Charas-Project
Off-Topic => All of all! => Topic started by: Alex on January 25, 2007, 10:10:41 AM
-
This continues from Trev post here:
http://charas-project.net/forum/showthread.php?threadid=19462&forumid=12&catid=6&page=5
I do not want to go OT there, so let's continue here.
Originally posted by Trevlac
That's not going to happen for several reasons:
0. I'm a professional. I don't do free Tiger-Teaming, if you want proof that I can do it, just ask Reain_. That's as close as you're gonna get.
1. I have nothing to prove to you and also owe you nothing.
2. I'm playing Digimon World DS, and am officially addicted like a crack hobo.
3. I don't play these kinds of games Alex. Don't try an manipulate me into doing what you want by setting me up to "ruin my rep". You honestly think I give a rat's *** what anyone here thinks of me? Nope. But I care what they think of Warxe. He's a good moderator and has never held any vice towards Charas. To mock him by holding this bull-**** trial destroys everything he's stood for these past few years. You are taking years of service and throwing them into the garbage can. So I'll be damned if you want me to play your little games. With admins like you, who needs trolls?
I think you did not understand a single word of what i said.
In case you did not noticed, i'm NOT an active member here, so couldn't care less about "ruin your rep".
So think at me as the Webmaster, not a Forum Admin.
0 and 1) I never said you HAVE to prove me anything. But as a webmaster, i'm interested in fixing eventual security holes. And to do that, i obviously need details on security holes themselves.
"Asking Reain_" would not give any useful details.
I'm not interested in "you did it before": i'm eventually interested in fixing the holes which permitted that.
2) So? Different system, different holes. If you're able to crack Service1, this does not mean you're able to do the same on Service2.
3) The game wasn't mine, but yours.
It's you the one that said "you're all easy to hack", not me.
It's you the one who's making other members think "OMG! So all admins can be hacked, we'll always be in danger!".
If this is true, then a *REAL* hacker would help the system owner to fix the problem. And the sysowner naturally asks for hacker's help (which was what i did by asking for evidences of this holes).
If this is false, then it's FUD.
I asked you to prove it because of this: that's true, i DO NOT need trolls. and a fudder actually IS a troll (remember? Pop did the same, by claiming "i can crack you all!").
So do not read my words personally: read them technically (do you really think i would have any interests in playing these "little games"? i don't have time to waste)
Oh, and finally:
All it takes to hack a charas account is an IP, a port scanner (Nmap or similar) and an IP spoofer to cover your tracks.
That's not totally true, but yes, can be.
There's only one essential thing to know: the IP associated with the account. But is the IP really so easy to be known? Can you tell me the IP i have now?
I'm not asking you to crack the world, but i want users to know if they're really in permanent danger on not. Just guess my IP. Nothing more.
Again, this is to be read as a TECH post, so please do not reply by saying "i'll not do this because blahblah".
Guess my IP or please stop warning the whole forum by making them belive they're in danger.
You don't HAVE to do this.
If you want, then please help me fixing the security holes you found.
If not, i'm simply asking PLEASE STOP FUD.
-
OH SNAP
-
Oooooooo. Trev'll have to prove himself! =O
-
Originally posted by White Dwarf
Oooooooo. Trev'll have to prove himself! =O
Prove a dick.
He just said that he wouldn't do it because he was busy.
You don't need to take it any further.
I'm sure someone else can hax Charas.
edit: As far as I know he is working on it a little.
-
He did say to me his not gunna bother study this forums code long enough to actualy make a script to hack it, or something like that. >_>
-
Nobody knows my account password. Ha.
-
Originally posted by Meiscool
Nobody cares about my account password. Ha.
QFT!
-
Originally posted by Meiscool
Nobody knows my account password. Ha.
What about you? =O
I don't know mine, it auto logs me in. and ive forgotten which one it is, could be one of like, 12,
-
I always know mine. Mweeheehee. YOU WILL NEVER RECEIVE IT!
Hmmmm... I have learned not to believe in much of what Trevlac says. He meant good, but making a promise he had no capability to keep... well it is just a load of bologna then.
-
You have full permission to hack me.
