[quote author=xwpopper link=topic=9139.msg73218#msg73218 date=1226300454]
Plunderhere now allows any guest to view any forum member's IP address.
http://www.plunderhere.com/forums/showth...hp?t=11975
And I thought the non protected "bbclone" script on all of Ray's sites (bidhopper, AQ, aSs) was bad.
IP Addresses are considered Personally Identifiable Information, Mark. A hacker with half a brain and a basic understanding of local IP addresses can take his pick of thousands you openly expose, and remotely access and attack any computer that doesn't have the protection from his attack. Way to secure the site, moron. I guess your "tech guys" and moderators really are smarty pants now for letting you do this.
[/quote]
Map of the PlunderStars courtesy of Plunderhere owner Mark Taylor's total disregard for the security of his usersÂ
Mark "Superdeals" Taylor, Plunderhere owner:
IP: 60.52.80.234
also: 60.52.21.25, 60.52.53.171
IP address:Â Â Â Â Â Â Â Â Â Â Â 60.52.80.234
Reverse DNS:Â Â Â Â Â Â Â Â Â Â 52.60.in-addr.arpa.tm.net.my.
Reverse DNS authenticity:Â Â Â Â [Could be forged: hostname 52.60.in-addr.arpa.tm.net.my. does not exist]
ASN:Â Â Â Â Â Â Â Â Â Â Â Â Â Â 4788
ASN Name:Â Â Â Â Â Â Â Â Â Â Â Â TMNET-AS-AP (TM Net, Internet Service Provider)
IP range connectivity:Â Â Â Â Â 2
Registrar (per ASN):Â Â Â Â Â Â APNIC
Country (per IP registrar):Â Â Â MY [Malaysia]
Country Currency:Â Â Â Â Â Â Â Â MYR [Malaysia Ringgits]
Country IP Range:Â Â Â Â Â Â Â Â 60.52.0.0 to 60.53.255.255
Country fraud profile:Â Â Â Â Â High
City (per outside source):Â Â Â Petaling Jaya, Selangor
Country (per outside source):Â Â MY [Malaysia]
Private (internal) IP?     No
IP address registrar:Â Â Â Â Â Â whois.apnic.net
Known Proxy?          No
and
IP address:Â Â Â Â Â Â Â Â Â Â Â 60.52.53.171
Reverse DNS:Â Â Â Â Â Â Â Â Â Â 52.60.in-addr.arpa.tm.net.my.
Reverse DNS authenticity:Â Â Â Â [Could be forged: hostname 52.60.in-addr.arpa.tm.net.my. does not exist]
ASN:Â Â Â Â Â Â Â Â Â Â Â Â Â Â 4788
ASN Name:Â Â Â Â Â Â Â Â Â Â Â Â TMNET-AS-AP (TM Net, Internet Service Provider)
IP range connectivity:Â Â Â Â Â 2
Registrar (per ASN):Â Â Â Â Â Â APNIC
Country (per IP registrar):Â Â Â MY [Malaysia]
Country Currency:Â Â Â Â Â Â Â Â MYR [Malaysia Ringgits]
Country IP Range:Â Â Â Â Â Â Â Â 60.52.0.0 to 60.53.255.255
Country fraud profile:Â Â Â Â Â High
City (per outside source):Â Â Â Kuala Lumpur, Wilayah Persekutuan
Country (per outside source):Â Â MY [Malaysia]
Private (internal) IP?     No
IP address registrar:Â Â Â Â Â Â whois.apnic.net
Known Proxy?          No
Wikipedia reference to this IP: http://ms.wikipedia.org/wiki/Perbincanga....52.53.171
Spencer G "binarywebs" Ray, former Plunderhere 'techspert'/ Alsoshop techy guru/ Stay Tuned Fishing Charters / mod maker for numerous phpProBid sites
IP: 72.185.223.77
IP address:Â Â Â Â Â Â Â Â Â Â Â 72.185.223.77
Reverse DNS:Â Â Â Â Â Â Â Â Â Â cpe-72-185-223-77.tampabay.res.rr.com.
Reverse DNS authenticity:Â Â Â Â [Verified]
ASN:Â Â Â Â Â Â Â Â Â Â Â Â Â Â 10994
ASN Name:Â Â Â Â Â Â Â Â Â Â Â Â TAMPA2-TWC-5
IP range connectivity:Â Â Â Â Â 2
Registrar (per ASN):Â Â Â Â Â Â ARIN
Country (per IP registrar):Â Â Â US [United States]
Country Currency:Â Â Â Â Â Â Â Â USD [United States Dollars]
Country IP Range:Â Â Â Â Â Â Â Â 72.176.0.0 to 72.191.255.255
Country fraud profile:Â Â Â Â Â Normal
City (per outside source):Â Â Â Tampa, Florida
Country (per outside source):Â Â US [United States]
Private (internal) IP?     No
IP address registrar:Â Â Â Â Â Â whois.arin.net
Known Proxy?          No
Google search of this IP:
http://www.google.com/search?hl=en&c2coff=1&safe=off&q=72.185.223.77&btnG=Search
Browser and operating system used by this IP:
2 User Agents found for 72.185.223.77:Â Â
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; Alexa Toolbar; .NET CLR 3.0.04506.648)
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1
Nisan, Plunderhere Star team/head tech , "codemaster" responsible for coding/technical maintenance/security on the PH site:
IP: 69.8.2.9
IP address:Â Â Â Â Â Â Â Â Â Â Â 69.8.2.9
Reverse DNS:Â Â Â Â Â Â Â Â Â Â marauder.brightok.net.
Reverse DNS authenticity:Â Â Â Â [Verified]
ASN:Â Â Â Â Â Â Â Â Â Â Â Â Â Â 8025
ASN Name:Â Â Â Â Â Â Â Â Â Â Â Â BRIGHTOK-AS
IP range connectivity:Â Â Â Â Â 0
Registrar (per ASN):Â Â Â Â Â Â ARIN
Country (per IP registrar):Â Â Â US [United States]
Country Currency:Â Â Â Â Â Â Â Â USD [United States Dollars]
Country IP Range:Â Â Â Â Â Â Â Â 69.8.0.0 to 69.8.127.255
Country fraud profile:Â Â Â Â Â Normal
City (per outside source):Â Â Â Sulphur, Oklahoma
Country (per outside source):Â Â US [United States]
Private (internal) IP?     No
IP address registrar:Â Â Â Â Â Â whois.arin.net
Known Proxy?          No
Thanks to Marktard exposing IP addresses, I was able to verify that the Nisan C. who registered Alsoshop.org on September 7th 2008 (and like a fool forgot to make the WHOIS private until the next day) lives in the same town as Plunderhere's Nisan...
FYI, according to WHOIS history for Alsoshop.org and Bidwhale.com, the Nisan C. who registered Alsoshop.org is the same clown who used to own former boinktard of the week award winner auction site Bidwhale back in 2005.Â
EDIT:
Quote:A hacker with half a brain and a basic understanding of local IP addresses can take his pick of thousands you openly expose, and remotely access and attack any computer that doesn't have...
For the past 2 months, any hacker with half a brain could also have used the exploit code published here and on numerous security advisory sites to gain direct database access to all personal information of any user of any phpProBid site, including Plunderhere and Alsoshop, due to the still unpatched security hole which exists in phpProBid.