Oops ya back up now. :1orglaugh

Cool, well guess who will be stopping by for coffee and chat with Leaseweb
on monday :thumbsup

Hmm, yup they are at it again.

Well DynaSpain, I have no content for them to steal but thanks for your effort on behalf of everyone. :)

Here's a screencap I've found of that specific post while it was still in the links section: hxxp://83.149.72.33/image9432hj42.php

Seems KrissKross was correct :/"

Interesting that your nick is Lettiz and within a couple IP's on the server from RIP is a open directory called lettiz

http://83.149.72.113/lettiz/

RIP-PRODUCTIONS is http://83.149.72.107
RIPNETWORK is http://83.149.72.106

fusker their viewattachment.php it will bring the server to a hault or make the mysql loads go crazy ;)

http://www.leaseweb.com/ they wont like the content hosted on their servers, just emailed abuse@ wont take long before they pull the plug

how did they get the passwd file?

i doubt they have it, unless they used some wacky sql injection on strongbox, which ray wasnt aware of.

Dont just C and D them. FIND them.

:1orglaugh

I did. Posted it here as well. But DynaSpain is working in the same building as Leaseweb and he went by to have a little chat. After that the site went down. Apparently 'the powers that be' didn't know about it :winkwink:

So he's dropping by again on monday.
However, I read that APPARENTLY those originals owners didn't resurrect the board but somebody else. So fingers crossed.

I'll go there on monday. The people that run it are dutch and if it's hosted
with a Dutch provider I will get them to shut it down without a problem.

I'll let you guys know the outcome. Last time they were very accomodating.
Once I explainded the story and showed them what was going on they shut
them down without discussion as I know any Dutch provider would.

:thumbsup

god damn.. thats fucked up

That is really strange - they showed as Internap this morning and now leaseweb - thats from whois.sc

In fact I managed to the ip from my history - it was - http://www.whois.sc/64.74.223.66

Strange?

Smokey - you got any ideas?

that appears to be one of enom's IPs.

They probably had it temporarily parked there.

Yeah,

Same server

> telnet 83.149.72.113 25
220-srv1.femalesoldiers.net ESMTP Exim 4.60 #0 Sun, 12 Mar 2006 04:56:38 +0100
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
500 unrecognized command
500 unrecognized command

:( :321GFY :321GFY

The fuckers are at it again!
 

For those who still have access, check hxxp://rip-productions.org/forum/showthread.php?t=95170

Its another full LA siterip, we should notify that webmaster too.

lol, pwned.. :321GFY

and who the fuck are you? The same Lettiz that signed a few mins ago and already unmasked as coming from rip productions? Oh, wait, you just were waiting fro your chance to post about this throughout the time, right bloke? :1orglaugh

WOW! Sales have been fucking un-real this weekend!!

Best sales weekend ever!

I wondered where the extra traffic had come from...

If they really do have my userlogs at least they can even see themselves how much extra money they've made me! :1orglaugh

:1orglaugh :1orglaugh :1orglaugh

Monday morning bump

Quick update I haven't been able to visit them today due to my work but
I did call them for an appointment on wednesday. So as soon as I get back
from them I will give everyone the next update. If anyone has additional
usefull info please get in touch with me, my contact info is in my sig or
send me an email: info (at) servergenius dot com with RIP in the subject
line so it won't get trapped by my spamfilters.

:thumbsup

bump for the US folks

:thumbsup :thumbsup :thumbsup

can anyone summarize this thread in one sentence?

There's no evidence in the thread of any bug in Strongbox.
The poster simply found a password to his site on a forum at http://www.katx.biz/ .
After the passwords were retrieved due to a bug in one of his PHP scripts,
Strongbox blocked those user names but he did find one that he was able to
use before Strongbox blocked it totally. Still, Strongbox has some simple
ripping protection, so you can see in the posted images that the attacker
had to write a custom program to rip that site and had to do it quickly, before
Strongbox disabled the user name.

Any updates?

:smilie_we :xmas-smil :xmas-smil :rainfro

any updates on this?

This fuck keeps messaging me.. nut job..

anyone got a user/pass to the site ?

Would be so good to see this site buried for good

DynaSpain I've emailed you

spanno - yes I have ... you got msn?