This is an archived post. You won't be able to vote or comment.

all 52 comments

[–]wombosio 3 points4 points  (1 child)

great post!

[–]Boosie5150 9 points10 points  (0 children)

It was very informing, I am happy he brought this to my attention as I am taking all possible actions to relinquish any doubts anyone in the safety of tis operation.

[–]Boosie5150 3 points4 points  (10 children)

None of these other clearnet sites, are me, I am more than sure of it. Feel free to add them as much as you want and put on blast any of their personal information as none of them are related to me in anyway.

All of my product pictures do not have any personal information revealing my personal appearance on them as you can all verify, as well as no geo data or anything else linking them to any other doxable data. The only reason the BHO picture out of all my other product pictures reveals the persons hand, is because it was sent from a customer with minimal revealing physical appearance besides his possible race as white and that there is a brown roof above him! I removed all geo data/doxable info and decided to just leave it as it is not linking any personal information to them.

NONE, of these clearnet sites are me as well. It is purely coincidence that a sequence of words and numbers the rapper Lil Boosie used in various songs were adopted by random fans around the USA. I have no idea how this source code was released over 6 months ago, but I have taken every security precaution and improvement to our security ensuring that there is no one else with possible access to my account and never has over the last few months. It's also notable that no withdraw addresses or other listings/wallet information were edited. noticed anything being updated on my account. All customers should have no concern over the safety of their addresses being leaked or saved, there was as single address that was UNENENCRYPTED, and he has been contacted to warn him of the situation, which will be bothing to worry bait.

I have been completely complaint with the user that has contacted me informing me of the slight breach and am very appreciative of him bringing this to my attention, ever since being notified I have dedicated all my time to get to the bottom of this and to try and get the pastebin removed and ensure that no other leak of this sort ever happens again in the future.

I really am taking this leak seriously and have always taken my OPSEC seriously. I do not download any programs onto my business computer,never login to wallets over Tor, and take all the proper OSPEC steps that a vendor with a responsibility like mine has for the safety of my customers.

Also the programmer that OP is referring to is a very close friend, someone who believes more for the cause of what I'm doing than the financial benefit he receives. I can guarantee any possible intrusions that could have been made were not due to him as he understand the seriousness of what is posted publicly online and has ensured me that he did not make any public posts to pastebin and would never put our source out there.

Please feel free to contact me with any questions or concerns anyone may have. I am taking this very seriously and am eager to try and ease any concerns people may have, I am taking this just as

I really do not feel anyone is at risk that has always PGD'd their addresses, and I also have already contacted the user that did not ENCRYPT their leaked address to let him know what has happened.

[–]reekleek 0 points1 point  (0 children)

Dont worry man some of these people are just slightly retarded and just want to rag on a vendor, probably none of them have put any btc in your wallet either

[–]jerzze18 0 points1 point  (1 child)

just by the way this guy types, we should all know he isn't the guy in that pic.

[–]reekleek -1 points0 points  (0 children)

Yeah forreal haha unless he made a huge turn around when he became a vendor

[–][deleted] 1 point2 points  (0 children)

Alright, so if I read it correctly, you searched through source, found some information, dug a little, doxed, and then proceeded to post his information on here?

[–]Theeconomist1 1 point2 points  (2 children)

So I'm guessing the program that the friend wrote does screen scrapping. When was this program written? Was it around the time that this HTML source was captured? I'd imagine his program does the parsing in-memory as there is very little reason to save it to file, then reload into memory to scrape. However, I can totally imagine that the programmer when first writing and testing his program saved the HTML as a source file to build the logic of the parser around - that way he's not actually accessing the live site while testing hte parser which would be a pain the ass - much quicker to just load from local filesystem while writing up the logic, then when its done, switch it over to load from the site.

OR, worse yet, the program written RELIES on the HTML page being saved as a file. This is the much easier way to write the program. Otherwise, if the program were to actually load the page live, the program would need to have logic to do the login, the screen captchas, the whole 9 yards. The whole point of catpchas is to avoid programs from logging in.

So my suspicion is that this program relies on the use of the HTML page being saved to a file, then this program is run, loads the file up, and does it parsing, which saves to yet another file, the CSV file.

Pure speculation. Hopefully these files are saved in Tails and at least encrypted!!! I don't know anything at all about hte vendor, so everything I say should be taken in context with his reputation. This is just my guess from a technical perspective. Whether or not this is the source of the leak, I have no clue. But it could fit. Is it possible that the source files were not deleted or secured and accidentally got out there? Also, I'm not familiar enough with Agora, so I don't know if this page is even the same page as the one that parses the orders. I'm guessing so if it contains addresses and such.

[–]impost_r[S] 0 points1 point  (1 child)

The programmer friend thing was 3 months ago so it's another issue unrelated to the pastebin.

