What's new
  • ICMag with help from Landrace Warden and The Vault is running a NEW contest in November! You can check it here. Prizes are seeds & forum premium access. Come join in!

Forum security (Question).

LOL @ u guys like i said ive nothing to gain or lose by bullshitn anyone . :tiphat: . yeah its called notepad then u code in C++ on your notepad then compile what u have on your notepad after u change the extention to .cpp. thus after u change the file type from .txt to all types. but i dont know what im talking about . seems to me like u dunno what your talking about .
 

GDB

Member
Dreamz_of_Green - if you are so well educated then why can't you spell halfway decent? SMH.

Like the other guy noted, because this site is running vBulletin with common server software like Apache, unless being secured beyond normal updates, all are possibly vulnerable. That being said, someone with time and resources can easily hack a simple forum.

I recommend a good VPN as a standard first layer of security. As far as the scope of this subject being limited to a thread, there is no way to do justice on the topic. Hours and hours of Google and information dissection is the only true way to learn about security on the Internet. Opinions on security differ greatly, most if not all of which you will find is pretty much conjecture anyways. Just stick to the basics when it comes to security, whether it be your personal information or incriminating evidence(whatever form right?).

If you follow the most recent release of the group "Anti-sec", whom within the past week launched an attack aimed directly at law enforcement(Mississippi Sheriff's Association) in retribution for the recent "Lulz Sec" arrests. You can see just how easy it is to "crack", or otherwise gain access to an insecure web server.

http://jadedsecurity.net/wp-content/uploads/2011/07/antisec_shoots_the_sheriff.txt

////////////////////////////////////////////////////////////////////////////////
// CONNECT.PHP
// SAFE_QUERY()... WAY TO MAKE SQL INJECTIONS WORSE BY NOT VALIDATING INPUT ...
// BUT INSTEAD PASSING RAW INPUT TO SHELL_EXEC() ALLOWING COMMAND EXECUTION !!!
////////////////////////////////////////////////////////////////////////////////

Now that may look like gibberish to some, however it is just a comment stating that a file on their web server had a glaring and obvious security hole.

One of the most interesting parts of this hack is the release of 'snitch' information from anonymous web forms. I don't recall seeing anything reported about someone growing dope or anything other than issues about meth and crackheads. So it would seem that most people are concerned with the obvious, as any police department out there is suffering from budget cuts, the amount of true effort put into busting small time closet growers or the regular smoker are in my opinion almost 'nil'. There are too many idiots doing stupid things and being obvious to make a passive or active attempt at busting someone through forums worthwhile.
 

GDB

Member
LOL @ u guys like i said ive nothing to gain or lose by bullshitn anyone . :tiphat: . yeah its called notepad then u code in C++ on your notepad then compile what u have on your notepad after u change the extention to .cpp. thus after u change the file type from .txt to all types. but i dont know what im talking about . seems to me like u dunno what your talking about .

I would just like to point out this wonderful little tidbit of humor to everyone. No halfway decent programmer is ever going to use notepad to "compile". Maybe edit source code yes, but never directly code in. Any halfway decent programmer will utilize an "IDE", which stands for integrated development environment. In layman terms just means having all your tools in one place.

Too funny!
:biglaugh:

Dreamz btw: it is spelled "Cannabis" not "Cannbis/Aquarium/PC Nerd". I don't want you to error out your compiler or anything.
 
not a security question i dont think, but is it possible(probally is) to visit a forum and tracking cookies are put into a browser. here in the usa, i know of at least one forum that uses them to make sure visitors to their site do not visit other "competitor" sites. and the "visitors" cannot figure out how this "site" knew where the visitors were visiting other than this site.
:thank you:
 

Strainhunter

Tropical Outcast
Veteran
Guys why don't you let it go...to each their own, all do it differently.

Just like our plants: I do it differently than how you do it but we both get it done!
 
I would just like to point out this wonderful little tidbit of humor to everyone. No halfway decent programmer is ever going to use notepad to "compile". Maybe edit source code yes, but never directly code in. Any halfway decent programmer will utilize an "IDE", which stands for integrated development environment. In layman terms just means having all your tools in one place.

