[ 3 / biz / cgl / ck / diy / fa / ic / jp / lit / sci / vr / vt ] [ index / top / reports ] [ become a patron ] [ status ]
2023-11: Warosu is now out of extended maintenance.

/biz/ - Business & Finance

View post   
File: 114 KB, 689x1225, 20210305_125725.jpg [View same] [iqdb] [saucenao] [google]
30339481 No.30339481 [Reply] [Original]

Their website is so insecure they had the wordpress admin login screens public until I told them about it 2 days ago. They first agreed to compensate me, then said not for 30 days, and then banned me when I said I would make a youtube video about my experience with them calling it blackmail. They agreed to pay me then welshed. Scammers.

Now the admin login redirects to homeland security. Because mature adults who run a serious company do things like that. It is absolutely embarrassing.

>> No.30339519
File: 373 KB, 720x1280, Screenshot_20210302-152003_Telegram.jpg [View same] [iqdb] [saucenao] [google]
30339519

>> No.30339579

>>30339481
Just sold, team are negros

>> No.30339602

No shit. The question is: is Everest the bigger scam or is Vesper? Which one is going to give us the most pinkjaks?

>> No.30339603

most obvious scam vaporware

>> No.30339670

>>30339519
>everest.org/bob
It actually works lmfao, are these cunts for real

>> No.30339734

>>30339481
having wp-admin public is not insecure at all. it's like saying google having the login page public is insecure. it's not, how the fuck else are people gonna login?

>> No.30339736

>>30339670
kek try this one: everest.org/visa

>> No.30339765

>>30339670
And you're supposed to trust an app they made with your money? If they ever release an app it will be a disaster. Everyone will.lose their funds.

>> No.30339777

>>30339736
or everest.org/indonesia

>> No.30339837

>>30339734
You know nothing. Its incredibly basic to hide that screen. Not a single other crypto website has that screen public because it is such basic security.

>> No.30339858

>>30339519
that's also not insecure, all wordpress sites do this by default, when you visit a 404, it redirects you to the closest public posts it thinks you might want to go. nothing insecure about that, it only goes to public posts.

in wordpress everything is a post, images are also posts so it redirects to some public image because there's nothing closer instead of doing a 404.

nothing insecure about it, all wordpress sites do this.

>> No.30339883

Kinda a trick question. Why are you obsessed with ID and waste hours over hours fudding it?

>> No.30339940

>>30339858
Replicate the issue on another crypto website then. Hint: I already checked the top 200 coins.

>> No.30339947

>>30339837
I know everything nigger. I know it's incredibly easy to hide it. I also know it's completely unnecessary and not insecure to not hide it.

there's literally millions of wordpress sites that behave the exact same way. also, google nor any other site hide their login screen. it serves no purpose.

>t. actual programmer and not a retard like OP

>> No.30340000

>>30339947
You are a bag holder who knows nothing about technology. Are you Brad?

>> No.30340011

>>30339940
it's not an issue. it's the wordpress default feature. if you use wordpress, your site does this, unless you turn it off. there's millions of wordpress sites that do this. all of them do this unless they turn it off.

reason other crypto sites dont is cause they dont use wordpress.

it's literally not insecure. it's impossible to find any private/non public posts using it. it's literally a feature of wordpress, not a bug or vulnerability.

I recommend you kill yourself fucking brainlet wanne be hacker

>> No.30340044

>>30340000
no, you are the brainlet. I've literally explained and proven that I'm correct, that I'm a programmer and that I know how wordpress works. I've proven it beyond any doubt and completely humiliated you.

>> No.30340046

>>30340011
They dont use wordpress? None of them? Not even say ripple.com?

>> No.30340049

>>30340000
Checked and the biggest waste of digits.

Why are you obsessed with ID? Has Bob hurt your feelings?

>> No.30340149

also I'm not an everest holder. the fact that they are using wordpress is bearish as fuck and definitely indicates that it's a scam.

but OP is a brainlet, he did not find any vulnerabilities. all he found are literally basic wordpress features that are not insecure and do not need to be changed.