Your concerns are legit though, and looking at the pgp key header it looks like it was generated using Windows: http://en.wikipedia.org/wiki/MinGW

[–]Theeconomist1 0 points1 point  (0 children)

Gotcha, that makes sense. Yeah, I understand the desire to automate the process but the vendor has got to be careful b/c I'm am betting that the way the parsing works is that it requires a "Save As..." on the browser. I doubt that the script would handle the actual logging in, navigating to orders programmatically, and then pulling the list that way. They'd need to defeat the captcha, which isn't impossible but its impractical for these purposes. I suppose its okay to do the saves and then parse from there as long as vendor is careful. Its definitely possible to do safely, but having saved HTML pages that are recoverable is not good.

Like I said, my comments should be taken in the context of hte vendor's rep. If vendor is known to be very careful, then a competent vendor can handle doing it this way.

[–]TheAnonProgrammer 1 point2 points  (2 children)

I am the programmer working for "Boosie5150", I am posting this to clean up the mess that paste has made.

When I started working on the application I created my own account on agora to make the program log in to the site. At this point it connected to agora beta through tor just like tor browser, got the login page and captcha and showed it to user so he could type it in. And here came the problem, I had no orders on my account so I couldn't make the application grab the orders, this is when I directed boosie to give me source of agora orders page via pastebin. It never was intentional to leak this thing to the internet. We sorted that problem later and nothing more was posted on pastebin.

I also want to add that this application is even more secure than Tor Browser, it only parses the code, no javascript will be ever executed by accident. No html is saved to HDD, only csv is exported when user needs it, rest is done in memory - decrypting, parsing etc.

His account was never compromised nor hacked.

[–]impost_r[S] 0 points1 point  (1 child)

Boosie said that stuff was 3 months ago, he also said he was positive he never posted that pastebin, he also asked you during my conversation with him and you were pretty damn sure it didn't have anything to do with your program.

[–]TheAnonProgrammer 0 points1 point  (0 children)

Because when he asked me about it I thought it was posted recently, I didn't look at the date of paste.

I've also checked last modification date of source files (those for starting Tor process) which I haven't needed to modify since I started writing application and they match.

http://oi62.tinypic.com/14o14t4.jpg

If someone actually gained access (did not happen) to his account he wouldn't post source of vendor page, because it doesn't make any sense.

[–]Boosie5150 0 points1 point  (2 children)

I would also never has a selfie as a profile picture. Maybe it was a mistake to make my profile name a common username for various sites as this could've been for forseen problem.

[–]durgsrbad 0 points1 point  (3 children)

I can't fathom the quantity and size of the bricks Ol' Boosie is shitting now.

[–]Boosie5150 3 points4 points  (1 child)

None of them me :( !!! It's definitely tarnishing my business reputation now because of the loss in faith in my company's security, but that is just something i will have to prove over time that my security is tp qualiy

Sucks because my true identity is still completely anonymous, as opposed to all the hypothesis'f of who I maybe, and the only possibly way I could actually lose my anonymous as a DNM vendor is from being arrested.

[–]durgsrbad 0 points1 point  (0 children)

Aye, don't know what's happened, but I feel you. Bit of thinking and work ahead of you, but you've been a stand-up guy around here and the markets, and hopefully that will pay off in the future. Good luck.

[–]drpnit 0 points1 point  (0 children)

Could someone with an understanding of coding and what the OP did please ELI5? This seems incredibly important.

[–]s3an112 0 points1 point  (1 child)

I can vouch that none of the information posted is sufficient just because somone else leaked HALF A PAGE OF 7 MONTHS ORDERS doesn't mean he's an incompetent vendor.

[–]Theeconomist1 1 point2 points  (0 children)

Agreed. Mistakes happen. I don't know the vendor at all although I've seen his name pop up here from time to time. From reading the messages, it sounds like he is a good vendor. If he's cleaning it up, he should be okay. But yet another reminder we should all PGP addresses! After all the supposed lessons learned, I don't get why customers don't fucking PGP their addresses. Its not that hard.

[–]attilathehunn 0 points1 point  (0 children)

This post shows why dark net markets should offer up features where vendors can quickly and easily collect addresses and details.

It must be pretty annoying to copypaste and maybe decrypt hundreds of times to get the addresses. It seems natural to want to automate this.

So markets, make a 'click to download CVS file' button.

reddit gold

In Summation

Want to say thanks to %(recipient)s for this comment? Give them a month of reddit gold.

By purchasing Reddit Gold, you agree to the Reddit User Agreement.

  • make my gift anonymous
  • include a message

Please select a payment method.

Give gold often? Consider buying creddits to use, they're 40% cheaper if purchased in a set of 12.

Would you like to learn more about giving gold?