Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  nodelist  faq  login

That's what she said.


rocksolid / Security / hacked my first site... not sure what to do

SubjectAuthor
* hacked my first site... not sure what to doAnonymous
+- Re: hacked my first site... not sure what to doAnonymous
+- Re: hacked my first site... not sure what to doAnonymous
`- Re: hacked my first site... not sure what to doAnonymous

1
Subject: hacked my first site... not sure what to do
From: Anonymous
Newsgroups: rocksolid.shared.security
Organization: Rocksolid Light
Date: Tue, 5 Oct 2021 12:23 UTC
Path: rocksolid2!.POSTED.localhost!not-for-mail
From: Anonym...@news.novabbs.org (Anonymous)
Newsgroups: rocksolid.shared.security
Subject: hacked my first site... not sure what to do
Date: Tue, 5 Oct 2021 12:23:00 +0000
Organization: Rocksolid Light
Message-ID: <55ad3c00844d616b8dd0c2486bdae5b5@news.novabbs.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Info: novabbs.org; posting-account="retrobbs1"; posting-host="localhost:127.0.0.1";
logging-data="24665"; mail-complaints-to="usenet@novabbs.org"
User-Agent: Rocksolid Light (www.novabbs.com/getrslight)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on novabbs.org
X-Spam-Level: **
X-Rslight-Site: $2y$10$elKEfv0oN7cnUTRqsS5A/ulVX8lJfhFycQKr/p3zdRda6ERPVYiZK
View all headers
I've managed to dump my first database in the real world with more than 100,000 user details. The database contains first names, last names, address, mobile, email and password hashes. I'm not sure what to do with this, where to sell it and how much I should charge for that kind of info per user.
--
Posted on Rocksolid Light


Subject: Re: hacked my first site... not sure what to do
From: Anonymous
Newsgroups: rocksolid.shared.security
Organization: novaBBS
Date: Wed, 6 Oct 2021 08:25 UTC
References: 1
Date: Wed, 6 Oct 2021 08:25:59 +0000
Subject: Re: hacked my first site... not sure what to do
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on novabbs.com
X-Spam-Level: **
From: Anonym...@news.novabbs.com (Anonymous)
Newsgroups: rocksolid.shared.security
X-Rslight-Site: $2y$10$TGBoldwUGrqILRQgQWwB1.PARqtjVQZHDt1ZPg55bWY7gZQdVCrYK
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
User-Agent: Rocksolid Light (www.novabbs.com/getrslight)
References: <55ad3c00844d616b8dd0c2486bdae5b5@news.novabbs.org>
Organization: novaBBS
Message-ID: <307659bf19000e4c006169ecdc0a4fc9@news.novabbs.com>
View all headers
Anonymous wrote:

I've managed to dump my first database in the real world with more than 100,000 user details. The database contains first names, last names, address, mobile, email and password hashes. I'm not sure what to do with this, where to sell it and how much I should charge for that kind of info per user.

I guess it depends on who these users are. Without passwords it's not real useful. Maybe it's better to let the site know so they can fix their leak and make yourself feel like you did something positive.
--
Posted on novaBBS



Subject: Re: hacked my first site... not sure what to do
From: Anonymous
Newsgroups: rocksolid.shared.security
Organization: Rocksolid Light
Date: Thu, 10 Mar 2022 04:07 UTC
References: 1
Path: i2pn2.org!.POSTED.novabbs-org!not-for-mail
From: Anonym...@news.novabbs.org (Anonymous)
Newsgroups: rocksolid.shared.security
Subject: Re: hacked my first site... not sure what to do
Date: Thu, 10 Mar 2022 04:07:14 +0000
Organization: Rocksolid Light
Message-ID: <7550ec6b4783b6e9737a318ecf410693@news.novabbs.org>
References: <55ad3c00844d616b8dd0c2486bdae5b5@news.novabbs.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Info: i2pn2.org; posting-account="novabbs.org"; posting-host="novabbs-org:10.136.143.187";
logging-data="29489"; mail-complaints-to="usenet@i2pn2.org"
User-Agent: Rocksolid Light (www.novabbs.com/getrslight)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on novabbs.org
X-Rslight-Site: $2y$10$9NL/fY533XUcZWG0LJfgRe3/Sb9VaRzslgizOvSDQTBpB0ObfBoAa
X-Rslight-Posting-User: 5414c3f4fcc20779b8b3cdcf22974d366d4b20fe
View all headers
just inform the site owner of the vulnerability so that you don't  go to jail

--
Posted on Rocksolid Light


Subject: Re: hacked my first site... not sure what to do
From: Anonymous
Newsgroups: rocksolid.shared.security
Organization: Rocksolid Light
Date: Fri, 11 Mar 2022 22:46 UTC
References: 1
Path: i2pn2.org!.POSTED.novabbs-org!not-for-mail
From: Anonym...@news.novabbs.org (Anonymous)
Newsgroups: rocksolid.shared.security
Subject: Re: hacked my first site... not sure what to do
Date: Fri, 11 Mar 2022 22:46:58 +0000
Organization: Rocksolid Light
Message-ID: <49825c73bde05c93ecf42b75b514ebe5@news.novabbs.org>
References: <55ad3c00844d616b8dd0c2486bdae5b5@news.novabbs.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Info: i2pn2.org; posting-account="novabbs.org"; posting-host="novabbs-org:10.136.143.187";
logging-data="1574"; mail-complaints-to="usenet@i2pn2.org"
User-Agent: Rocksolid Light (www.novabbs.com/getrslight)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on novabbs.org
X-Rslight-Site: $2y$10$SLj40z2k8VZVAkvXg2F49O3sygTi/mO67sdhfqOArGHxam3lCUMey
X-Rslight-Posting-User: 5414c3f4fcc20779b8b3cdcf22974d366d4b20fe
View all headers
Maybe it's better to let the site know so they can fix their leak and make yourself feel like you did something positive.
This or post all the data for free somewhere and watch the resulting shitshow

--
Posted on Rocksolid Light


1
rocksolid light 0.7.2
clearneti2ptor