Ashley Madison Source Code Now Online
 

It seems the Ashley Madison source code has now been released online.

I won't link to it for obvious reasons but the entire codebase is out there.

The longer this goes on, I can't see Avid Life Media surviving long term.

I thought the source code was included with dump #3. Is this a 4th dump?

Some of it was in at least the second dump, but someone has assembled it all and released it as a whole.

I read an article this morning that said this wasn't done by hackers, but instead by a pissed off employee. I am beginning to wonder if that is true.

This is the article I read.

Ashley Madison hack was an inside job: John McAfee - The Times of India

It certainly makes you wonder. Though at the same time, would one single employee have access to all of this information, and if so, would they know how to get it and what to do with it? This "rogue employee" likely had outside help, i.e. the hackers.

I don't think it was an inside job... However, the admin/engineer who setup the servers was a complete tool. The root password for their servers was Pass1234. The team claimed the job was done over several years. Which is why they have over 300 GB of data. If you're using a generic simplistic password for anything please light yourself on fire now.

What do you guys think will be the impact of this Ashley Madison fiasco on the public's trust of dating sites?

nothing. Guys still want to get laid and people have very short memories

I think it will actually have a trickle down affect with consumers, and hit all aspects of the adult industry. People suddenly feel unsafe, and they will now think twice before subscribing to anything that might jeopardize a relationship or career, now that the veil of secrecy has been pulled off.

I have been looking for Ashley Madison clone script, anyone know of any?

The source code being released is a smaller problem than the ceo's emails from 2012 - July 2015 being released. The latter includes EVERYTHING including sales reports, listings of top affiliates, revenue sources, inter-office communications and you name it. It's really, really, really bad. Worse yet it also includes some private communications with other companies in the industry so now these other companies also lost some control over their proprietary information as well.

The only saving grace is that I have read the hackers have stated that they do not intend on releasing private photos and chats from the Ashley Madison members. You could probably imagine the fallout should that have occurred. Who knows though. The hackers could always change their minds.

Yeah, there's a complete copy on the Interwebs.

However I'm not going to become complicit by sharing it's location.

I wouldn't be surprised if coders are making a 'template' version of the leaked AM code out there.

Of course, they'd be stupid to copy and paste stuff but the leaked code would definitely make it easier for them to create new code

My email is there. Got called out 3 days ago by my sister :mad:

there will be repercussions :2 cents:

Analysis of the affiliate management portion should be interesting. Wonder if anyone will examine it closely ?

http://www.gianteagle.com/PageFiles/...ing_061112.jpg

short lived at best

I am seeing a lot of small discrepancies in the hackers' stories ... They may have very well had some inside help. Now if they could hack the investigators ...

The mainstream media have been mangling this story, the best coverage has been by Brian Krebs.

Who Hacked Ashley Madison? ? Krebs on Security

Would love to know who their top affiliates are?

For anyone clever enough to analyze THIS will be the most "useful" info released yet for any dating affiliates.

Someone will probably do it. Accessing these dumps and the source code is probably a criminal offence in many places though, so walk softly.

Why? Were you cheating on her?

:1orglaugh:1orglaugh:1orglaugh

:1orglaugh:1orglaugh:1orglaugh is that you Noel?

Yes, everyone can award their own sites with some self made badge.

now i gotta find those source code and gotta learn how professional coders write code.
yes yes yes, impact team.

:1orglaugh :1orglaugh

You think website owners will start taking more care about their security? I don't think so :)

well there's tinder..

Well finding "shaving" control panel in admin in source code, and emails of CEO about let's shave this and that... would be an interesting topic for GFY. Where are gone all those "I know it all and I find all if I don't know yet" GFY investigators we always got there? Come on let free the rain man in you.

Whenever I host a website somewhere, I always am afraid of hosting company employee ripping it off. For example if you have a website with a nice database of some contacts or whatever - that could be gold to some shady person. If he works in that hosting company...

If you host it on a dedicated server then you can simply encrypt the volume that your web services sit on and then nobody is going to get your code. :2 cents:

Can you imagine what its been like in their offices since the release?! Crazy

I don't think their source code being out there is the biggest thing they have to worry about. It's the fact that it's now been outed that the vast majority of females on the site are fake.

Almost None of the Women in the Ashley Madison Database Ever Used the Site

They're still using the source obviously. Security researchers keep punching holes in it.

I can't see how, without a complete re-write, that they can guarantee that another hack won't happen.

I read from a source who read through the emails that apparently they knew the software had a lot of problems and they even did a security assessment a few months before the hack.

I guess the only upside of this is, how much more can this company lose ?

They were completely owned. Every computer, every server, database replication servers, financial systems, source code, every possible digital thing was compromised.

It's pretty arrogant to run known exploitable code on a public facing multi-million dollar operation. Especially with such sensitive information. They pretty much got what they deserved for their arrogance in not getting it fixed. And they knew the hackers were looking too because other dating sites were having issues as well. I'm sure they aren't alone though. If anyone reading this owns such a site and knows they have these issues with their code then they would be well advised to get it fixed pronto and hire a full time security guy or gal pronto.

Plugging holes, especially if they're fundamental flaws in your system, is not a 5 minute job.

In a large codebase with poorly written code it might be almost impossible to completely secure.

Look at the big hacks lately, some very very big companies running extremely complex systems have been compromised.

The real problem I see with this hack from a technical perspective is that it reveals that this company was more interested in bleeding it's user base of cash than anything else. In this scenario, they really didn't care much about security - despite public comments otherwise.

I must be very novice when it comes to downloading "questionable" non paid for material because for the life of me, I can't find the source code anywhere when I search on Google :Oh crap. Used "Ashley Madison source code" "Ashley Madison script" "Ashley Madison 2nd dump" etc... and came up with nothing except articles :disgust

It's there if you know where to look. If you don't I'm not going to help you. This is stolen data and as such downloading it may not be lawful.

John McAfee: Ashley Madison database stolen by lone female who worked for Avid Life Media

Here a little more. But Mcaffee is a bit of a nut-job too however he raises reasonable suspicion of the possibility of an inside job ... I would not rule this out in speculation.

right on target :2 cents::2 cents:

links pulled

I WOuld love to have a look at thier DATA :-) must be interesting

PM me link for source code... I'd like to take a look at it. :D