password list back online again
 

Thanks.

hmm.. maybe here someone has a good idea how to stop bruteforce attacks.

They are using a huge anon proxylist and testing each day 50k combinations within two hours. Blocking the IPs won't work...

How about this:

When you've detected that an attack is underway, always fail the first login from an IP, even if the password is correct.. a surfer will (hopefully) assume that they mistyped their password, and try again, while a brute forcer will just continue on.

Anyone?

god damn, that list would make a kick ass plugin!!

http://www.proxypass.com

That will kick the shit out of basically all brute force attacks.

Cheers,
Backov

Cool. Free porn. Cha ching.

Another idea -- monitor the webpage for compromized accounts, and then redirect users with that username and password to that 'hey everyone, i'm looking at gay porn!!' page :Graucho

link to that website that YOU DO NOT WANT TO CLICK ON is http://d-m-s-1-0-0.org/worksucks (without the dashes) (i think, but i'm sure as hell not gonna go check).

:thumbsup

I checked out some of the sites from that list. Gee, I cannot believe people are actually paying for that...!
But maybe that was a collection of all the crappy sites?

FREE PORN YES!!!!

Hey Fag - my site was on that =)

well back to jerking off to lots of "FREE" Porn!!

~Brett

lindaoneil.com was on there! Nice! She's one hot mama!

anyone got anymore lotion? :eyecrazy

The BBW sites are hot. I must have jerked it 12 times in the last half hour.

Time to jerk off!

WOOHOO!

Stop calling me names! I'm a Pervert and not a Fag! :thefinger

So which of the crappy sites was yours? Is the password still working? I have to check it out... :evil-laug

Thanks Backov,
As a client of Proxypass, you know that we stop brute force attacks that are run through proxies. But I am sure many people out there haven't heard of our new ProxyPass product.

If anyone has any questions, please feel free to post them and we will do our best to answer them.

On a side note, pr0 posted a concern about non-standard port proxies and my response initially was that ProxyPass did not block them. I asked a programmer and he corrected me: we DO block most non-standard port proxies too. Not only are they extremely rare (only 1 in 8000 according to our counts), but we block most of them anyway. Sorry for the misinformation.
You may also hit us up privately on ICQ: 153529369

Fire away guys,

The ProxyPass Team

That list must have just been updated because all the accounts they had for our site weren't suspended yet. Now they are :-)

no matter. they'll have a fresh batch of them by tomorrow..fucking russians!

i wonder how many of the sites on this list use Epoch or Jettis for billing. no amount of password crack checking would work for them.

muhahaha u dix using bruteforce, i got adultbouncer passwords! :321GFY

oh shit u got them too :(

my sites on that list !!! FUCKERS

LOL it's okay it's all fixed ;)

it's 403 now... LOL, back up, back down

Okay, now... How did they get a new login so fast? I cleared out the three they were using last week, and they already have them down and a new one back up. :(

maybe you should fix the problem this time.

:2 cents:

Hey now, that's not good. The one they had wasn't in the CCBill database... Hacked? :(

brute force attack most likely...

i.e.: dictionary attacks

A brute force attack won't help them get passwords that aren't already there. The logins they have had have not been the result of paying members, or of me manually updating.

if you use Epoch or Jettis they can add passwords to your site themselves. Paypal's script gives me a headache because it is obfuscated - but because it is obfuscated i strongly suspect it's vulnerable as well.

the link you posted is coming up 404 for me !

Damnit, it's down! I was hoping to see some midget oil wrestling today.

Where did you get that link?
What I mean is Where did you find it?
--
And can you get me the new one... it seems to have changed file names and is gone?

sometimes ccbill fails to remove inactive accounts. So the pwd is still in the password file.. just check your active usernames, download the password file and compare


and that's what the russians answered...

Thanks for your report.

We'd appreciate it if you direct this type of reports to [email protected]
(rather than the webmaster) in the future.
We aren't in a position to determine what legal and what isn't. We
have an Acceptable Use Policy, which is a part of our customer agreement,
and we enforce it whenever we determine or are notified of a violation.

The particular AUP document that we use has been approved by OFISP, a
Russian/CIS ISP forum, and is shared by many Russian ISPs.

Hosting some form of content is not an AUP violation, with the only
exception for "spam support services". "Bypassing server security"
would be it, but only hosting content that enables to do so isn't.

It's only due to the details of agreement with this particular customer
that we can in fact ask and insist that they remove this content simply
because "we don't like it".

--
Alexander Peslyak
DataForce ISP

I belive the largest daily updated with hundreds of passwords password list is here - http://www.xxxhq.com/vb/ ( you need to register to view )

Also I have see it here - http://www.sublimechat.com/phpBB/vie...hp?forum=7&674 ( the part of sublimedirectory )

same goes for ibill's mastergate cgi easier than cracking them

that's ALL ibill sites