Pages:
Author

Topic: Can you hack our site? 1 BTC reward (Time limited!) - page 3. (Read 3898 times)

legendary
Activity: 1778
Merit: 1043
#Free market
which is true im trying to do you guys a favor i can list the vulns here in a post with full report, but then someone can hack you before you even fix them, which is why im acting "suspicious" to you. im trying tobe legit and transparent without risk to your server and personal property belonging on there. im DOING EVERYTHING TO BE OPEN AND TRANSPARENT WITHOUT THE RISK OF LOSING MY JOB!!! WTF IS WRONG WITH YOU PEOPLE?!?! DONT YOU WANT THIS COMMUNITY TO SUCEED?!

So be it. We want to be hacked. We've provided proof site is ours. (if anyone wants us to upload picture there, just let us know). You have only reports but can't hack it. Strange.

Wait until escrow service is agreed. Then it'll be your turn ensure people you've really done that. Smiley

It it is possible can you upload an image? Should I send through a pm or can I post it here ?

You can post it here but we reveil the site name only in pm. So people can later check that your image is on the site. Smiley

Ok , this is the image :



http://i.imgur.com/oLUlT7h.png

Thanks.
legendary
Activity: 1135
Merit: 1002
Developer
which is true im trying to do you guys a favor i can list the vulns here in a post with full report, but then someone can hack you before you even fix them, which is why im acting "suspicious" to you. im trying tobe legit and transparent without risk to your server and personal property belonging on there. im DOING EVERYTHING TO BE OPEN AND TRANSPARENT WITHOUT THE RISK OF LOSING MY JOB!!! WTF IS WRONG WITH YOU PEOPLE?!?! DONT YOU WANT THIS COMMUNITY TO SUCEED?!

So be it. We want to be hacked. We've provided proof site is ours. (if anyone wants us to upload picture there, just let us know). You have only reports but can't hack it. Strange.

Wait until escrow service is agreed. Then it'll be your turn ensure people you've really done that. Smiley

It it is possible can you upload an image? Should I send through a pm or can I post it here ?

You can post it here but we reveil the site name only in pm. So people can later check that your image is on the site. Smiley
legendary
Activity: 1778
Merit: 1043
#Free market
BECAUSE I WORK FOR THE DEPARTMENT OF DEFENSE YOU IDIOT! IM TRYING TO HELP THIS COMMUNITY BUT APPARENTLY IM OH SO SUSPICIOUS. IM THE NEXT FUCKING SNOWDEN DUDE IM TRYING TO HELP THIS COMMUNITY SECURE ITSELF! i can NOT hack from this server. i can only provide audit test from it, and i dont know any hackers.

Are you serious? You really made my day. I'm waiting to see the johny1976's site hacked (for see if you are honest or only a liar).
legendary
Activity: 1778
Merit: 1043
#Free market
which is true im trying to do you guys a favor i can list the vulns here in a post with full report, but then someone can hack you before you even fix them, which is why im acting "suspicious" to you. im trying tobe legit and transparent without risk to your server and personal property belonging on there. im DOING EVERYTHING TO BE OPEN AND TRANSPARENT WITHOUT THE RISK OF LOSING MY JOB!!! WTF IS WRONG WITH YOU PEOPLE?!?! DONT YOU WANT THIS COMMUNITY TO SUCEED?!

So be it. We want to be hacked. We've provided proof site is ours. (if anyone wants us to upload picture there, just let us know). You have only reports but can't hack it. Strange.

Wait until escrow service is agreed. Then it'll be your turn ensure people you've really done that. Smiley

It it is possible can you upload an image? Should I send through a pm or can I post it here ?
member
Activity: 99
Merit: 10
BECAUSE I WORK FOR THE DEPARTMENT OF DEFENSE YOU IDIOT! IM TRYING TO HELP THIS COMMUNITY BUT APPARENTLY IM OH SO SUSPICIOUS. IM THE NEXT FUCKING SNOWDEN DUDE IM TRYING TO HELP THIS COMMUNITY SECURE ITSELF! i can NOT hack from this server. i can only provide audit test from it, and i dont know any hackers.
legendary
Activity: 1135
Merit: 1002
Developer
which is true im trying to do you guys a favor i can list the vulns here in a post with full report, but then someone can hack you before you even fix them, which is why im acting "suspicious" to you. im trying tobe legit and transparent without risk to your server and personal property belonging on there. im DOING EVERYTHING TO BE OPEN AND TRANSPARENT WITHOUT THE RISK OF LOSING MY JOB!!! WTF IS WRONG WITH YOU PEOPLE?!?! DONT YOU WANT THIS COMMUNITY TO SUCEED?!

So be it. We want to be hacked. We've provided proof site is ours. (if anyone wants us to upload picture there, just let us know). You have only reports but can't hack it. Strange.

