Bravo List
Register
Go Back   > Bravo List > Source Code > Archived Trackers > Yuna Scatari Edition (YSE) > Mods & Themes
Reply
  #21  
Old 4th April 2021, 11:47
Elena's Avatar
Elena Elena is offline
Senior Member
 
Join Date: Sep 2010
Posts: 71
Default
Quote:
Originally Posted by antimidas View Post
Quote:
Originally Posted by l3on View Post
My god please tell me you are kidding about thinking md5 is secure , anyone with an modern gpu will use hashcat and crack most of the password with in an hour, most platforms these days use bcrypt or similar
You will have exactly 3 attempts to log in, then a ban by your IP and disconnection of the account you want to log in + notification of a hacking attempt in Privat to the site administration (Site owner and Administrators). With a ban on the site, you are immediately thrown into the site of friendly FBI. But you try, then you will show the result.
Reply With Quote
  #22  
Old 4th April 2021, 12:12
DND's Avatar
DND DND is offline
VIP
 
Join Date: Dec 2008
Posts: 1,136
Default
sha-512 FTW
__________________
Need HELP!? I can install:

  1. Server/VPS (Debian,CentOS,Ubuntu,Fedora, FreeBSD) Optimization and ... + Modules
  2. Webserver Windows/Linux (Apache/Lighttpd/Nginx/Mysql/PhpMyAdmin/SSL) Optimization and ... + Modules
  3. Seedbox Windows/Linux (uTorrent,rTorrent,libTorrent,ruTorrent) + Modules
  4. TBDev Support
  5. Gazelle Support Install
  6. TSSE Install Support
Reply With Quote
  #23  
Old 4th April 2021, 12:57
darkalchemy's Avatar
darkalchemy darkalchemy is offline
Super Moderator
 
Join Date: Dec 2017
United States
Posts: 96
Default
Quote:
Originally Posted by Elena View Post
You will have exactly 3 attempts to log in, then a ban by your IP and disconnection of the account you want to log in + notification of a hacking attempt in Privat to the site administration (Site owner and Administrators). With a ban on the site, you are immediately thrown into the site of friendly FBI. But you try, then you will show the result.
Wow, penalize the unsuspecting user for what a hacker does.
__________________
I do custom coding, source installs, mods, server setup and/or config, etc. Feel free to pitch me your needs and your offer.
Reply With Quote
  #24  
Old 4th April 2021, 14:47
Elena's Avatar
Elena Elena is offline
Senior Member
 
Join Date: Sep 2010
Posts: 71
Default
Quote:
Originally Posted by darkalchemy View Post
Wow, penalize the unsuspecting user for what a hacker does.
Then let them write to the telegram channel with requests to include the account and why it happened.

Bump:
Quote:
Originally Posted by DND View Post
sha-512 FTW
What is this ? I asked for a link to your super-site, to test it with my own methods.
Reply With Quote
  #25  
Old 4th April 2021, 14:55
darkalchemy's Avatar
darkalchemy darkalchemy is offline
Super Moderator
 
Join Date: Dec 2017
United States
Posts: 96
Default
Quote:
Originally Posted by Elena View Post
Then let them write to the telegram channel with requests to include the account and why it happened.
So you force the user to try to prove a negative? Too funny.

Just how, exactly, would the user, that you banned, know what happened when a hacker tries to hack his account? Anyone can get a new ip, all day, everyday.

"Honest, it wasn't me!! You must believe me!"
"Okay, we believe you. We'll unban you."

That is utterly ridiculous.
__________________
I do custom coding, source installs, mods, server setup and/or config, etc. Feel free to pitch me your needs and your offer.
Reply With Quote
  #26  
Old 4th April 2021, 18:07
l3on's Avatar
l3on l3on is offline
Coder
 
Join Date: Jul 2012
Posts: 152
Default
You know if they hack this platform that your so calling secure and thye dump the sql, it will take no more than 1 hour to crack all password, Md5 is not secure period...
Reply With Quote
  #27  
Old 5th April 2021, 09:25
Elena's Avatar
Elena Elena is offline
Senior Member
 
Join Date: Sep 2010
Posts: 71
Default
I do not understand your aggression to update the old script.

Firstly, it is laid out for those who are still on the old hardware and will work ONLY for the old PHP 5.4*, because on the higher one, other files will not work that is on the sites of the old type.
All files for the new PHP version will not be uploaded, they are paid. If you want to go fast and on a new car - buy, for free only DLE.

Hashing of passwords in the new version is (for paid) and through password_hash is done. The fact that the code is not in steps and without spaces is so convenient for us, and for those who will update to our files there is no need to dig there, you can only look at the fact that there are no holes for hackers, but they are not there. For these are almost complete copies as on the test site, except for the old version of PHP.

And then, I gave a link to the communication thread, write your claims there. And then great coders have gathered here, they cannot show their website, nor can they write the code normally without errors.
Reply With Quote
  #28  
Old 5th April 2021, 11:56
rio's Avatar
rio rio is offline
Senior Member
 
Join Date: May 2019
P2P
Posts: 53
Default
Php 5 has been deprecated for some time now as a developer you should encourage the site administration to update to the recommended version and maintain the site on a regular basis i can understand it's not always a easy job but instead your still patching the script for php 5 and refuse to listen to anyone.
__________________
Live Free... Share Free...
Reply With Quote
  #29  
Old 6th April 2021, 01:00
thartley55's Avatar
thartley55 thartley55 is offline
Senior Member
 
Join Date: Mar 2012
P2P
Posts: 122
Default
Quote:
Originally Posted by rio View Post
Php 5 has been deprecated for some time now as a developer you should encourage the site administration to update to the recommended version and maintain the site on a regular basis i can understand it's not always a easy job but instead your still patching the script for php 5 and refuse to listen to anyone.
While I agree with everything you were saying...simply reading it gave me a headache. If you intend to be taken somewhat seriously, perhaps attempt proper grammar, punctuation, sentence structure, etc.
Thanks.
NOTE: The following would have been much better.
Quote:
Originally Posted by rio View Post
Php 5 has been deprecated for some time now. As a developer you should encourage the site administration to update to the recommended version and maintain the site on a regular basis. I can understand it's not always an easy job, but instead you're still patching the script for php 5 and refuse to listen to anyone.
Reply With Quote
  #30  
Old 2nd May 2021, 09:38
Elena's Avatar
Elena Elena is offline
Senior Member
 
Join Date: Sep 2010
Posts: 71
Default
In the meantime, the script is being updated on the github. Let me remind you that the script has been updated for the old server configurations:
FastCGI (Nginx + PHP-FPM) PHP 5.4.45

The script is written for the latest version and will only be paid, with the following server configuration:
FastCGI (Nginx + PHP-FPM) PHP 8.0.3 + RedBeanphp

https://github.com/lolyworlds/LoLya-v1.0

Test site for latest PHP 8.0.3: https://lolya.top
Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump



All times are GMT +2. The time now is 02:22. vBulletin skin by ForumMonkeys. Powered by vBulletin® Version 3.8.11 Beta 3
Copyright ©2000 - 2021, vBulletin Solutions Inc.