This post is by a banned member (VAVE) - Unhide
2.580
Posts
1.187
Threads
5 Years of service
18 August, 2022 - 09:26 PM
(This post was last modified: 18 August, 2022 - 09:28 PM by VAVE. Edited 1 time in total.)
Reply
(18 August, 2022 - 08:59 PM)Caviar Wrote: Show More (18 August, 2022 - 03:03 PM)amboss Wrote: Show More (18 August, 2022 - 02:59 PM)Caviar Wrote: Show MoreYeah sure,
Give me a bit im showing proof of everything
yes please show, that:
1. there is a rate limit (spoiler: there isn't)
2. there is something that requires the use of proxies (spoiler: it's not)
3. there is something to prevent spamming at all lol (spoiler: also isn't there)
edit: you finally found the cloudflare option for rate limiting lol
edit 2: way too sensitive though. triggered the 15 minute rate limit ip ban by making like 5 pastes manually.
https://imgur.com/a/2dxFdfK
(18 August, 2022 - 03:04 PM)N1ghth2wk Wrote: Show More
Thanks for your opinion,
But i don't usually take one week for a source code installation, just 2 days and Fivio is not my first client, I've done installation servers for $10.
Since Fivio paid me $60 I was going to make him a site from scratch, but after 2 days of working on it, it seemed I was on a short schedule so I decided to ask him if he just wants the original source code, which in turn he said yes. (Cause when he ordered I didn't have my web services up and running yet on cracked.io cause I had 40 pending orders on Fiverr)
I did everything he asked for, but he would ask me to add new things every single day, got it added them, then the main issue is that his site is being botted by someone and since his server has shared bandwidth it would trip the server's CPU and everything would crash, then I decided to set up a CRON task that will automatically check if the ghostbin services are running or not and if not it will automatically run. I used Python to do this FYI.
And because of this I decided to add firewall rules on CF and rate limiters, no luck, made my own firewall and integrated it with Cloudflare Cloudflare workers. Didn't work, stepped it up from Lv 5 protection to Lv 15, seems to have fixed it now (i did that just a few hours ago as of writing)
And before I took Fivio's job I clearly stated to everyone that my current situation is shit and I am mere homeless and have 3 jobs so delays are to be expected on anything you ask me to do, but now I'm doing great alhamdulillah as my orders have been consistent now.
Please read the whole report before accusing.
At the time I made last post there was not a single security measure, and you are still claiming there was.
The Cloudflare firewall came only after my post (as i said in my edit of the last post).
Also sus that you blurred out the activity graph but doesn't matter.
And how I tested it wasn't some magic smart thing like you said an attacker would have to do.
I was able to make more than 200 pastes for testing on one IP in just a few seconds using just a few lines of JS put into the Dev Console and nothing more.
There was absolutely nothing that prevented that.
It didn't even matter that the IP I was using was from Mullvad and should have been flagged by any security if there was any.
I didn't get a single 429 or even a 1015 as there is in place now after my latest post (which btw is way too sensitive and ip banned me like 5 times even on IPs not from mullvad when not even spamming anything but just pasting and using the site like anyone would).
There wasn't anything like a captcha preventing it.
Nothing.
Anyone who is able to google would have been able to make those few lines of JS (similar as how anyone who is able to google would be able to add a captcha to the pasting function even if never using go before, as you can find a complete code to integrate hcaptcha on google lol).
Yet you claimed multiple times before how good your security measures were when there weren't any at all in those moments and they only came after my last post.
