Levi, hit me up asap! Scrypted creator. - GoFuckYourself.com

The Duck · 05-24-2006, 09:29 AM

My server techs found some serious security issues with your script and they got my server hacked, need to get ahol of you right now so we can resolve this!

The Duck · 05-24-2006, 09:31 AM

Fixed!!!

The Duck · 05-24-2006, 09:31 AM

thanks levi swift reply got it all done in seconds, great service as always

The Duck · 05-24-2006, 09:37 AM

ok I guess I have an update, turns out that my server got hacked because Levi left the admin folder of the script at chmod 777 when he updated the script for me (which I appreciate). Lost tons of my visitors and some of my best trades for many sites... Thanks buddy!

And I didnt even get a sorry mate it was a mistake.

[18:31] Kandah: why didnt you fix the permissions when you upgraded
[18:31] Kandah: got several of my sites hacked
[18:32] Levi: dude wtf is your problem? I gonna help your update your shit anymore.
[18:32] Levi: I am not*
[18:32] Kandah: err
[18:33] Kandah: sorry but how would I know you left the admin at 777
[18:33] Kandah: and didnt pw protect it
[18:34] Kandah: I appreciate you did it and all but it cost me many of my best trades for other sites
[18:34] Levi: lol that admin is password protected and I am not your server admin. It's up to you keep scripts secure. If you would have read the README files. Wouldn't have been hacked.
[18:34] Kandah: lol dude
[18:34] Kandah: you updated it so I kind of expected you to not leave admin open at 777
[18:36] Levi: Alright you can do your own updates.

NemesiS876 · 05-24-2006, 09:42 AM

reinstal the computer and you will fix it

u-Bob · 05-24-2006, 09:45 AM

looks like people running scrypted should check their servers...

calmlikeabomb · 05-24-2006, 09:48 AM

From the Scrypted README file:

Quote:

Originally Posted by Scrypted READ ME FILE

1) Download the cms.zip from within the scrypted.com members area and upload all files.

2) Edit the variables inside 'mysqlvalues.inc.php'.

3) Set the permissions for 'templates' & 'images' directory plus all subdirectories to 777 ( read, write, executable by all )

4) Set the permissions for 'admin/galleries.txt' to 777 ( read, write, executable by all )

5) Set the permissions for 'galleries' directory to 777 ( read, write, executable by all )

6) Execute domain.com/install/install.php in your web browser.

7) Follow directions.

Follow the directions and you are safe.

The Duck · 05-24-2006, 09:53 AM

Quote:

Originally Posted by calmlikeabomb

From the Scrypted README file:

Follow the directions and you are safe.

yeah of course, but when you say that you are going to update it I wont go through it I expect you to do it right and not leave the site wide open to hackers.

calmlikeabomb · 05-24-2006, 10:04 AM

Quote:

Originally Posted by kandah

yeah of course, but when you say that you are going to update it I wont go through it I expect you to do it right and not leave the site wide open to hackers.

First of all, I am not your server admin.

Secondly, scrypted doesn't contain information related to accessing your server in the admin directories.

You're a known troll on this forum that likes to start shit.

The Duck · 05-24-2006, 10:09 AM

Quote:

Originally Posted by calmlikeabomb

First of all, I am not your server admin.

Secondly, scrypted doesn't contain information related to accessing your server in the admin directories.

You're a known troll on this forum that likes to start shit.

No, im not a known troll and the server techs at webair confirmed that the vulnerability was in your script and the way you set it up. Im just saying what the professionals told me.

calmlikeabomb · 05-24-2006, 10:12 AM

Post the vulnerability or stfu.

candyflip · 05-24-2006, 10:17 AM

Weren't you the one all happy that you got his script for free AND went on about the great service?

The Duck · 05-24-2006, 10:20 AM

Quote:

Originally Posted by candyflip

Weren't you the one all happy that you got his script for free AND went on about the great service?

yeah, didnt get it for free though. Hes been good to me in the past but this was just bullshit.

candyflip · 05-24-2006, 10:22 AM

Quote:

Originally Posted by kandah

yeah, didnt get it for free though. Hes been good to me in the past but this was just bullshit.

