could be SQL code injection.

http://www.sitepoint.com/article/sql...n-attacks-safe

Good article Matt, thanks!

ADG Webmaster

stevo · 06-14-2005, 12:08 AM

I have the same problem (even with Pennywize protecting my sites), people are able to hack my .htaccess and create their own accounts! I'm not sure how they do it either...

blackmonsters · 06-14-2005, 02:14 AM

Quote:

Originally Posted by Mutt

Here's the situation - there's a member, legitimate member, has signed up through CCBILL, he's been cancelled twice for being a pain in the ass - he logs in from 3 or 4 different IP addresses - the mystery is that he seems to have the ability to create new username/passwords to login once he's been cancelled - these new usernames don't show up in CCBILL's admin(not a cancelled member, not a manually added signup, not an active member,nothing) or Paycom's as a member. Anybody know what this guy could be doing to add new usernames for himself? This are now two usernames he has that CCBILL and Paycom don't show.

thanks

Simple...He has determined the name of the ccbill script on your server.
You most likely have the same name that the script comes with.

Solution: Change the name of the ccbill password script on your server to something like this:

ccbil39845wjHIiekjnsjj595j~smIMkmkbd.cgi

That should shut him down forever.

Godsmack · 06-14-2005, 02:23 AM

Quote:

Originally Posted by AlienQ

Get Strongbox

Yep, that solved it for me!

fris · 06-14-2005, 02:30 AM

strongbox is excellent, ray is good people

SGS · 06-14-2005, 03:22 AM

Looking forward to learning more about the new NATS security solution.

SomeCreep · 06-14-2005, 03:29 AM

Quote:

Originally Posted by Mutt

Here's the situation - there's a member, legitimate member, has signed up through CCBILL, he's been cancelled twice for being a pain in the ass - he logs in from 3 or 4 different IP addresses - the mystery is that he seems to have the ability to create new username/passwords to login once he's been cancelled - these new usernames don't show up in CCBILL's admin(not a cancelled member, not a manually added signup, not an active member,nothing) or Paycom's as a member. Anybody know what this guy could be doing to add new usernames for himself? This are now two usernames he has that CCBILL and Paycom don't show.

thanks

Make sure you are using the most recent ccbill and paycom scripts. The old ones have exploits.

SGS · 06-14-2005, 04:00 AM

Quote:

Originally Posted by SomeCreep

Make sure you are using the most recent ccbill and paycom scripts. The old ones have exploits.

That has always been the case. How recent is the most recent script?

Theo · 06-14-2005, 04:03 AM

talking about advanced porn surfer!

SomeCreep · 06-14-2005, 05:17 AM

Quote:

Originally Posted by SGS

That has always been the case. How recent is the most recent script?

I dont know, you'd have to call ccbill or paycom to find that out. When I say it is important to use the most recent script, I dont mean from month to month. I mean every couple of years, if one is experiencing problems with their script, they should call their billing company to make sure they are running the most recent version of their script.

blackmonsters · 06-14-2005, 12:59 PM

Some thick heads in this post.

Exploits in the ccbill script? So fucking what? They can't exploit a script that they can't find because you changed the name.....DAMNNNNNN!!!!!!

06-13-2005, 11:38 PM	#1
Mutt Too lazy to set a custom title Industry Role: Join Date: Sep 2002 Posts: 34,431	Mysteriously Added Usernames Here's the situation - there's a member, legitimate member, has signed up through CCBILL, he's been cancelled twice for being a pain in the ass - he logs in from 3 or 4 different IP addresses - the mystery is that he seems to have the ability to create new username/passwords to login once he's been cancelled - these new usernames don't show up in CCBILL's admin(not a cancelled member, not a manually added signup, not an active member,nothing) or Paycom's as a member. Anybody know what this guy could be doing to add new usernames for himself? This are now two usernames he has that CCBILL and Paycom don't show. thanks __________________ I moved my sites to Vacares Hosting. I've saved money, my hair is thicker, lost some weight too! Thanks Sly!

06-13-2005, 11:40 PM	#2
AlienQ - BANNED FOR LIFE best designer on GFY Join Date: Mar 2003 Location: IALIEN.COM - High Definition Video and Photographic Productions -ICQ 78943384 Posts: 30,307	Get Strongbox __________________ NAKED HOSTING FTW!11 I'm On The INSANE PLAN $9.95/mo! \| The Alien Blog Adult News Worth Reading Updated Daily \| Content For Sale! 641 PICS 216 MINUTES OF VIDEO $350.00 \|ICQ: 78943384 \|

06-13-2005, 11:56 PM	#4
nofx Too lazy to set a custom title Join Date: Nov 2002 Location: Virgin Mary's womb Posts: 16,826	I would just blame Jesus __________________ Often times I wonder why There's love and hate, theres live or die. When sickness comes I must decide: When feelings go, theres suicide.

06-14-2005, 02:30 AM	#9
fris Too lazy to set a custom title Industry Role: Join Date: Aug 2002 Posts: 55,372	strongbox is excellent, ray is good people __________________ Since 1999: 69 Adult Industry awards for Best Hosting Company and professional excellence. WP Stuff

06-14-2005, 03:22 AM	#10
SGS Confirmed User Industry Role: Join Date: Dec 2002 Location: Mallorca - Nottingham Posts: 5,176	Looking forward to learning more about the new NATS security solution. __________________ See sig...

06-13-2005, 11:54 PM	#3
Matt 26z So Fucking Banned Industry Role: Join Date: Apr 2002 Location: ¤ª"˜¨๑۩۞۩๑¨˜"ª¤ Posts: 18,481	Could be SQL code injection. http://www.sitepoint.com/article/sql...n-attacks-safe

06-14-2005, 12:08 AM	#6
stevo Confirmed User Join Date: Aug 2002 Location: Orlando, Florida Posts: 2,051	I have the same problem (even with Pennywize protecting my sites), people are able to hack my .htaccess and create their own accounts! I'm not sure how they do it either...

06-14-2005, 04:03 AM	#13
Theo HAL 9000 Industry Role: Join Date: May 2001 Posts: 34,515	talking about advanced porn surfer!

06-14-2005, 12:59 PM	#15
blackmonsters Making PHP work Industry Role: Join Date: Nov 2002 Location: 🌎🌅🌈🌇 Posts: 20,589	Some thick heads in this post. Exploits in the ccbill script? So fucking what? They can't exploit a script that they can't find because you changed the name.....DAMNNNNNN!!!!!! __________________ Get paid, get tools, get going with Camsoda Join Chaturbate get your cut of the pie