This post is by a banned member (Caviar) - Unhide
19 August, 2022 - 08:41 AM
Reply
(18 August, 2022 - 09:26 PM)amboss Wrote: Show More (18 August, 2022 - 08:59 PM)Caviar Wrote: Show More (18 August, 2022 - 03:03 PM)amboss Wrote: Show Moreyes please show, that:
1. there is a rate limit (spoiler: there isn't)
2. there is something that requires the use of proxies (spoiler: it's not)
3. there is something to prevent spamming at all lol (spoiler: also isn't there)
edit: you finally found the cloudflare option for rate limiting lol
edit 2: way too sensitive though. triggered the 15 minute rate limit ip ban by making like 5 pastes manually.
https://imgur.com/a/2dxFdfK
(18 August, 2022 - 03:04 PM)N1ghth2wk Wrote: Show More
Thanks for your opinion,
But i don't usually take one week for a source code installation, just 2 days and Fivio is not my first client, I've done installation servers for $10.
Since Fivio paid me $60 I was going to make him a site from scratch, but after 2 days of working on it, it seemed I was on a short schedule so I decided to ask him if he just wants the original source code, which in turn he said yes. (Cause when he ordered I didn't have my web services up and running yet on cracked.io cause I had 40 pending orders on Fiverr)
I did everything he asked for, but he would ask me to add new things every single day, got it added them, then the main issue is that his site is being botted by someone and since his server has shared bandwidth it would trip the server's CPU and everything would crash, then I decided to set up a CRON task that will automatically check if the ghostbin services are running or not and if not it will automatically run. I used Python to do this FYI.
And because of this I decided to add firewall rules on CF and rate limiters, no luck, made my own firewall and integrated it with Cloudflare Cloudflare workers. Didn't work, stepped it up from Lv 5 protection to Lv 15, seems to have fixed it now (i did that just a few hours ago as of writing)
And before I took Fivio's job I clearly stated to everyone that my current situation is shit and I am mere homeless and have 3 jobs so delays are to be expected on anything you ask me to do, but now I'm doing great alhamdulillah as my orders have been consistent now.
Please read the whole report before accusing.
At the time I made last post there was not a single security measure, and you are still claiming there was.
The Cloudflare firewall came only after my post (as i said in my edit of the last post).
Also sus that you blurred out the activity graph but doesn't matter.
And how I tested it wasn't some magic smart thing like you said an attacker would have to do.
I was able to make more than 200 pastes for testing on one IP in just a few seconds using just a few lines of JS put into the Dev Console and nothing more.
There was absolutely nothing that prevented that.
It didn't even matter that the IP I was using was from Mullvad and should have been flagged by any security if there was any.
I didn't get a single 429 or even a 1015 as there is in place now after my latest post (which btw is way too sensitive and ip banned me like 5 times even on IPs not from mullvad when not even spamming anything but just pasting and using the site like anyone would).
There wasn't anything like a captcha preventing it.
Nothing.
Anyone who is able to google would have been able to make those few lines of JS (similar as how anyone who is able to google would be able to add a captcha to the pasting function even if never using go before, as you can find a complete code to integrate hcaptcha on google lol).
Yet you claimed multiple times before how good your security measures were when there weren't any at all in those moments and they only came after my last post.
Dude, I already said I completed the JS Part of adding the Captcha, it also needs to be integrated with the Paste function that is in Golang, which @ Allowy was supposed to do but Allowy needs time off.
This post is by a banned member (VAVE) - Unhide
2.580
Posts
1.187
Threads
5 Years of service
19 August, 2022 - 11:21 AM
Reply
(19 August, 2022 - 08:41 AM)Caviar Wrote: Show More (18 August, 2022 - 09:26 PM)amboss Wrote: Show More (18 August, 2022 - 08:59 PM)Caviar Wrote: Show Morehttps://imgur.com/a/2dxFdfK
Thanks for your opinion,
But i don't usually take one week for a source code installation, just 2 days and Fivio is not my first client, I've done installation servers for $10.