Wasn't sure. There was someone on here who was very happy with the service and support.

You should post the vulnerablity like me mentioned, or at least have Webair back you up.

Zarathustra · 05-24-2006, 10:23 AM

Quote:

Originally Posted by calmlikeabomb

Post the vulnerability or stfu.

Levi is a good guy, he's helped alot of people including myself. Kandah you fucked up and won't post proof.

kandah = troll

http://www.gfy.com/showthread.php?t=...ghlight=kandah

calmlikeabomb · 05-24-2006, 10:27 AM

Quote:

Originally Posted by candyflip

Weren't you the one all happy that you got his script for free AND went on about the great service?

Many months ago - before the script was called Scrypted, Kandah paid $75, then decide he didn't need the script, so I refunded his money.

Then a few days later he wants to buy it again, but for only $50.

I agreed and sold him the web application. So technically he never bought a Scrypted license, but I wont go there ; - )

05-24-2006, 09:29 AM	#1
The Duck Adult Content Provider Industry Role: Join Date: May 2005 Location: Europe Posts: 18,243	Levi, hit me up asap! Scrypted creator. My server techs found some serious security issues with your script and they got my server hacked, need to get ahol of you right now so we can resolve this! __________________ Skype Horusmaia ICQ 41555245 Email [email protected]

05-24-2006, 09:31 AM	#2
The Duck Adult Content Provider Industry Role: Join Date: May 2005 Location: Europe Posts: 18,243	Fixed!!! __________________ Skype Horusmaia ICQ 41555245 Email [email protected]

05-24-2006, 09:31 AM	#3
The Duck Adult Content Provider Industry Role: Join Date: May 2005 Location: Europe Posts: 18,243	thanks levi swift reply got it all done in seconds, great service as always __________________ Skype Horusmaia ICQ 41555245 Email [email protected]

05-24-2006, 09:37 AM	#4
The Duck Adult Content Provider Industry Role: Join Date: May 2005 Location: Europe Posts: 18,243	ok I guess I have an update, turns out that my server got hacked because Levi left the admin folder of the script at chmod 777 when he updated the script for me (which I appreciate). Lost tons of my visitors and some of my best trades for many sites... Thanks buddy! And I didnt even get a sorry mate it was a mistake. [18:31] Kandah: why didnt you fix the permissions when you upgraded [18:31] Kandah: got several of my sites hacked [18:32] Levi: dude wtf is your problem? I gonna help your update your shit anymore. [18:32] Levi: I am not* [18:32] Kandah: err [18:33] Kandah: sorry but how would I know you left the admin at 777 [18:33] Kandah: and didnt pw protect it [18:34] Kandah: I appreciate you did it and all but it cost me many of my best trades for other sites [18:34] Levi: lol that admin is password protected and I am not your server admin. It's up to you keep scripts secure. If you would have read the README files. Wouldn't have been hacked. [18:34] Kandah: lol dude [18:34] Kandah: you updated it so I kind of expected you to not leave admin open at 777 [18:36] Levi: Alright you can do your own updates. __________________ Skype Horusmaia ICQ 41555245 Email [email protected]

05-24-2006, 10:12 AM	#11
calmlikeabomb Confirmed User Join Date: May 2004 Location: SW Palm Bay, Florida Posts: 1,323	Post the vulnerability or stfu. __________________ subarus.

05-24-2006, 09:42 AM	#5
NemesiS876 Confirmed User Industry Role: Join Date: May 2006 Posts: 7,436	reinstal the computer and you will fix it

05-24-2006, 09:45 AM	#6
u-Bob there's no $$$ in porn Industry Role: Join Date: Jul 2005 Location: icq: 195./568.-230 (btw: not getting offline msgs) Posts: 33,063	looks like people running scrypted should check their servers...

05-24-2006, 10:17 AM	#12
candyflip Carpe Visio Industry Role: Join Date: Jul 2002 Location: New York Posts: 43,064	Weren't you the one all happy that you got his script for free AND went on about the great service? __________________ Spend you some brain. Email Me