HDBits Bitmetv exploit

Printable View

Show 40 post(s) from this thread on one page

02-24-2007, 02:44 AM
iNSOMNiA

Re: HDBits Bitmetv exploit

Quote:

Originally Posted by crossfade

no they ip-banned valerio (xrevx is no admin, he's not even staff)

Quote:

Originally Posted by seppypom

he may have been banned, but two days ago he was an admin

Ah thanks seppy, i knew i was right...as always :P
next time double check your "infos" crossfade
02-24-2007, 04:23 AM
bytetorrent

Re: HDBits Bitmetv exploit

Quote:

Originally Posted by crossfade

Quote:

Originally Posted by Jaits

i m sure it is true...

when i hacked them a while back, i read their staff forums, and they were fighting against that other hd tracker (bit-hdtv)... and they were downloading movies from there to post them on their own tracker and also planning on how to take them out... back then bit-hdtv had security vunreabilities so they didnt have to use their users passwords (and i dont recall seeing any table that logged them in clear text).. they just hacked them and logged in as them... its not hard though to modify the login script to store the plaintext password as well...

omg are they that easy to hack or what? you'd think private BT sites care about security...

how ?? RFI/LFI ,SQL INJECTION or XSS?? :naughty:
02-24-2007, 05:55 AM
Sentient

Re: HDBits Bitmetv exploit

a bitmetv admin presented the following two lines of what is presumably an IRC log as "proof."

10.10.29 [user] THEN WHY THE F**K WAS MY PASSKEY BEING USED ON UR F**KING RSS FEED
10.10.29 » (Valerio) why do you care? it would've been unnoticible if i had moved the thing before i changed it :S
02-24-2007, 09:02 AM
crossfade

Re: HDBits Bitmetv exploit

Quote:

Originally Posted by iNSOMNiA

Quote:

Originally Posted by seppypom

he may have been banned, but two days ago he was an admin

Ah thanks seppy, i knew i was right...as always :P
next time double check your "infos" crossfade

where am i wrong?
valerio, who always was hdbits admin, was banned at bmtv
xrevx is just a hdbits vip
02-24-2007, 09:03 AM
bananaca

Re: HDBits Bitmetv exploit

I was a member of that site but my account is probably already disabled due to inactivity. :P
02-28-2007, 01:31 PM
Texan

Re: HDBits Bitmetv exploit

So what happened finally ?
02-28-2007, 01:45 PM
Ne'tu

Re: HDBits Bitmetv exploit

Really nothing interesting.
02-28-2007, 03:45 PM
fit4trading

Re: HDBits Bitmetv exploit

Ahh the pathetic mods... Running here and there all day trying to be a little more elite than others and all they end up with is getting disabled (or fighting bitterly)... What a pathetic life... Its sad to see that the private tracker community has such bitter feelings towards each other. The average user still enjoys... :D
02-28-2007, 04:04 PM
kalpesh

Re: HDBits Bitmetv exploit

By Hdbits
In response to the random claim that we know all your passwords and can/will use them on bitmetv if you have the same password there, I would like to point out that the only trace of your password stored in the database is your passhash.
This is a 128bit md5 hash of your password and a 20 character long random string.
For those of you who that makes no sense to, it means all that is stored is something like 1055d3e698d289f2af8663725127bd4b....which cannot be reversed back into your password.
02-28-2007, 05:10 PM
shalako

Re: HDBits Bitmetv exploit

Quote:

Originally Posted by kalpesh

By Hdbits
For those of you who that makes no sense to, it means all that is stored is something like 1055d3e698d289f2af8663725127bd4b....which cannot be reversed back into your password.

That's not exactly true. they can be reversed.

Show 40 post(s) from this thread on one page