2018-03-05, 07:22 PM
2018-03-09, 11:14 AM
(2018-03-05, 07:43 PM)Lunorian Wrote: [ -> ]Why would anyone want to support your possibly illegal hacking forum for free? Make it worth their while.
For starters, Luxor Forums has NEVER hosted any illegal hacking activity on the website.
(Yes, Hack Rally was the former name, but even under the old name, it still did NOT host any illegal activity)
I do not know where you are getting this information from, but it's obvious that you have not visited my website.
If you had visited my website, it would have been very clear to anyone that I do not host any illegal hacking or blackhat activity on my website.
Please refrain from making statements such as this without having strong proof.
(2018-03-05, 07:43 PM)Lunorian Wrote: [ -> ]Be careful Serpius and I have a history, he will claim anyone who disagrees with him that you're harassing him.
I do not know what you are talking about.
I never harassed you, Lunorian.
In fact, I used your theme (dark) for many months until a new theme was done for Luxor Forums.
I even visited your website many times as well and I enjoyed my visits there as well.
2018-03-09, 05:34 PM
"I never harassed you, Lunorian." - Never said you did - way back when I ran a forum you accused Demon of harassing you for calling you out. Unwanted attention !== harassment
"In fact, I used your theme (dark) for many months until a new theme was done for Luxor Forums. " - It's an open source theme I couldn't care less who uses it and what for - I released as a meme but maintained after it got a few 100 downloads - didn't think anyone would like it.
"I even visited your website many times as well and I enjoyed my visits there as well." I'm glad you enjoyed something I made.
"If you had visited my website, it would have been very clear to anyone that I do not host any illegal hacking or blackhat activity on my website."
See: https://luxorforums.com/Thread-MyBB-My-A...-Scripting public disclosure of a security issue is highly unethical hacking.
Please refrain from making statements such as this without having strong proof.
See: ^^^
"In fact, I used your theme (dark) for many months until a new theme was done for Luxor Forums. " - It's an open source theme I couldn't care less who uses it and what for - I released as a meme but maintained after it got a few 100 downloads - didn't think anyone would like it.
"I even visited your website many times as well and I enjoyed my visits there as well." I'm glad you enjoyed something I made.
"If you had visited my website, it would have been very clear to anyone that I do not host any illegal hacking or blackhat activity on my website."
See: https://luxorforums.com/Thread-MyBB-My-A...-Scripting public disclosure of a security issue is highly unethical hacking.
Please refrain from making statements such as this without having strong proof.
See: ^^^
2018-03-10, 11:38 AM
This has gone far enough. Serpius, while you may disagree with vbgamer45's business practices, nobody is compelling you or others to use his plugin, he is not extorting money from you or others. If people wish to pay to have him fix issues then that is their choice.
There's no need to start resorting to insults, on either side here.
There's no need to start resorting to insults, on either side here.
2018-03-11, 11:39 PM
(2018-03-09, 05:34 PM)Lunorian Wrote: [ -> ]"If you had visited my website, it would have been very clear to anyone that I do not host any illegal hacking or blackhat activity on my website."
See: https://luxorforums.com/Thread-MyBB-My-A...-Scripting public disclosure of a security issue is highly unethical hacking.
You're joking right...? I guess that's why there are many of sites for security researchers to submit their findings to like Exploit-DB.com to make vulnerabilities public rather keeping them unknown...
I also contacted the author of the plugin about it & let him come out with a fix before I ever made public. So, yea... guess I'm "unethical" along with all the others who've helped out MyBB by finding vulns and reporting them...
2018-03-12, 12:05 AM
(2018-03-09, 05:34 PM)Lunorian Wrote: [ -> ]"If you had visited my website, it would have been very clear to anyone that I do not host any illegal hacking or blackhat activity on my website."
See: https://luxorforums.com/Thread-MyBB-My-A...-Scripting public disclosure of a security issue is highly unethical hacking.
Please refrain from making statements such as this without having strong proof.
See: ^^^
As 0xB9 has alluded to, the thread that you mentioned is directly related to the VULNERABILITY of the My Arcade plugin.
0xB9 found this vulnerability on the My Arcade plugin that I had installed on my website, which basically gave a 'back door' to the hackers who could have potentially done a lot of damage not only to my website but all of the other websites that were using the My Arcade plugin.
Had you taken the time to even click on the exploit-db.com in that thread, you would have seen that the author did indeed fix the issue and if you look at the timestamp of that post on my website, it was done AFTER the author fixed the plugin.
Also, the same author also posted the update of My Arcade as shown HERE.
So... before you start making false public proclamations against another person and/or website, DO YOUR RESEARCH FIRST!!
2018-03-12, 02:16 PM
(2018-03-12, 12:05 AM)Serpius Wrote: [ -> ](2018-03-09, 05:34 PM)Lunorian Wrote: [ -> ]"If you had visited my website, it would have been very clear to anyone that I do not host any illegal hacking or blackhat activity on my website."
See: https://luxorforums.com/Thread-MyBB-My-A...-Scripting public disclosure of a security issue is highly unethical hacking.
Please refrain from making statements such as this without having strong proof.
See: ^^^
As 0xB9 has alluded to, the thread that you mentioned is directly related to the VULNERABILITY of the My Arcade plugin.
0xB9 found this vulnerability on the My Arcade plugin that I had installed on my website, which basically gave a 'back door' to the hackers who could have potentially done a lot of damage not only to my website but all of the other websites that were using the My Arcade plugin.
Had you taken the time to even click on the exploit-db.com in that thread, you would have seen that the author did indeed fix the issue and if you look at the timestamp of that post on my website, it was done AFTER the author fixed the plugin.
Also, the same author also posted the update of My Arcade as shown HERE.
So... before you start making false public proclamations against another person and/or website, DO YOUR RESEARCH FIRST!!
The thing is you gave more exposure to a vulnerability. Quietly report it and move on, abandoned forums with the plugin are now at risk of having their databases leaked. There's no reason you had to publicly disclose the details.
2018-03-12, 03:50 PM
(2018-03-12, 02:16 PM)Lunorian Wrote: [ -> ]The thing is you gave more exposure to a vulnerability.I sure did, nothing blackhat nor illegal about it like you claim. I think you're forgetting this is an open-sourced project, expect vulnerabilities to be open-sourced too.
(2018-03-12, 02:16 PM)Lunorian Wrote: [ -> ]abandoned forums with the plugin are now at risk of having their databases leaked.Sure, but that's not my fault they aren't active on their forum... that's called responsibility. I went as far as using Google dorks to find around 10 forums using the plugin and contacted them telling them to update the plugin before I submitted it to Exploit-DB. I didn't have to do that, but I did to help the MyBB community. I highly doubt many people who've found vulns do the same...
(2018-03-12, 02:16 PM)Lunorian Wrote: [ -> ]There's no reason you had to publicly disclose the details.Well if it's not known to the public.. the public won't know the plugin is vulnerable. Why do you think CVE IDs are a thing?? Also little do you know, you can use exploits you've found for a job resume and submitting them helps prove who found it.
You're making it pretty clear you know very little about me or security researching, so please don't accuse me of blackhat/illegal activities when I've done nothing but help.
2018-03-12, 04:33 PM
--- please refrain from discussing off-topic issues on this public open forum ---
2018-10-13, 06:08 PM
Update 5.0
+Curl support improved for https feeds
+Added support for https feeds when using the fsockopen method
+Curl support improved for https feeds
+Added support for https feeds when using the fsockopen method