Password sites question - GoFuckYourself.com

EvilAL · 10-20-2002, 05:34 AM

So I was looking to see what pages were currently indexed in Google, and who is linking to me...and I came across a couple password site messagebaords in the results.

After a few hours of digging around those passwords sites... I noticed a couple of common responses. A surfer would request a password to a site...and the cracker would reply "sorry...its Ibill without the 900 option".

Can anyone tell me "what do I need to know about web900 and security issues?" This has probably been covered in a past thread that I missed...but thanks in advance for any insight shed on this topic.

Respectfully,

EA

Calvinguy · 10-20-2002, 07:31 AM

If you can guess a valid pincode it should be easy to get access

ZoiNk · 10-20-2002, 07:45 AM

It would probably try and brute force every possible pin code trying to get access to the site (which for a program could be a couple minutes)
ZoiNk

EvilAL · 10-20-2002, 11:39 AM

Thanks for the responses.

EA

borys · 10-20-2002, 01:19 PM

There's an old misconception in the cracking community that iBill sites that don't use web900 assign user passwords and therefore cannot be bruteforced.

PxG · 10-20-2002, 02:10 PM

ea,
if you're worried about brute force attacks, proxy based attacks, etc., check out http://www.proxypass.com

PxG

10-20-2002, 05:34 AM	#1
EvilAL Registered User Join Date: Jun 2002 Posts: 42	Password sites question So I was looking to see what pages were currently indexed in Google, and who is linking to me...and I came across a couple password site messagebaords in the results. After a few hours of digging around those passwords sites... I noticed a couple of common responses. A surfer would request a password to a site...and the cracker would reply "sorry...its Ibill without the 900 option". Can anyone tell me "what do I need to know about web900 and security issues?" This has probably been covered in a past thread that I missed...but thanks in advance for any insight shed on this topic. Respectfully, EA __________________ `````````````````````````` The weather is here... I wish you were beautiful. `````````````````````````` Last edited by EvilAL; 10-20-2002 at 05:35 AM..

10-20-2002, 07:45 AM	#3
ZoiNk Confirmed User Join Date: Feb 2002 Location: Canada Posts: 2,370	It would probably try and brute force every possible pin code trying to get access to the site (which for a program could be a couple minutes) ZoiNk __________________ "People can have the Model T in any color - so long as it's black." - Henry Ford

10-20-2002, 11:39 AM	#4
EvilAL Registered User Join Date: Jun 2002 Posts: 42	Thanks for the responses. EA __________________ `````````````````````````` The weather is here... I wish you were beautiful. ``````````````````````````

10-20-2002, 02:10 PM	#6
PxG Confirmed User Join Date: Feb 2002 Posts: 105	ea, if you're worried about brute force attacks, proxy based attacks, etc., check out http://www.proxypass.com PxG __________________ Kill Password Hackers Now! Kill Hit-Botters Now! _____________________________

10-20-2002, 07:31 AM	#2
Calvinguy Confirmed User Join Date: Oct 2002 Location: European Union Posts: 1,752	If you can guess a valid pincode it should be easy to get access

10-20-2002, 01:19 PM	#5
borys Confirmed User Join Date: Oct 2002 Posts: 146	There's an old misconception in the cracking community that iBill sites that don't use web900 assign user passwords and therefore cannot be bruteforced.