Since Fivio paid me $60 I was going to make him a site from scratch, but after 2 days of working on it, it seemed I was on a short schedule so I decided to ask him if he just wants the original source code, which in turn he said yes. (Cause when he ordered I didn't have my web services up and running yet on cracked.io cause I had 40 pending orders on Fiverr)
I did everything he asked for, but he would ask me to add new things every single day, got it added them, then the main issue is that his site is being botted by someone and since his server has shared bandwidth it would trip the server's CPU and everything would crash, then I decided to set up a CRON task that will automatically check if the ghostbin services are running or not and if not it will automatically run. I used Python to do this FYI.
And because of this I decided to add firewall rules on CF and rate limiters, no luck, made my own firewall and integrated it with Cloudflare Cloudflare workers. Didn't work, stepped it up from Lv 5 protection to Lv 15, seems to have fixed it now (i did that just a few hours ago as of writing)
And before I took Fivio's job I clearly stated to everyone that my current situation is shit and I am mere homeless and have 3 jobs so delays are to be expected on anything you ask me to do, but now I'm doing great alhamdulillah as my orders have been consistent now.
Please read the whole report before accusing.
At the time I made last post there was not a single security measure, and you are still claiming there was.
The Cloudflare firewall came only after my post (as i said in my edit of the last post).
Also sus that you blurred out the activity graph but doesn't matter.
And how I tested it wasn't some magic smart thing like you said an attacker would have to do.
I was able to make more than 200 pastes for testing on one IP in just a few seconds using just a few lines of JS put into the Dev Console and nothing more.
There was absolutely nothing that prevented that.
It didn't even matter that the IP I was using was from Mullvad and should have been flagged by any security if there was any.
I didn't get a single 429 or even a 1015 as there is in place now after my latest post (which btw is way too sensitive and ip banned me like 5 times even on IPs not from mullvad when not even spamming anything but just pasting and using the site like anyone would).
There wasn't anything like a captcha preventing it.
Nothing.
Anyone who is able to google would have been able to make those few lines of JS (similar as how anyone who is able to google would be able to add a captcha to the pasting function even if never using go before, as you can find a complete code to integrate hcaptcha on google lol).
Yet you claimed multiple times before how good your security measures were when there weren't any at all in those moments and they only came after my last post.
Dude, I already said I completed the JS Part of adding the Captcha, it also needs to be integrated with the Paste function that is in Golang, which @ Allowy was supposed to do but Allowy needs time off. Integration into the golang function is what I meant. You can just Google for Hcaptcha golang example and find exactly what you need. Then copy it into there and if it fails return an error that your js can deal with.
Also, now you suddenly don't mention the part of you lying about the firewall and all the security after you have been caught.
This post is by a banned member (Caviar) - Unhide
19 August, 2022 - 01:00 PM
(This post was last modified: 19 August, 2022 - 01:09 PM by Caviar. Edited 2 times in total.)
Reply
(19 August, 2022 - 11:21 AM)amboss Wrote: Show More (19 August, 2022 - 08:41 AM)Caviar Wrote: Show More (18 August, 2022 - 09:26 PM)amboss Wrote: Show MoreAt the time I made last post there was not a single security measure, and you are still claiming there was.
The Cloudflare firewall came only after my post (as i said in my edit of the last post).
Also sus that you blurred out the activity graph but doesn't matter.
And how I tested it wasn't some magic smart thing like you said an attacker would have to do.
I was able to make more than 200 pastes for testing on one IP in just a few seconds using just a few lines of JS put into the Dev Console and nothing more.
There was absolutely nothing that prevented that.
It didn't even matter that the IP I was using was from Mullvad and should have been flagged by any security if there was any.
I didn't get a single 429 or even a 1015 as there is in place now after my latest post (which btw is way too sensitive and ip banned me like 5 times even on IPs not from mullvad when not even spamming anything but just pasting and using the site like anyone would).
There wasn't anything like a captcha preventing it.
Nothing.
Anyone who is able to google would have been able to make those few lines of JS (similar as how anyone who is able to google would be able to add a captcha to the pasting function even if never using go before, as you can find a complete code to integrate hcaptcha on google lol).
