hipstercards.com hacked by 123max [Free Adspace]

[123max]

Was bored anyways found a password for this site (no damage caused)
anyways it has ad space so you wanna add a google adsense code? PM me if you are a SUB with high rep/MOD/Coder you get free space but for normal members and SUB's with less than 100 rep you need to do a ascend survey to get a space
hurry space is limited!
oh and yeah wanna do the proactive if you can? (on the site main page)
hipstercards.com

 

[DTD]

How many pageviews does this site get?

 

[Almighty]

I'm a sub with some posts and rep hope that I can get it

 

[rob2k9]

1 i am gonna ask how did you get the password if you hacked it what method did you use ?

2 google adsense cant be used on this as soon as they see there earnings drop they will look into the ad space and see the pub id and have them banned for google you may even get done for it so google adsense is a no no

 

[Kanni]

advertise my site?

 

[rob2k9]

send me the details and i can have the full url redirect to any site you want

or i can just do it my self simple sql injection with msql5 i am guessing

 

[59bluecool]

I want in on this thanks!!

 

[123max]

How many pageviews does this site get?

http://www.alexa.com/siteinfo/hipstercards.com

277,537
Rank in US

I'm a sub with some posts and rep hope that I can get it

PM me a good banner with site links or ad

1 i am gonna ask how did you get the password if you hacked it what method did you use ?

2 google adsense cant be used on this as soon as they see there earnings drop they will look into the ad space and see the pub id and have them banned for google you may even get done for it so google adsense is a no no

Keylogged the admin by sending a fake email etc. + yea google adsense works

advertise my site?

your banner is too large in height make a normal banner with more info not just expressraffle, make it like earn amazon etc. daily raffle blah blah and pm me

 

[rob2k9]

well change your title if you sent the admin a key logger you didnt hack it

and yes google adsense work but any one that uses it is just a total idiot if the admin stops making money they will look into the ads see the google ads and the pid then tell google and that person will lose there acount for illega activity

all so you could have just done sql injection the whole site is open to it

vuln url : http://hipstercards.com/compose.php?id=2194'
Server: Apache : MySQL >=5
Data Bases:

information_schema,hipsterc_hipsterchipdb

Tables:

,ad_codes,admin,admin_menu,confirm,ecard_group,ecards,ecards_cat
,ecards_catsubcat,ecards_shopcat,ecards_shopdotcom,ecards_subcat
,ecardssent,ecardssent_clean1,ecardssent_shopdotcom,ecardstosend
,email,email2,email3,featured_home,featured_home_shopdotcom
,featured_today,featured_today_cat,hc_categories,hc_ecards
,hc_fb_categoris,hc_fb_drafts,hc_fb_featuredcards,hc_fb_groups
,hc_fb_menu,hc_fb_sent,hc_fb_users,hc_groups,hc_logs_sent,hc_venues
,hc_wg_users,hc_wg_widgets,login,login_shopdotcom,menu_categories
,menu_sections,mess_cat,message_cat,predef_message,promo2,promo3
,promo4,promos,settings,texts,theme_pics,themes,users,years

but go way to use your smarts sending the email just gonna ask
can you pm me i can get accsess to the site and all its files and maybe
redirect the whole page to some ones site or root the server its self

 

[Blue]

What would happen if the site reports your ad then, would google ban you?

 

[123max]

What would happen if the site reports your ad then, would google ban you?

google can't investigate that since the website dosen't have any kind of logs and you can claim that the person is a competitor trying to ban you

 

[CodeMeRight]

Guess i have to get to work n make a new Banner

 

[rob2k9]

google can't investigate that since the website dosen't have any kind of logs and you can claim that the person is a competitor trying to ban you

wrong google has the right to ban any one suspected of trying to cheat there system or being part of illegal activity be it suspected or not

i have lost 2 google accounts for doing so in the past you should really read there tos and all so contact them and hear them out right i spent 3 weeks arguing with them wen i was last banned for all most the same thing

any one doing this can and will be banned on the spot from google with no investigation

you seem to forget as well that every server keeps logs and they will have alog of every ip thaqt logs into the admin panle all they have to do is show there admins ip and the unknown ip and thats it

you should really think before you go and cost some one there google account

 

[Codez Hybrid]

btw site is also open to XSS

 

[123max]

ok rob2k9 is right so no google ads!