Too funny!
:biglaugh:

Dreamz btw: it is spelled "Cannabis" not "Cannbis/Aquarium/PC Nerd". I don't want you to error out your compiler or anything.
learn to read i said i code on notepad . i compile with Dev - C++ :laughing: u can code on a notepad change the file extension to .cpp after changing .txt to all files when saving a notepad "just like u would when making a batch file instead u use cpp". then u rename the file "FilesNameHere.cpp" go back and show me where i siad i compiled from a notepad i write on notepad but i never said i compiled from a notepad

hows come i speak so fuckered up didnt know i had to follow the laws of proper english to program ?lol u guys kill me . any of u on the darkside would kill to have my homemade tools *wink* i run mIRC rizon network as a head admin use your imagination .
 

qbert

Member
learn to read i said i code on notepad . i compile with Dev - C++ :laughing: u can code on a notepad change the file extension to .cpp after changing .txt to all files when saving a notepad "just like u would when making a batch file instead u use cpp". then u rename the file "FilesNameHere.cpp" go back and show me where i siad i compiled from a notepad i write on notepad but i never said i compiled from a notepad

hows come i speak so fuckered up didnt know i had to follow the laws of proper english to program ?lol u guys kill me . any of u on the darkside would kill to have my homemade tools *wink* i run mIRC rizon network as a head admin use your imagination .


Did you know Dev-C++ is an IDE? If you write in notepad, why wouldn't you just use gcc directly?

For someone claiming to know a lot, you are making many not-quite-jiving-with-reality statements.

But hey, I'll try to use my imagination:

I imagine ... that if I really was a black hat I probably wouldn't PM a total stranger my old nic that I claimed I had to drop cause it got to hot.

But then I ran out of imagination and just simply googled circleofhatred13 ... and it seems I need more imagination, cause all I can find is a vague reference to a virus written in VB circa 05, about the same time as the last release of Dev-C, coincidentally.

So, some of your story jives... and I've got a pretty good opinion just how much. But since opinions are like assholes, I'll just keep it to myself.


Oh, and one more thing...

(ppl like u become victims calling ppl out)

You can stick your hollow threat up your "opinion".


Now, I suppose I should get back to my day job. Gotta keep slugging code on this system that sees better than a million public hits a day, since I'm the only one coding on it.

:wave:
 

The Phoenix

Risen From The Ashes
Veteran
ok brother . im a lead admin of rizon network on mIRC . believe what u wanna lol (ppl like u become victims calling ppl out) . i have no reason to prove other wise . all though u could google me current handle .if this wasnt a cannabis site . just cause i type sloppy on the forum ,doesnt mean i dunno how to code.i type perfect as a programmer ,if u dont u error out your compiler .i went from VB4 to VB6 to .net to C to C++ then picked up python even though its outdated . ive made some of the most baddest blackhat tools uve ever seen . dont talk stuff to someone u dont know . now i gave u one of my old handles go google it see if im talkn shit? all math comes easy to me. im inno way talking shit or nor do i think im better then anyone here . i just dont like ppl who doubt me , what reason would i have to lie ? im not gaining anything here one way or the other

Hmmm....Lead admin for Rizon chat network huh. Might be easy to find you now if those servers are in the US....Something to think about maybe?

Anyway, try google "can vbulletin be hacked" and see what comes up. Where there is a will, there is a way I guess.

I would worry more about anyone gaining physical access to your computer than posting here on this site, especially with programs out there such as OPHcrack and the like out there.
 

Hammerhead

Disabled Farmer
ICMag Donor
Veteran
The only personal info that is on these servers that I know of is your email address. All my pics have been stripped of any info that relates to me. What else is on ICMAG that any hacker or leo would want???
 

The Phoenix

Risen From The Ashes
Veteran
The only personal info that is on these servers that I know of is your email address. All my pics have been stripped of any info that relates to me. What else is on ICMAG that any hacker or leo would want???

They want your IP address HH. The site admin is the biggest vulnerability to the security.

A novice hacker can befriend the admin and gain info about him. Then he will find out where he lives and hack his PC, or break in and gain direct access with little effort.

Computer passwords will not stop a hacker, so the admin has to be smart enough to keep people out of his PC, because once the hacker is in, he could possibly log on as admin here on ICMag and start documenting IP addresses.

I think spurr has a thread here about defense against seeing your correct IP address here in vBulletin, and I suggest you read it.

It takes someone with alot of resources to track a grower down, and most of the time it would not be worth leo's effort to bust a small grower. They are after bigger fish.
 

Hammerhead

Disabled Farmer
ICMag Donor
Veteran
I use tor I dont have anything to worry about even if I was not using tor. Im not the paranoid type.
 

arizona_bay

Member
Heres a simple security tip if your really paranoid or you have lots to lose.go to an internet cafe hell pick one that doesn't have a security camera.pay cash.
Keep It Simple Stoner
 
Top