Yet you claimed multiple times before how good your security measures were when there weren't any at all in those moments and they only came after my last post.
Dude, I already said I completed the JS Part of adding the Captcha, it also needs to be integrated with the Paste function that is in Golang, which @ Allowy was supposed to do but Allowy needs time off. Integration into the golang function is what I meant. You can just Google for Hcaptcha golang example and find exactly what you need. Then copy it into there and if it fails return an error that your js can deal with.
Also, now you suddenly don't mention the part of you lying about the firewall and all the security after you have been caught.
Didn't have time to respond to that as I was driving a train
I changed the firewall rules to a higher threshold, that's why it has been functional to you just now, I informed every detail about this to Fivio
There's no way you were able to bot it more than 10 pastes per 2 minutes, because it will block your access to the site immediately for 48hrs.
And dude I don't need to look up tutorial on YouTube, I know how to do it lmfao
I added the JS functions and shit but it also needs to be integrated with Go, if you want you can check the source for yourself and then complain.
I absolutely hate Golang and when it comes to ASM-like languages i'm a complete noob.
This post is by a banned member (VAVE) - Unhide
2.580
Posts
1.187
Threads
5 Years of service
19 August, 2022 - 02:22 PM
Reply
(19 August, 2022 - 01:00 PM)Caviar Wrote: Show More (19 August, 2022 - 11:21 AM)amboss Wrote: Show More (19 August, 2022 - 08:41 AM)Caviar Wrote: Show MoreDude, I already said I completed the JS Part of adding the Captcha, it also needs to be integrated with the Paste function that is in Golang, which @ Allowy was supposed to do but Allowy needs time off. Integration into the golang function is what I meant. You can just Google for Hcaptcha golang example and find exactly what you need. Then copy it into there and if it fails return an error that your js can deal with.
Also, now you suddenly don't mention the part of you lying about the firewall and all the security after you have been caught.
Didn't have time to respond to that as I was driving a train
I changed the firewall rules to a higher threshold, that's why it has been functional to you just now, I informed every detail about this to Fivio
There's no way you were able to bot it more than 10 pastes per 2 minutes, because it will block your access to the site immediately for 48hrs.
And dude I don't need to look up tutorial on YouTube, I know how to do it lmfao
I added the JS functions and shit but it also needs to be integrated with Go, if you want you can check the source for yourself and then complain.
I absolutely hate Golang and when it comes to ASM-like languages i'm a complete noob.
Didn't I say you finally enabled firewall rules finally lol.
The tests i did were all after you were lying about all the security the site apperently had (but didn't have lol) and before you enabled it (after i called you out for lying ).
Before my post 22 hours ago there was not a single thing preventing spam, as I had said in that post.
After that post when you had to prove it, then there was finally any security.
The rules are way way too sensitive though now and will definetly ban IPs of many normal people using the site as you don't even need to create a single paste to be able to get a Ban which then also lasts for way too long.
And for the captcha. If you had read my message you would have known that I am talking about the fucking golang part all of the time.
If you had even googled for anything (like i already said before) you would have found for example:
https://github.com/raihaninfo/captcha/bl...ha/main.go
Which already has 100% of the hCaptcha code you need to check if a captcha is valid.
You could have just 1:1 copied the function to check it from there and copy pasted it into the create paste source and returned an error if it is invalid.
That is all.
And if you are even too stupid to do that, or hate Golang that much then fucking don't take a job about it.
Don't lie, and when you get caught don't play stupid and lie even more to try and get out of your lies.
This post is by a banned member (Caviar) - Unhide
20 August, 2022 - 01:23 PM
Reply
(19 August, 2022 - 02:22 PM)amboss Wrote: Show More (19 August, 2022 - 01:00 PM)Caviar Wrote: Show More (19 August, 2022 - 11:21 AM)amboss Wrote: Show MoreIntegration into the golang function is what I meant. You can just Google for Hcaptcha golang example and find exactly what you need. Then copy it into there and if it fails return an error that your js can deal with.
