Topic: Can you hack our site? 1 BTC reward (Time limited!) - page 3. (Read 3887 times)

Ok , this is the image :



http://i.imgur.com/oLUlT7h.png

Thanks.

You can post it here but we reveil the site name only in pm. So people can later check that your image is on the site.

Are you serious? You really made my day. I'm waiting to see the johny1976's site hacked (for see if you are honest or only a liar).

It it is possible can you upload an image? Should I send through a pm or can I post it here ?

BECAUSE I WORK FOR THE DEPARTMENT OF DEFENSE YOU IDIOT! IM TRYING TO HELP THIS COMMUNITY BUT APPARENTLY IM OH SO SUSPICIOUS. IM THE NEXT FUCKING SNOWDEN DUDE IM TRYING TO HELP THIS COMMUNITY SECURE ITSELF! i can NOT hack from this server. i can only provide audit test from it, and i dont know any hackers.

So be it. We want to be hacked. We've provided proof site is ours. (if anyone wants us to upload picture there, just let us know). You have only reports but can't hack it. Strange.

Wait until escrow service is agreed. Then it'll be your turn ensure people you've really done that.

which is true im trying to do you guys a favor i can list the vulns here in a post with full report, but then someone can hack you before you even fix them, which is why im acting "suspicious" to you. im trying tobe legit and transparent without risk to your server and personal property belonging on there. im DOING EVERYTHING TO BE OPEN AND TRANSPARENT WITHOUT THE RISK OF LOSING MY JOB!!! WTF IS WRONG WITH YOU PEOPLE?!?! DONT YOU WANT THIS COMMUNITY TO SUCEED?!



"why dont you hack it yourself"

idk any hackers
[4:38:25 PM] Python Pro: tbh
[4:38:31 PM] Python Pro: i can just provide the escrow the six vulns
[4:38:33 PM] Python Pro: and full report
[4:38:39 PM] Python Pro: you check your server for the shit yourself
[4:38:47 PM] Python Pro: and google the vuln codes listed on wiki
[4:38:55 PM] Python Pro: your dumb not to fix them and get the report
[4:39:00 PM] Python Pro: youre seriously wide ipen
[4:39:02 PM] Python Pro: its like
[4:39:14 PM] Python Pro: the door to your house has no locks and someone left the windows and doors open
[4:39:16 PM] Python Pro: im being serious
[4:39:22 PM] Python Pro: im not acting suspicious
[4:39:32 PM] Python Pro: im trying to help you guys without hacking and losing my jopb
[4:39:34 PM] Python Pro: im at work
[4:39:38 PM] Python Pro: so if i do do it ill lsoe my job
[4:39:53 PM] Python Pro: im only trying to help by using our government auditing software
[4:39:58 PM] Python Pro: not available to the public
[4:39:59 PM] Python Pro: so
[4:40:01 PM] Python Pro: your choice

We're working to get escrow service.

Btw: pythonpro1337 is behaving kind of suspicious. He claims he's found 6 vulnarebilities but he can't give us proof because he's working fow US gov and can go to jail if he really hacks our site.

i have chosen maidak as he is online now and he will probably be in communication with us shortly as i have left a reply on his escrow thread

how about you message me on skype i give yoyu an image to upload and then you put funds in escrow i have a full report ready RIGHT NOW as well as details on the SIX YES SIX VULNS YOU HAVE! if you dont believe me put the funds for 6 vulns in escrow with someone trusted and ill provide them with the full report!!!! dont risk passing this by!!

To prove it's our site I don't believe you need access to our server. We can upload there an image you can send us for example.

It's just kind of suspicious that you want access to the server so much and that's the reason for "I have to think about it".

Btw: You can edit someting on the server so we know you've really found something.


Thank you!

he would have to prove to me its his site which is why i originally requested ssh and terminal access he responded, "id have to think about it" which is why id like to now use escrow and provide him a full comprehensive report on how he can fix it himself or pay his local admin to do it or him. now i find this user kinda sketchy

What would be the ramifications if one were to hack this site, send a list of the vulnerabilities to the OP only to find out later it was not in fact OPs site?  

 The largest vuln i found allows an attacker to trick the server into disclosing a substantial chunk of memory, repeatedly. As you can imagine, process memory is likely to contain sensitive information, for example server private keys

ive already found 6 vulns (three are extreme risks to the website and server and the other three are moderate (based on a scale of low-moderate-extreme))including accessing the server but for your sake i will not post the vulns on here or pm for your safety please visit my link or make negotions with me via pm! Thank you!


i prefer escrow and if this is a bounty id prefer to be paid for all 6 vulnerabilites that i found including the access the backend.

I being one of them (posted a direct link to my thread).

what you want is some penetration testers.

There are some people offering such services and specialized people.

Releveant: https://bitcointalksearch.org/topic/wts-government-level-penetration-testing-security-audits-948976

Can you please PM me the link to test I can test it with a few of the contacts I met over the past 10 years online.

here are they
https://bitcointalksearch.org/topic/escrow-list-108716