password forums. if you run a pay site. read this
 

http://www.protectadult.com/forumsecurity.php

we have released the monster list.

and a bit of an update just to keep you updated

Adding these URL's to a blocklist, doesn't prevent people from copy and pasting the hacked URL directly into their browser.

You've just given free porn to all the surfers on GFY, by the way.

Just force all passwords to be randomly generated and let members pick their own username.

useless

still crackable

Uhm, use common sense. Dont post that list on this board.

Edit: Surfers will bookmark those urls.

useless...

CTRL-D....

hmmm.................................
http://pass.nejcpass.com/
this ones the best from what i can remember.........

there r a further 1000 password sites out there

The sufers here are going to love those forums...

why the fuck is it so hard for these paysites to monitor IP's and grant access to no more then 2 uniques per day on each account? its fucking easy. wake up.

I've lurked for a while on IRC password trading channels (from efnet to thundercity), everytime some paysites get requested, everyone says that one is impossible because they autogenerate the password.

I've also talked with some of the ops who've been doing it since 1999 and they say the only way is to actually crack the server and not bruteforce which turns into a whole different game.

its actually all bruteforced.

htacess is really easy to crack.

have a good dictionary list. and big proxy list. run it through over 2 million times and you will crack it. some sites are being smart and doing form logins. which are the smart way to go. thats why people use proxy's to crack. because of course if they see more than 2 ips from the same host they will ban.

we shut down password trading channels on dalnet last december. that was where most of the trading was done.

that's why we have password protection software.

Actually make a fake part of your site, put it on a password forum. Fill the fake part with upsells. Money does come in...

Thanks for the laugh
Now go find the other 5 million sites and their mirrors


Your security team beat pennywise? OMG! How lame are these guys if that?s their claim to password security fame.

Good job :thumbsup

Yes and then you'll spend the entire day unblocking pissed off AOL users. Or worse, they'll just cancel or chargeback their membership because they can't get access to the site.

.
And where do you think the good wordlists come from?
If you?re going to handout security advice you might want to actually understand the game first.

I can?t believe I doubled my post count in one night
:error

:1orglaugh :1orglaugh

lol been saying that for years...do I know you/of you jMP I believe I do :)

screw dealing with dictionary files...people are creatures of habit...get one passfile, you're into many other sites...

for people running pay sites your best bet is to make it as diffecult as possible, make it more trouble than it's worth...form login with visual your best bet....but even that's not uncrackable...lemme rephrase that...your best bet...learn wtf you are doing, quit leaving it up to your hosts to protect you...quit being so god damn lazy, quit worrying about making that quick buck...learn about server configurations,quit being button pushers, START caring about your memebrs and offer them some security...learn how to crack, and you will learn how to protect
there are many sites that crackers will not even bother touching...why ? because the owners went to the trouble of finding out how people are getting in, instead of sitting around crying about it happening...do you really think shutting down an irc channel, or a website is gonna keep people out? get a clue....this si the same old tired shit it hasa been for years...you find a way to keep crackers out...we build a better mousetrap....but look at the brite side....handing out passwords tends to weed out the competition, and break the asshats that run shitty sites


moral of this rant......get off your lazy fucking asses and learn wtf you're doing before you call yourself a pr0n webmaster

kyree

This thread will show you how to make it difficult as possible:
http://www.gofuckyourself.com/showthread.php?t=459989

What about ISP's that dont give the user a fixed IP?

why do you surfers hang out here? seems like there is a growing group of pr0n webmasters groupies. surfers who are fascinated by the behind the scenes machinery of the web porn machine.

bringing up old threads :)

nice :)

glad i took that list down.

i still wanna do a security aduit on paysites running proxypass, strongbox, and writeup a review. on the products.