Silk Road forums
Market => Product requests => Topic started by: Aphex on October 28, 2011, 04:48 am
-
I am looking for someone who knows how to exploit websites, If you are just going to waste my time saying you are hacker cause you run some penetration testing that I could do myself.
I am looking for someone who knows a lot about security, if you can't exploit all the btc sites that have been hacked then don't bother messaging me the point of this is to prevent all of these from reoccurring.
This isn't as much for the store front since it won't control btc movements it will merely watch them.
-
See what you're going to need is take some of their PHPs and inject some sequels into it but you don't want to get too many scripts in your java because it makes it taste bad.
Once you do that you will have access to the roots, and once you have the root, it's only a matter of time before you can take over the whole tree.
Finally, you'll want to upstream some data files into the ports to make sure they're nice and clogged. That way the antivirus can't get in to hash your sum checks.
-
trolololo is useful
-
What exactly do you want and how much are you offering? I'm pretty floored right now and didn't read much about your post so let me ask you this.
1) What site are you protecting, or is it multiple sites?
2) What hashing does it the site use? And please don't tell me it uses encryption for the passwords, hashing can be bad enough, encryption is just stupid and anyone who requires encryption is fail. Really no excuse for encryption unless you're (not meaning YOU, meaning as people in general) incapable of retaining information (retarded).
3) If you're looking to pay me then be very specific. We can chat in a more private manner if this is the case, if you're not skip to (6)
4) Why exactly do you want to protect this site? What's the purpose? I don't follow the BTC sites or anything along those lines, what sort of attacks are being done? Is it silly DDoS attacks or something trivial? Or is it actual hacking / cracking going on.
5) What type of scripting is generally being used with the site? Python? PHP? CSS?
6) So you're not going to offer anything for something that requires knowledge and skills that are rare? Good luck. I'll give ya some pointers and tips but I sure as hell won't put any effort or time into the matter unless I get something. Sounds bitchy, but, you know, that's life.
-
oinkfart sounds beta
-
What exactly do you want and how much are you offering? Well, I personally don't know what or how much a white hat costs these days but I don't expect people with skills to test some stuff for fun.
1) What site are you protecting, or is it multiple sites? Trying to find holes in the betas of a store front I am making as well a future developments.
2) What hashing does it the site use? And please don't tell me it uses encryption for the passwords, hashing can be bad enough, encryption is just stupid and anyone who requires encryption is fail. Really no excuse for encryption unless you're (not meaning YOU, meaning as people in general) incapable of retaining information (retarded).: This database will be accessible to who ever buys it and therefore full mysql access so I don't think not hashing passwords is an option cause what happens, when a vendor goes rogue and then checks the 2000 user names passwords on SR with the ones he sees in his database and steals their btc...
But in theory if you are never going to lose the data you won't need to encrypt it but I am trying to protect the buyers here as well. The passwords are salted and hashed on this site. These are ideal practices I would like to discuss for various situations since this could be for multiple sites and a security expert will be useful as well as give me piece of mind since I am such a naturally anxious person/careful what ever you want to call it.
3) If you're looking to pay me then be very specific. Yeah there would be compensation for your work I am just not sure what the going rate is that is up for discussion.
4) Why exactly do you want to protect this site? What's the purpose? I don't follow the BTC sites or anything along those lines, what sort of attacks are being done? Is it silly DDoS attacks or something trivial?
BTC related sites seem like a top notch candidate for hacking and providing the best web page and best security is what makes maybe a btc exchange or wallet or laundering reliable so the purpose is that being known for having secure and well made products in this market is important and that helps with the BTC and the uncertainty in the market as well as for the products sake.
No DDoS attempts that I am aware of and that isn't my concern. Just protecting peoples BTC.
5) What type of scripting is generally being used with the site? Python? PHP? CSS? MySQL/PHP/CSS/JS/JQuery
6) So you're not going to offer anything for something that requires knowledge and skills that are rare? As stated above I should have been more clear I was looking for quotes.
thanks for the response, message me if you are interested and we can talk more about this
-Aphex
-
Since when did a style sheet become a scripting language? (CSS)