Pedophiles of Sluthate AND Lookism (MRZ, Brian Peppers and many more!)

  • Thread starter Thread starter JU 199
  • Start date Start date
  • 🏰 The Fediverse is up. If you know, you know.
  • Want to keep track of this thread?
    Accounts can bookmark posts, watch threads for updates, and jump back to where you stopped reading.
    Create account

Which user is a bigger faggot?

  • @drz

  • Marijan Siklic

Results are only viewable after voting.
Frank Rizzo said:
Mrz chimped out like a mofo earlier today when we called him out on his "2EDGY4U" posts.

He's been banned and snuck back in several times, and he's now currently trying to hack the forum and, rather then, you know, trying to be sneaky about it, has loudly proclaimed "HEY GUIZE, I'M TOTES TRYING TO HACK UR FORUM! LOLZ!"
Click to expand...
Nara said:
Mrz is a TOT4LLY L3G1T L33T H4CK3R, and he's going to destroy the website or hack our accounts or something. To prove he's not bullshitting, I guess.
Click to expand...

Oh good. I always like it when people with no actually education or actual background on networks and security begin to make themselves out to be great hackers. Particularly the pedophiles, because they seem to get cocky, thinking they know everything about computers work because they read a few guides on how to try to download their child porn discreetly, and now they think they're hot shit who can do anything.
misterzee said:
I consider killing myself fairly regularly.
Click to expand...
Don't doubt your instincts, it's the right thing to do.
 
Nara said:
So you're saying you like us so much you're doing a free stress test of our forum? Do you think we won't ban you out of generosity or something?
Click to expand...

Well I could try to exploit it but I don't really necessarily have the motivation to go to the trouble of implementing attack code for it, especially seeing as it's kind of a hassle to do it from my secured operating environment as it really wasn't set up with doing arbitrary coding / running arbitrary programs in mind, so I dunno I probably won't exploit it, maybe I will just submit a ticket to xenforo and see what they have to say about it. I already ran the timing attack past a truly elite hacker friend and he said it's definitely exploitable at that location, the only question is will something else catch it or is it not actually doing what it looks like to me.

Frank Rizzo said:
Let's also not forget that so far, he's failing spectacularly at trying to hack the forum. I think that's what makes this even funnier.

"I ARE GUN HACK YOUR FORUMS! MWA HA HA HA! ......Um, shit, hang on, give me a minute...."
Click to expand...

Actually so far I think I've identified a vulnerability that will allow arbitrary session hijacking of users who check the remember me box when they login, seeing as IP validation is disabled, I just don't necessarily feel like writing exploit code for it.
 
Humanoid Email Address said:
Can anyone give me the Sparknotes version because I really don't want to read 20+ pages of a pedophile trying to act like he's some unstoppable hacking machine.
Click to expand...

You've actually pretty much summed it up right there.

misterzee said:
Actually so far I think I've identified a vulnerability that will allow arbitrary session hijacking of users who check the remember me box when they login, seeing as IP validation is disabled, I just don't necessarily feel like writing exploit code for it.
Click to expand...

Go ahead and hack me now.
 
misterzee said:
Well I could try to exploit it but I don't really necessarily have the motivation to go to the trouble of implementing attack code for it, especially seeing as it's kind of a hassle to do it from my secured operating environment as it really wasn't set up with doing arbitrary coding / running arbitrary programs in mind, so I dunno I probably won't exploit it, maybe I will just submit a ticket to xenforo and see what they have to say about it. I already ran the timing attack past a truly elite hacker friend and he said it's definitely exploitable at that location, the only question is will something else catch it or is it not actually doing what it looks like to me.
Click to expand...
So why do you think we care? Do you think we'll be grateful or something?
 
misterzee said:
Well I could try to exploit it but I don't really necessarily have the motivation to go to the trouble of implementing attack code for it, especially seeing as it's kind of a hassle to do it from my secured operating environment as it really wasn't set up with doing arbitrary coding / running arbitrary programs in mind, so I dunno I probably won't exploit it, maybe I will just submit a ticket to xenforo and see what they have to say about it. I already ran the timing attack past a truly elite hacker friend and he said it's definitely exploitable at that location, the only question is will something else catch it or is it not actually doing what it looks like to me.
Click to expand...

So, that's just your roundabout way of saying you epic failed in trying to hack the forum.

As long as we have that squared away...
 
misterzee said:
Well I could try to exploit it but I don't really necessarily have the motivation to go to the trouble of implementing attack code for it, especially seeing as it's kind of a hassle to do it from my secured operating environment as it really wasn't set up with doing arbitrary coding / running arbitrary programs in mind, so I dunno I probably won't exploit it, maybe I will just submit a ticket to xenforo and see what they have to say about it. I already ran the timing attack past a truly elite hacker friend and he said it's definitely exploitable at that location, the only question is will something else catch it or is it not actually doing what it looks like to me.
Click to expand...

a truly elite hacker friend
Click to expand...

You just unironically used the, "My dad works at Nintendo," excuse.

Also, nice terms you Googled there to make it sound like you knew shit.
 
Frank Rizzo said:
So, that's just your roundabout way of saying you epic failed in trying to hack the forum.

As long as we have that squared away...
Click to expand...

I'm pretty sure I identified an exploitable vulnerability, I just don't know that it's worth it to write exploit code for it. It pretty much just needs to spoof the user ID of a cookie to one of a user with a valid session and who checked the remember me box, and then brute force test the session ID thousands of times and take timing measurements, and then use the timing measurements to intelligently select characters in the session ID.
 
misterzee said:
I'm pretty sure I identified an exploitable vulnerability, I just don't know that it's worth it to write exploit code for it. It pretty much just needs to spoof the user ID of a cookie to one of a user with a valid session and who checked the remember me box, and then brute force test the session ID thousands of times and take timing measurements, and then use the timing measurements to intelligently select characters in the session ID.
Click to expand...
So, you don't have the time to write code, but you apparently have enough time to write dozens of posts bragging about how you could TOTALLY HACK US IF YOU WANTED TO.
 
Humanoid Email Address said:
You just unironically used the, "My dad works at Nintendo," excuse.

Also, nice terms you Googled there to make it sound like you knew shit.
Click to expand...

Well I knew about constant time comparison because once I implemented a program that used message authentication codes but I compared the MAC with a short circuiting == and a hacker friend told me I had to use a constant time comparison function when comparing against secret data.
 
misterzee said:
Well I knew about constant time comparison because once I implemented a program that used message authentication codes but I compared the MAC with a short circuiting == and a hacker friend told me I had to use a constant time comparison function when comparing against secret data.
Click to expand...
Which hacker friend. Is it the hacker friend, or the truly elite hacker friend?
 
misterzee said:
Well I knew about constant time comparison because once I implemented a program that used message authentication codes but I compared the MAC with a short circuiting == and a hacker friend told me I had to use a constant time comparison function when comparing against secret data.
Click to expand...
So you're shitty at programming, is what you're saying?
 
Nara said:
So you're shitty at programming, is what you're saying?
Click to expand...

At that time I certainly was, though apparently no more so than xenforo developers seeing as they are comparing user input against secret static information with a short circuiting comparison function. Hell I don't think I even knew about pbkdf2 etc back then, I would just hash the password once to make a key from it! That was many years ago now though.
 
misterzee said:
Well I knew about constant time comparison because once I implemented a program that used message authentication codes but I compared the MAC with a short circuiting == and a hacker friend told me I had to use a constant time comparison function when comparing against secret data.
Click to expand...

Incorrect, pedos have no friends.
 
You must log in or register to reply here.
Back
Top Bottom