-
Originally posted by Meiscool
Nobody knows my account password. Ha.
princeoftidesXxXbarbrastreisand1321
-
Am I the only one who doesn't know what FUD is?
-
Originally posted by Razor
Am I the only one who doesn't know what FUD is?
no, don't feel stupid, I don't either.
-
Originally posted by drenrin2120
Originally posted by Razor
Am I the only one who doesn't know what FUD is?
no, don't feel stupid, I don't either.[/B]
Nor do I! :o
*off to google FUD*
EDIT:
* Fear, uncertainty and doubt, a marketing strategy
* FUD (food) a Mexican brand of cold cuts and hot dogs
* Fud, a Scottish colloquialism for vagina
* Elmer Fudd, a Warner Brothers cartoon character
I think it may be the first one.
Or the third, depends on Alex's thoughts on the issue.
-
Originally posted by Daetyrnis
I think it may be the first one.
Or the third, depends on Alex's thoughts on the issue.
Ahh, I lol'd merrily.
-
Scare tactics/terrorism, I guess.
-
Now, I think Trev just got penis'd.
-
I'm pretty sure FUD is "Fouled Up Disinformation" from what I found.
-
This is Trevlac, I have hacked Meiscool's account to show you how easily it can be done.
Just kidding.
-
Originally posted by Meiscool
This is Trevlac, I have hacked Meiscool's account to show you how easily it can be done.
Just kidding.
Didn't see this one coming. :eyerollz:
-
To Darkfox: When did I make a promise to hack charas? I believe that was never. No, in fact, I keep my promises.
To Alex: It's not my responsibility to secure your website. You are the webmaster. I'm not spending my day off work going through lines of Gary's code, testing servers, writing a SQL/PHP injection, or socially engineering when it's not my responsibility.
-
So I was kinda right.
-
I don't think it's feasable to hack Charas. And this isn't me trying to bait Trevlac or anything. Trev's stance on why he's not doing it sort of proves it. With enough skill and time it's probably possible to sort through all the code and find ways in, but who with that sort of skill would spend the time? Essentially no one. So we're probably safe as far as mysterious superhackers go.
-
Originally posted by Trevlac
To Alex: It's not my responsibility to secure your website. You are the webmaster. I'm not spending my day off work going through lines of Gary's code, testing servers, writing a SQL/PHP injection, or socially engineering when it's not my responsibility.
I totally agree. Infact i do not want you to do this.
But I want you to STOP claiming this can be done EASILY, because it's just giving members FUD (btw, for those who didn't know, correct read is Fear, uncertainty and doubt).
I ask you to prove it ONLY if you will to say again it's EASY to do.
Because saying it's easy simply makes other users worried about a non-defined "maybe something".
BTW: i'm not worried about security issues, as it seems there are none relevants as of now. So i do not need anyone to "secure my website".
Don't try to reverse my words, this game wasn't mine and was not started by me.
-
I think you mistake easy for something else. I don't mean "point and click" hack-in-5-minutes easy. I mean only takes about a day easy. Anyone with mediocre knowledge of PHP could 'hack' Charas.
Easy is a relative term. Relative to Invisionfree, hacking Charas is easy. And I also believe I said "easier than I thought", meaning, I thought it'd be as hard as Invisionfree and it wasn't. Again, relative term.
Back to Digimon.
-
Except in this case it was claimed with hope to help a friend. Not about being some "master hacker" bullcrap. You claimed you would help him but in your own selfish "I can do this!" "I can do that!" you lie just to look good.
I lose all respect for you Trev. Not because you lied but you failed to do anything benificial to help other than some flameing and an unfufilled prophecy.
Play Digimon, I don't care. But next time you want to make a scene, think beforehand, not after.
Edit: Btw, it isn't Gary's code. It is Dekoffe/Steven'd.
-
Ok, sorry for misunderstanding.
You think that a mediocre knowledge of PHP would be enough, and i don't.
But this is another story, not important here.
The main thing was about clarifing a 5 minutes hack is surely not possible here. So the main accident is close. Thank you for you cooperation! :)
Since all has been clarified, thread closed (i don't want tons of blahblah around this, i think you can understand me, Trev :) )