For starfux0rz

HYBR|D · December 12th, 2010, 07:00 AM

Originally Posted by JPnyc

So fine, discuss it. I don't see how the contents of the database relate to that discussion. What's its intent, proof? I'll take your word for it. I don't see a problem with discussion of the methods used and ways they could have been prevented, that's the purpose of the site, but further exposing information that was compromised as a result, that's not only unnecessary to the conversation, it's unwarranted.

To use the info that The-Spec posted a person would have had to crack the hashes.

for instance

lwoods 00f084ea7eb01d821b47058fdfce329a [email protected]

to get into the e-mail account i would 1st need to break the hash string to get the plain password. In it's current format it don't do nothing, so i would need to find out what hash encryptian was used during encryptian (Could it be an md5 hash? ).

It's being posted brings relevance to the discussion at hand, simply because decrpting the hashes and the tools needed & other info can be bought into the discussion, so having the content from the DB posted would serve a purpose to the discussion.

just like when talking about xploit code. There's no use talking about it if there's no example code to look at.

***JPnyc*** · December 12th, 2010, 07:02 AM

OK, point taken. But you're still exposing all these people to massive amounts of spam. Couldn't you at least *** out the usernames?

HYBR|D · December 12th, 2010, 07:09 AM

Just like everytime a person goes online they run the risk of having there Identity stolen.

How does 1 protect themselves from stopping that from happening? Welp we would need to 1st findout and discuss the "Tools" the bad guys use. Before were able to start protecting ourselves and others from it happening.

***JPnyc*** · December 12th, 2010, 07:15 AM

But there are definitely ways to minimize the risk. Doing this is basically sticking it right out there, where every bot on the planet can slurp it right up.

**The-Spec** · December 12th, 2010, 11:44 PM

So essentially you admit that you've been taking down my posts all these years.

HYBR|D · December 12th, 2010, 11:57 PM

So you gonna re-post the content? we can still save this thread and make it a worthwhile discussion.

***JPnyc*** · December 13th, 2010, 12:46 AM

Originally Posted by The-Spec

So essentially you admit that you've been taking down my posts all these years.

Eh? I have to hear the logic behind that conclusion. Everyone, the acceptable use policy is quite clear on the subject:

You will respect other people's right to personal privacy and will not post any other person's identifying information (including their names, contact information, and any other relevant information).

We're all for discussion of the exploit used and how to prevent it, that's entirely relevant security discussion. People's personal contact information is not, and e-mail address are contact information.

**The-Spec** · December 13th, 2010, 02:49 AM

Maybe the company should have thought things through before buying AO. If I ran things I'd keep the discussion as loosey-goosey as 711chan. Way to be a buzz kill.

***JPnyc*** · December 13th, 2010, 03:05 AM

Maybe, but far too late to do anything about it now. It's no longer even owned by the same corporation that bought it from JP. All of it was before my time.

**metguru** · December 13th, 2010, 03:50 AM

Hybrid, I'm leaning against md5...just based on the fact that I haven't cracked it yet haha.

Thread: For starfux0rz

Thread Tools

Display

Posting Permissions