The X

**zonta** · 04-26-2010, 02:21 PM

Originally Posted by merwais

The X

How about:
The F
The U
The C
The K
The ?
Huh ?

TheX security is low as shit, scanned their site and found over 19 security holes lol
They should really work on that, all their site is public and they call it a secure tracker by adding some bullshit SSL to http browsing.

ignore SSL, first fix the main security holes for bbcode / .torrent file / .php xss etc... then add SSL.

Adding SSL won't help you if you have bunch of security holes.

Review these 2 files fully and fix all shits, if you are not a coder, hire one:

1st: bittorrent.php
2nd: global.php

**anon** · 04-26-2010, 02:43 PM

Originally Posted by merwais

TheX security is low as shit, scanned their site and found over 19 security holes lol

Then send them the specific details so that they can plug them. Some random comment about having "found 19 security holes" isn't very helpful.

**Ev0** · 04-26-2010, 03:19 PM

lol at there phpinfo.php for all to see

**merwais** · 04-26-2010, 03:36 PM

LoL,even Ev0 found a file which shows all their server specs and which addons installed on their server

anon-sbi, i don't think they hired me to fix security holes and in this world no one is spending his time for free

If you are good doing something, don't do it for free

it's my rule !

I already mentioned, their site is not secure, they should work harder and secure it.
some common security fixes can be found at tbdev.net

God Bless them

**Ev0** · 04-26-2010, 03:44 PM

I ran a vulnerability scan on there site and found a few things that made me LOL especially the phpinfo file

Also from what I remember of SCT there site was nearly all XHTML valid. Fuck knows what SEX (LOL) has done with that source but there are errors all over the place now.

Index.php = 68 errors
Browse.php = 32 errors
Forums.php = 68 errors
Staff.php = 50 errors
Userdetails.php = 131 errors

etc etc etc