Also, now you suddenly don't mention the part of you lying about the firewall and all the security after you have been caught.
Didn't have time to respond to that as I was driving a train
I changed the firewall rules to a higher threshold, that's why it has been functional to you just now, I informed every detail about this to Fivio
There's no way you were able to bot it more than 10 pastes per 2 minutes, because it will block your access to the site immediately for 48hrs.
And dude I don't need to look up tutorial on YouTube, I know how to do it lmfao
I added the JS functions and shit but it also needs to be integrated with Go, if you want you can check the source for yourself and then complain.
I absolutely hate Golang and when it comes to ASM-like languages i'm a complete noob.
Didn't I say you finally enabled firewall rules finally lol.
The tests i did were all after you were lying about all the security the site apperently had (but didn't have lol) and before you enabled it (after i called you out for lying ).
Before my post 22 hours ago there was not a single thing preventing spam, as I had said in that post.
After that post when you had to prove it, then there was finally any security.
The rules are way way too sensitive though now and will definetly ban IPs of many normal people using the site as you don't even need to create a single paste to be able to get a Ban which then also lasts for way too long.
And for the captcha. If you had read my message you would have known that I am talking about the fucking golang part all of the time.
If you had even googled for anything (like i already said before) you would have found for example:
https://github.com/raihaninfo/captcha/bl...ha/main.go
Which already has 100% of the hCaptcha code you need to check if a captcha is valid.
You could have just 1:1 copied the function to check it from there and copy pasted it into the create paste source and returned an error if it is invalid.
That is all.
And if you are even too stupid to do that, or hate Golang that much then fucking don't take a job about it.
Don't lie, and when you get caught don't play stupid and lie even more to try and get out of your lies.
The thing is the firewalls and everything was activated, but had almost zero request (some of the other rules have 50-300)
After i got your message i stepped it up to a higher threshold, that's literally what i did like wtf
And yes I complete hate Golang and am a noob at at, I didn't take this job initally to make a Golang site, I was supposed to make a site FULLY from scratch, until I was on short schedule and asked fivio if he would be fine with just the source code of it in which he said YES.
This post is by a banned member (VAVE) - Unhide
2.580
Posts
1.187
Threads
5 Years of service
20 August, 2022 - 03:22 PM
Reply
(20 August, 2022 - 01:23 PM)Caviar Wrote: Show More (19 August, 2022 - 02:22 PM)amboss Wrote: Show More (19 August, 2022 - 01:00 PM)Caviar Wrote: Show MoreDidn't have time to respond to that as I was driving a train
I changed the firewall rules to a higher threshold, that's why it has been functional to you just now, I informed every detail about this to Fivio
There's no way you were able to bot it more than 10 pastes per 2 minutes, because it will block your access to the site immediately for 48hrs.
And dude I don't need to look up tutorial on YouTube, I know how to do it lmfao
I added the JS functions and shit but it also needs to be integrated with Go, if you want you can check the source for yourself and then complain.
I absolutely hate Golang and when it comes to ASM-like languages i'm a complete noob.
Didn't I say you finally enabled firewall rules finally lol.
The tests i did were all after you were lying about all the security the site apperently had (but didn't have lol) and before you enabled it (after i called you out for lying ).
Before my post 22 hours ago there was not a single thing preventing spam, as I had said in that post.
After that post when you had to prove it, then there was finally any security.
The rules are way way too sensitive though now and will definetly ban IPs of many normal people using the site as you don't even need to create a single paste to be able to get a Ban which then also lasts for way too long.
And for the captcha. If you had read my message you would have known that I am talking about the fucking golang part all of the time.
If you had even googled for anything (like i already said before) you would have found for example:
https://github.com/raihaninfo/captcha/bl...ha/main.go
Which already has 100% of the hCaptcha code you need to check if a captcha is valid.
