Seriously, who registered on qamp's forum with there habbox username and password?
Frontpage of his site:
http://www.tehupload.com/uploads/528...aeb673qamp.png
Printable View
Seriously, who registered on qamp's forum with there habbox username and password?
Frontpage of his site:
http://www.tehupload.com/uploads/528...aeb673qamp.png
If this is real in my opinion who evers account this is should be fired staright away. Its completely stupid to register to his forum anyway never mind use same login.Quote:
Originally Posted by Jxhn
what are we lookin at? how do you know it was someone from hxf? i'm confused.
but lol if u did.
I knew it was one of them sites, especially with Qamp owning it. I did PM Professor-Alex this morning about it but he wasn't on, and I told MattGarner, guess they couldn't have done anything except remove links though.
It's the habbox admin panel with the emails blocked out (thanks to some photoshop wizard).Quote:
Originally Posted by buttons
He's logged into someone with administration on the Habbox site, so yeah that's likely to be someone from HxF. I'll admit I was fool enough to join the site but I used a different password because that's just what I do when I join a new place. Pic on site's changed btw
These pictures, I believe, are from when Qamp gained access to Immsensemans account back in September. They certainly aren't new.
*Removed*
Edited by Hayd93 (Forum Super Moderator): Please do not post inapropriately.
Is that new image supposed to show he deleted all the users? If so, he didn't he just searched for Mizki. Correct me if I'm wrong.
Even so, he does have the passwords of the few who signed up recently. One has already gotten himself safety banned, which is a good move really if anyone has used the same email/password/username etcQuote:
Originally Posted by Sammeth.
Arn't the passwords MD5'd?
You can edit the coding so they're not.
oh my oh my oh my.
But QAMP only had access to the admin panel, not ftp.Quote:
Originally Posted by Robbie!
If so then he probably made/installed a plugin to log passwords.Quote:
Originally Posted by Tom743
What relevance does that screenie have to people registering on his site though? That screenie of from when he accessed Jake's account and got onto the Admin panel - he couldn't see the passwords and didn't have FTP access to install any plugins or anything like that :P
That's what I was thinking :SQuote:
Originally Posted by Bomb-Head
How does this show they registered his forum?
I was presuming that the screenshots were from today, seeing as the site has been advertised on this forum today, and a Habbox manager/admin signed up on that site with their username and password they use for Habbox.
Then Qamp got the password for the user from the vBulletin on his site and signed in using that info, and he had edited the code on GoldNaruto to view the passwords un-MD5'd
:)
According to the new screenie, he has a shell on habbox, unless these are just old screenies.
When he got into the Admin Panel back in September he took quite a few by the looks of things, and now he is just putting up ones that he hasnt shown before. They aren't new, he hasn't gained access to anything today or since September for that matter.Quote:
Originally Posted by Jxhn
Aye, I remember viewing them and another with manager emails on *****. Nothing new as far as I can see.Quote:
Originally Posted by Sammeth.
Habbox Management (the poeple who would have admin on habbox) shouldn't use their password thats the same anywhere. Who got safety banned?Quote:
Originally Posted by FlyingJesus
How do you know that is new? :pQuote:
Originally Posted by Jxhn
Yeah. I am pretty sure that on joomla only super administrators can backup/download backups and I assuming jake wasn't super. Not one hundred percent though.Quote:
Originally Posted by Tom743
Yeah I know :p He said he had all the passwords but someone then said Joomla salts them aswell as MD5 like vbulletin does and he never mentioned it again.Quote:
Originally Posted by Bomb-Head
The admin control panel on Habbo is a passworded directory which qamp couldn't receive by getting someones salted MD5 hash so it must be old.Quote:
Originally Posted by Robbie!
Sorry for quoting loads of posts, I am in the mood to talk :O
We were discussing this yesterday (me and yonder), a good clue is look at the title of the habbox.com page in the tabs. That shows that this is an old screenshot.
No way that anyone has had shell access, none of the habbox domains have jail shell access and only 2 people hold the passwords to shell of which is never used as we use keys instead only one account is the wheelgroup and even so only one person actually uses shell. Our shell port number is also different to the default port number.
FTP is also out of the question.
This is a stock image from when immenseman's hotmail was reverted.
Habbo pics: ;] If you want a screenshot with me on habbo uk f.r me on
Bamitslouise!
http://i36.tinypic.com/idszdk.pngQuote:
Originally Posted by Jin
If he had a decent shell uploaded then he'd be able to get the database, not matter the account priviledges he has, depending on the php settings.
These are still old images being brought up. He hasn't hid his tabs well enough, and the fact he has even tried to hide tabs is just proof enough :P
haha crazy
These can't be recent since the admin panel requires a password to get to the login page, and only a few know that.
I think the even more foolish thing was posting it on HabboxForum, it put many more users at risk.Quote:
Originally Posted by FlyingJesus
This particular person you're on about who's been safety banned on here, unfortunately didn't get safety banned on another fansite and caused me and a few others a great deal of pain sorting his attack. It wasn't a good move at all as it took me to tell him.Quote:
Originally Posted by FlyingJesus
And the fact he uses AVG. That just ultimately displays what sort of script-kiddie you're up against.Quote:
Originally Posted by Sammeth.
lol This is all your fault anyway :PQuote:
Originally Posted by Immenseman
I removed the thread as soon as I realised what was up so hopefully not too many people signed up...
controversy follows me, not like i bring it on myself :8 :PQuote:
Originally Posted by Nereo
**** can't touch me.
His VB is nulled and modified to allow him to see all registeration info which he then uses to revert hotmails with/try on other forums.
Doubt he's installed a shell as he hasn't got any idea on how to make his own, he would be using a tutorial from *****/another skiddie site so there isn't much he can do :rolleyes:.
qamp has a website?
Qamp's vBulliten isn't legit, if you register he can see your password, it's nulled.
Nulled vbulletins don't encrypt passwords in MD5?Quote:
Originally Posted by Slowpoke
i'm the idiot, sorry.
Quote:
Originally Posted by Jin
As well as this - just for the record - I can tell that the screenshots are old due to what user names display under that filter in joomla under # ID's 1 - 10 etc. :) There is no need to worry here and the site is fully secure at the moment and futher precautions have been taken lately as well as precautions taken at the time of the incident in Sepember to ensure that the site is fully secure. There's no need to worry about the security of the site or its users at the moment.Quote:
Originally Posted by dollop
Thanks for putting our minds at rest Mr.OSH :)Quote:
Originally Posted by Mr.OSH
I think this thread should be closed now.
Good closing sentance Mayyte!
End of Thread.
It's too bad the media manager's broken :eusa_whisQuote:
Originally Posted by Jxhn
There is no shell, the screenshot is old, and if he had access to the admin panel he'd be causing havoc again ;) Plus we have a secured password directory which he wouldn't get the password to ;)