(blog.smithsecurity.biz)

460 points wglb | 3 comments | 08 Aug 24 23:00 UTC | HN request time: 0s | source

Show context

chocolatkey ◴[09 Aug 24 04:17 UTC] No.41198724[source]▶

>>41197300 (OP) #

Here are the original posts themselves, probably more interesting to people here:

https://blog.smithsecurity.biz/hacking-the-scammers

https://blog.smithsecurity.biz/systematic-destruction-hackin...

replies(7): >>41198744 #>>41199228 #>>41199517 #>>41200164 #>>41203308 #>>41204088 #>>41205243 #

1. Ozzie_osman ◴[09 Aug 24 07:21 UTC] No.41199517[source]▶

>>41198724 #

Hilarious. Exposing an LFI to view things like /etc/passwd and server logs, and a SQL injection in a PHP stack... I prob wrote code like this, when I was a 15 year-old self-described "webmaster" in 2002.

replies(1): >>41199524 #

2. Ozzie_osman ◴[09 Aug 24 07:23 UTC] No.41199524[source]▶

>>41199517 (TP) #

Actually, I'm not that far off.

> The creator is a current computer science student in China who is using the skills he's learning to make a pretty penny on the side.

replies(2): >>41199578 #>>41203299 #

3. DrammBA ◴[09 Aug 24 17:22 UTC] No.41203732{3}[source]▶

>>41203299 #

At $200/user/month he's making more than 99% of highschool students and computer science students

↑

USPS text scammers duped his wife, so he hacked their operation