You could have just 1:1 copied the function to check it from there and copy pasted it into the create paste source and returned an error if it is invalid.
That is all.
And if you are even too stupid to do that, or hate Golang that much then fucking don't take a job about it.
Don't lie, and when you get caught don't play stupid and lie even more to try and get out of your lies.
The thing is the firewalls and everything was activated, but had almost zero request (some of the other rules have 50-300)
After i got your message i stepped it up to a higher threshold, that's literally what i did like wtf
And yes I complete hate Golang and am a noob at at, I didn't take this job initally to make a Golang site, I was supposed to make a site FULLY from scratch, until I was on short schedule and asked fivio if he would be fine with just the source code of it in which he said YES.
First, that changes literally nothing. You still lied about all the security before.
And for the Golang part, you still could have said no you can't do it after that so it is still your fault.
This post is by a banned member (Refunding) - Unhide
OP 20 August, 2022 - 06:18 PM
Reply
(18 August, 2022 - 08:59 PM)Caviar Wrote: Show More (18 August, 2022 - 03:03 PM)amboss Wrote: Show More (18 August, 2022 - 02:59 PM)Caviar Wrote: Show MoreYeah sure,
Give me a bit im showing proof of everything
yes please show, that:
1. there is a rate limit (spoiler: there isn't)
2. there is something that requires the use of proxies (spoiler: it's not)
3. there is something to prevent spamming at all lol (spoiler: also isn't there)
edit: you finally found the cloudflare option for rate limiting lol
edit 2: way too sensitive though. triggered the 15 minute rate limit ip ban by making like 5 pastes manually.
https://imgur.com/a/2dxFdfK
(18 August, 2022 - 03:04 PM)N1ghth2wk Wrote: Show More
Thanks for your opinion,
But i don't usually take one week for a source code installation, just 2 days and Fivio is not my first client, I've done installation servers for $10.
Since Fivio paid me $60 I was going to make him a site from scratch, but after 2 days of working on it, it seemed I was on a short schedule so I decided to ask him if he just wants the original source code, which in turn he said yes. (Cause when he ordered I didn't have my web services up and running yet on cracked.io cause I had 40 pending orders on Fiverr)
I did everything he asked for, but he would ask me to add new things every single day, got it added them, then the main issue is that his site is being botted by someone and since his server has shared bandwidth it would trip the server's CPU and everything would crash, then I decided to set up a CRON task that will automatically check if the ghostbin services are running or not and if not it will automatically run. I used Python to do this FYI.
And because of this I decided to add firewall rules on CF and rate limiters, no luck, made my own firewall and integrated it with Cloudflare Cloudflare workers. Didn't work, stepped it up from Lv 5 protection to Lv 15, seems to have fixed it now (i did that just a few hours ago as of writing)
And before I took Fivio's job I clearly stated to everyone that my current situation is shit and I am mere homeless and have 3 jobs so delays are to be expected on anything you ask me to do, but now I'm doing great alhamdulillah as my orders have been consistent now.
Please read the whole report before accusing.
"I did everything he asked for, but he would ask me to add new things every single day, got it added them"
This is a straight up lie. The ONLY thing I asked to change was the the word "Spectr" to "Quickpaste" and add Captcha "which you haven't done yet", that's it. There's nothing else that you had to do.
Also I like how you blame me as if I told you to use a Golang source, here's what you told me.
Now I'm not a webdev "you aren't one either but you pretend to be one" but simple logic would be that you wouldn't use a source in a language you don't understand. How retarded do you have to be to use a source you know you didn't understand.
@ Darkness the captcha is still not added and the site is 100% unusable now, I can't create 1 paste "with or without a VPN on" before getting rate limited.
I paid @ Caviar 45 days ago, I opened two scam report yet this is somehow still going on.
@ Liars @ Darkness he need to be banned until this is resolved. I can't keep waiting forever.
|