Wait until escrow service is agreed. Then it'll be your turn ensure people you've really done that. Smiley
member
Activity: 99
Merit: 10
which is true im trying to do you guys a favor i can list the vulns here in a post with full report, but then someone can hack you before you even fix them, which is why im acting "suspicious" to you. im trying tobe legit and transparent without risk to your server and personal property belonging on there. im DOING EVERYTHING TO BE OPEN AND TRANSPARENT WITHOUT THE RISK OF LOSING MY JOB!!! WTF IS WRONG WITH YOU PEOPLE?!?! DONT YOU WANT THIS COMMUNITY TO SUCEED?!



"why dont you hack it yourself"

idk any hackers
[4:38:25 PM] Python Pro: tbh
[4:38:31 PM] Python Pro: i can just provide the escrow the six vulns
[4:38:33 PM] Python Pro: and full report
[4:38:39 PM] Python Pro: you check your server for the shit yourself
[4:38:47 PM] Python Pro: and google the vuln codes listed on wiki
[4:38:55 PM] Python Pro: your dumb not to fix them and get the report
[4:39:00 PM] Python Pro: youre seriously wide ipen
[4:39:02 PM] Python Pro: its like
[4:39:14 PM] Python Pro: the door to your house has no locks and someone left the windows and doors open
[4:39:16 PM] Python Pro: im being serious
[4:39:22 PM] Python Pro: im not acting suspicious
[4:39:32 PM] Python Pro: im trying to help you guys without hacking and losing my jopb
[4:39:34 PM] Python Pro: im at work
[4:39:38 PM] Python Pro: so if i do do it ill lsoe my job
[4:39:53 PM] Python Pro: im only trying to help by using our government auditing software
[4:39:58 PM] Python Pro: not available to the public
[4:39:59 PM] Python Pro: so
[4:40:01 PM] Python Pro: your choice
legendary
Activity: 1135
Merit: 1002
Developer
We're working to get escrow service.

Btw: pythonpro1337 is behaving kind of suspicious. He claims he's found 6 vulnarebilities but he can't give us proof because he's working fow US gov and can go to jail if he really hacks our site.
member
Activity: 99
Merit: 10
i have chosen maidak as he is online now and he will probably be in communication with us shortly as i have left a reply on his escrow thread
member
Activity: 99
Merit: 10
how about you message me on skype i give yoyu an image to upload and then you put funds in escrow i have a full report ready RIGHT NOW as well as details on the SIX YES SIX VULNS YOU HAVE! if you dont believe me put the funds for 6 vulns in escrow with someone trusted and ill provide them with the full report!!!! dont risk passing this by!!
legendary
Activity: 1135
Merit: 1002
Developer
he would have to prove to me its his site which is why i originally requested ssh and terminal access he responded, "id have to think about it" which is why id like to now use escrow and provide him a full comprehensive report on how he can fix it himself or pay his local admin to do it or him. now i find this user kinda sketchy

To prove it's our site I don't believe you need access to our server. We can upload there an image you can send us for example. Smiley

It's just kind of suspicious that you want access to the server so much and that's the reason for "I have to think about it".

Btw: You can edit someting on the server so we know you've really found something.


Thank you! Smiley
member
Activity: 99
Merit: 10
he would have to prove to me its his site which is why i originally requested ssh and terminal access he responded, "id have to think about it" which is why id like to now use escrow and provide him a full comprehensive report on how he can fix it himself or pay his local admin to do it or him. now i find this user kinda sketchy
legendary
Activity: 3808
Merit: 7912
What would be the ramifications if one were to hack this site, send a list of the vulnerabilities to the OP only to find out later it was not in fact OPs site?  
member
Activity: 99
Merit: 10
 The largest vuln i found allows an attacker to trick the server into disclosing a substantial chunk of memory, repeatedly. As you can imagine, process memory is likely to contain sensitive information, for example server private keys
member
Activity: 99
Merit: 10
ive already found 6 vulns (three are extreme risks to the website and server and the other three are moderate (based on a scale of low-moderate-extreme))including accessing the server but for your sake i will not post the vulns on here or pm for your safety please visit my link or make negotions with me via pm! Thank you!


i prefer escrow and if this is a bounty id prefer to be paid for all 6 vulnerabilites that i found including the access the backend.
member
Activity: 99
Merit: 10
I being one of them (posted a direct link to my thread).
legendary
Activity: 1120
Merit: 1000
what you want is some penetration testers.

There are some people offering such services and specialized people.
hero member
Activity: 658
Merit: 500
Respect All Fear None
Can you please PM me the link to test I can test it with a few of the contacts I met over the past 10 years online.
sr. member
Activity: 560
Merit: 250
Pages:
Jump to: