noobs

today, i've opened my email, and what am i see, "please confirm your request to change your password" it was from soom.cz but i know on 100%, that i didnt want this action in past.. so i know immediately, that someone is trying to break my account on that soom.cz. so i clicked on the "cancel request", deleted that mail and leave it alone.. but i cant believe, that some fool tryed to break my acc by THIS way.. or he expected, that when he input my nick, he will get my password immediately on the next refresh.. oh my got, i cant believe that. i'm laughing upon the image of noob, that is trying for now to break my password with brutus. i'm expecting him! :ninja:

It's actually a pretty good trick. The easiness of requesting new passwords is scaring me.

why? he must expected that i'll get the confirmation email, and i wont accept it. also, when i accept it, the new pass will be sent only on my email, not to him…

yeah…but there's a trick that works with some forum systems, if he knows roughly what time he sent the password change request, he can use curl to work out a list of possible confirmation codes (by examining the random seed production code if it's an open source cms or forum like phpbb), and then going to each in turn, hoping he strikes lucky, since most forums use the server time as a random seed. So then, if he knows that the email was sent in around a 5 minute period, and assuming the the random seed only uses second and minutes, that would be only 300 confirmation codes.

yeah that is right, but if you look at soom.cz you will find that it isnt running on any commercial cms, its a cms that is destined to run only at soom.cz and it was in the past hacked only 2x, as i know. hackers not much finding exploits for this site, because:

1. next to security-portal.cz its the best of czech sites about hacking
2. its in czech, so hackers that cant speak czech cant break it, and hackers that can speak czech, wont break it, from the reason i writed above. i was started there too, now i am in the home at hellboundhackers, and i'm glad for my very bad english, because hbh teach me a lot.

Sometimes you can use an SQL injection to reset all the passwords. I've done it and can be quite useful.

Der Heiligen wrote: Sometimes you can use an SQL injection to reset all the passwords. I've done it and can be quite useful.

fuck youuuu der heiligen:p

[spam]

FUCK NOOBS

(ok, I didn't read anything from this thread)

[/spam]

see kaksii, that's why i think your a dick. you post random senseless things to get your post count up.

end3r wrote: see kaksii, that's why i think your a dick. you post random senseless things to get your post count up.

Why the fuck do I need to get my post count up. I am ranked 'God' and I can't make my rank higher than it is. And I don't care about my post count up.

Goodbye

end3r wrote: see kaksii, that's why i think your a dick. you post random senseless things to get your post count up.

HAHAH, THE RANDOM FLAMER OWNED HIMSELF XD!

dancuc wrote: today, i've opened my email, and what am i see, "please confirm your request to change your password" it was from soom.cz but i know on 100%, that i didnt want this action in past.. so i know immediately, that someone is trying to break my account on that soom.cz. so i clicked on the "cancel request", deleted that mail and leave it alone.. but i cant believe, that some fool tryed to break my acc by THIS way.. or he expected, that when he input my nick, he will get my password immediately on the next refresh.. oh my got, i cant believe that. i'm laughing upon the image of noob, that is trying for now to break my password with brutus. i'm expecting him! :ninja:

You'd be surprised how stupid people are.

I have personal experience with tricking people out of their photobucket/myspace/insert-lame-social-networking-site-here. It's easy as fuck.

lesserlightsofheaven wrote: [quote]dancuc wrote: today, i've opened my email, and what am i see, "please confirm your request to change your password" it was from soom.cz but i know on 100%, that i didnt want this action in past.. so i know immediately, that someone is trying to break my account on that soom.cz. so i clicked on the "cancel request", deleted that mail and leave it alone.. but i cant believe, that some fool tryed to break my acc by THIS way.. or he expected, that when he input my nick, he will get my password immediately on the next refresh.. oh my got, i cant believe that. i'm laughing upon the image of noob, that is trying for now to break my password with brutus. i'm expecting him! :ninja:

You'd be surprised how stupid people are.

I have personal experience with tricking people out of their photobucket/myspace/insert-lame-social-networking-site-here. It's easy as fuck.

Yeah, I actually think it's kind of sad. Reason= When the elderly get on the computer they are very oblivious to what things are on the net. So people can SE them very easy and steal their identity/retirement money. Which really is fucked up in my opinion.

But I do find it funny when people get their myspace stolen. Other people just don't use logic to look how realistic an email adress or a website is. Which is their own stupidity and deserve to get messed with a little bit.

yes, if you readed my article about phishing, i'm trying with my script to get passes from users by way that is like this. but i dont have any big successes.

kaksii wrote: [quote]end3r wrote: see kaksii, that's why i think your a dick. you post random senseless things to get your post count up.

Why the fuck do I need to get my post count up. I am ranked 'God' and I can't make my rank higher than it is. And I don't care about my post count up.

Goodbye [/quote]

kaksii = noob :P

mr noob wrote: kaksii = noob :P

Shut up noob.

You dipshit… aouch. My tourette keyboard :D

Centezimus wrote: [quote]end3r wrote: see kaksii, that's why i think your a dick. you post random senseless things to get your post count up.

HAHAH, THE RANDOM FLAMER OWNED HIMSELF XD![/quote] Umm…wtf?

@kaksii, that's why you ARE a god, cuz you post random shit. and just a little sidenote, mr_noob has been here a hell of alot longer than you and from what i've seen of him is NOT a noob. you on the other hand…