Why New Trackers Are Worthless And More Importantly Dangerous

[Duckater]

Guys i have been reading this thread carefully and although i agree with some of the statements i have to also disagree with some

Since owning a new tracker , i won't say what site as accused of promoting it , but when i decided it was with caution , i checked out what scripts where secure or had a good rep

I went with xbtit - my coder is on xbtit dev team , my staff are from good sites , one is Loaded , i am sure you guys know of him ?

I wrote down the pros and cons

It took a hell of a lot of researching before hand , even deciding what host to use etc

We have xbtit script and a cent 5 vps running linux using xbt backend , it has been tested to death against sql injections too - someone joked tbdev is better ha ha , not even going there

So why did we start one , easy no one does what we do just 1 topic , most sites are a mixture of things so someone had to and no we are not a music site , there is heaps of them

If it wasnt for the fact no one has what we do i would never have opened one , it is a loss from day 1 , it will take years for it to support itself financially , you will always run at a loss as no site unless thousands of members will cover it's costs in running it

Plus if you don't have a good staff or team behind you , you will fail , you need a damn good php coder, sysop , forum mods etc , without these don't even attempt to try it , you will be always updating your code , making new hacks or modifying them as your site grows , so if you are thinking about it , talk to other owners first , research what is needed , don't just do one everyone else is doing make it unique if you can , and above all do your research first

Apart from that some nice comments for and against , will keep reading replys

Not all sites are a loss and good to see some else with a new tracker that spent a long time researching and testing
Not all new sites run at a loss I know sites that have opened and only cost to them has been 1st month of server and some seed box expensises, but I think on a new site the owners get as many benefits from the seed box cost as the site does
Staff are very important part of every site and a minimum staff team that are all experienced is a real must for a site, the other thing it is also very important to know these staff well so you know their strengths. It is def good to find a niche in the market that is not either covered at all or has limited cover but with this 0day stuff can be mixed in to keep the lotal members on the site so they do not need to use many other sites to get this stuff

[cuds]

good points duckater - then again easiest answer to this thread is each to his own lmao

[danio]

what happened to the wise-guy 1080p?

[cuds]

lmao danio thats why i waited , not sure maybe someone got fed up with them or banned as was asking for invites in wrong place or a rule break , i don't think he got banned for nothing ?

[danio]

lmao danio thats why i waited , not sure maybe someone got fed up with them or banned as was asking for invites in wrong place or a rule break , i don't think he got banned for nothing ?

i'd bet my money on dupe fst account

[kooftspc11]

ive seen alot of trackers drunk driving....its dangerous

everybody put on your seatbelts and watch out!!

[forthat]

You can tell how secure a tracker is from their HTML code ?

well mate that what he was trying to say ..........
normally source code is not visible to secret tracker or top secured trackers...when u do right click and try to see the source code........this the part of the coder work to make it safe..........
source code is not the only one which makes the site secure.....

Damn 1080p! lol, I have to say again that I totally agree with you, but I was wondering how can you determine a site is well coded by only seeing at its html code?

You can't see the source code by right clicking a site, can you ???

Edit: I've just read some replies, but I'm still not convinced. You can really tell a site is not safe by looking at the html code (right click > view source) ?

this is what 1080p is trying to tell for top trackers or secret ones u normally can't see the source code......
it seems u have tried for the tracker where u find nothing or something that was not related to the site......

this where we can judge the coder capabilities of that site.......

while agree with you post in general, this quote is completly wrong and makes me wonder if you know anything about programming...

I should point out that while no back end code is present, you can actually test whether a site is secure by analysing, then modifying, some elements of HTML.

I use a FireFox utility called hackbar, that allows me to modify the query string of, and reload, an HTML page. This means that I can detect if the code is secure.

An example of an old forum bug (hopefully sealed by now), is the quote bug, where you quote a message, which gives you an edit window. On the bugged version of TBS forums, you could modify the 'postid', and it would reload the specific post, and the 10 preceding posts of that thread. There were no checks to ensure that you had access to that specific thread.

Another way to determine if a site is secure is to play with the POST values, and see if you can access restricted areas.

Finally, cookies allow another entry into an insecure system.

Needless to say, a secure system will bounce you out if it detects that you are trying to access a restricted area. A secure system will also deal with SQL injection (which is achieved via HTML). A really secure system will also bounce malicious javascript.

You'd be surprised at how many systems I have been able to compromise, with just a simple bit of HTML modifying. Thankfully, most owners took on board my suggestions, and hardened their sites.

coder are not just a uploader or staff of a site i want u to mention this .......they are doing very hard work to keep a site secure form public....

coder are smarter.....u r using tredational method to see the source code.......coder's have by-passed that tools..........

they best way to see the source code is sniff the packets that are incoming to u the port of u r browser.......then re-encode they to ANSCi-II then u have built the sourse code............this can be done only when u have clear idea about the re-encode because all the sniffed packets are in the binary that makes u mad !!!


i read all the post that are here.........


all are talking about security .....these are trackers they are not bank's .....to run pix firewall in the router's or to have a firewall's in the routers...
to get a seured port in the firewall budget wil blowout

what do u think of the too keep ssl that makes the coder's,admin's how much work they are doing ........i respect the coder who are behind the top tracker ......

i am in not in any top trakcer but some how i try know the url of those....and when i try to see the sourse code.....they i came to know why try are top trakcer's.......

i respect the coder of the F**and F*** ... they are real genius ........

[Nemrod]

I should point out that while no back end code is present, you can actually test whether a site is secure by analysing, then modifying, some elements of HTML.

I use a FireFox utility called hackbar, that allows me to modify the query string of, and reload, an HTML page. This means that I can detect if the code is secure.

An example of an old forum bug (hopefully sealed by now), is the quote bug, where you quote a message, which gives you an edit window. On the bugged version of TBS forums, you could modify the 'postid', and it would reload the specific post, and the 10 preceding posts of that thread. There were no checks to ensure that you had access to that specific thread.

Another way to determine if a site is secure is to play with the POST values, and see if you can access restricted areas.

Finally, cookies allow another entry into an insecure system.

Needless to say, a secure system will bounce you out if it detects that you are trying to access a restricted area. A secure system will also deal with SQL injection (which is achieved via HTML). A really secure system will also bounce malicious javascript.

You'd be surprised at how many systems I have been able to compromise, with just a simple bit of HTML modifying. Thankfully, most owners took on board my suggestions, and hardened their sites.

coder are not just a uploader or staff of a site i want u to mention this .......they are doing very hard work to keep a site secure form public....

coder are smarter.....u r using tredational method to see the source code.......coder's have by-passed that tools..........

they best way to see the source code is sniff the packets that are incoming to u the port of u r browser.......then re-encode they to ANSCi-II then u have built the sourse code............this can be done only when u have clear idea about the re-encode because all the sniffed packets are in the binary that makes u mad !!!


i read all the post that are here.........


all are talking about security .....these are trackers they are not bank's .....to run pix firewall in the router's or to have a firewall's in the routers...
to get a seured port in the firewall budget wil blowout

what do u think of the too keep ssl that makes the coder's,admin's how much work they are doing ........i respect the coder who are behind the top tracker ......

i am in not in any top trakcer but some how i try know the url of those....and when i try to see the sourse code.....they i came to know why try are top trakcer's.......

i respect the coder of the F**and F*** ... they are real genius ........

Good opportunity to practice what you´re telling.

[forthat]

Good opportunity to practice what you´re telling.

where we can built a addon the displays the source code...but it is simple .......to write some script and insert in the mozilla....


i want to tougher so i went to the bit re-encode which is like a practice for me in real world..