>> No.30340197

>>30340149
You are a complete idiot who has no idea what websites use. Tons of crypto coins use wordpress but their sites are all made properly and they all hide the login screen.

>> No.30340208

>>30340149
>definitely indicates that it's a scam.
I could give you at least 7 examples that do run on wp and are not scam. Stop lying.

>> No.30340270
File: 433 KB, 466x958, 1613418947499.png [View same] [iqdb] [saucenao] [google]
30340270

Bought a lil more.

>> No.30340289 [DELETED] 

For the tech lovers.

Check Mochimo

Share the thoughts with me

>> No.30340298

>using wp for anything more than a gardening blog

>> No.30340340

>>30339481
fuck this scam, im out

>> No.30340352

I hate this project, I only hold 1000 ID but wish I didn't. Not paying the fees and spending money on this further,

>> No.30340506

>>30340352
Sell. $500 is better than $5 and this is going to .01

>> No.30340634

>>30340506
Why are you obsessed with ID?

>> No.30340706

>>30340634
They owe me money. They stole from me.

>> No.30340827

>>30340706
So you are wasting hours over hours of time fudding in /biz/ because you found minor flaws (mostly opticial flaws) and now have to wait a month due to accounting laws? Damn you must be some special kind of human being. Keep it up, soon you will get your 500 ID, but don't market sell them at once!

>> No.30340852

>>30340149
>WHY YOU SHOULD HIDE WP ADMIN AND HIDE MY WORDPRESS?
Dozens of bots daily attacks your WordPress admin area at /wp-login.php and /wp-admin/, brute force passwords and wanting to access your admin panel. Even if you are sure that you have created a hard and reliable password, this does not guarantee security and does not relieve your login page overload. The easiest way to hide login page is simply change its address to a unique one that will be known only to you.

https://wordpress.org/plugins/hide-login-page/

>> No.30340881

bought more than 400k in IDO, but this shit is so fucking fishy its unreal. 3 years of bullshit and a lot of thin air. Bob has got serious mental issues.

>> No.30340950
File: 228 KB, 640x665, A28149BA-7A07-49A9-B4B2-2B2944176E1B.jpg [View same] [iqdb] [saucenao] [google]
30340950

The website is dogshit in general, imagine investing in this

>> No.30340998

>>30340950
Hahahaha I had never seen that one.

>> No.30341053

>>30340950
It honestly resembles a 6th grade science fair project.

>> No.30341365

My boomer dad could make a better website. Dot org is a red flag too. Dot io is standard now.

>> No.30341417

>>30339481
>token about security is insecure
kek

>> No.30341448

>>30340950
Bro, Einstein aped into this. I must buy the coin! I LIKE THE COIN!

>> No.30341471

Imagine seething about 250$ die to accounting rules.

>> No.30341496

This thread is hilarious. I'm not a bag holder but I am a dev and it's really funny to see a bunch of devs go "Yeah that's just default wordpress horseshit; it's not the most professional but it's not really a big deal" and then a whole bunch of non-developers go "NO, IT'S A HUGE DEAL"

>> No.30341532

>>30339947
Dude. Google has 2fa and limits login attempts. Stop being retarded.

>> No.30341533

>>30340149
As a dev, this is correct

>> No.30341554

>>30341496
if it feels like they dont give a shit why would they expect anyone else to?

>> No.30341612

>>30339519
HAHAHAHAHAH

This cannot be real right? Please tell me this is bait

>> No.30341680

>>30341496
The Everest team thought it was a huge deal too. They acted like I was some kind of hacker because I found the login page. They called me "white hat".

Its default wordpress but everyone knows to hide it. I checked the top 200 coins websites and could not replicate the problem. Every single other coin using wordpress hides that page. Why? Because they're not a 1337 dev like you who knows it's not necessary?

>> No.30341682

>>30339481
I don't give a shit about your larp but where are the ID tokens they're paying these retards these people coming from?

>> No.30341707

>a severe bug is only worth $400
Kek this is almost as funny as watching actual sherpa derpa team members fight fud on /biz/

>> No.30341743

>>30341707
I think you mean $40,000

>> No.30341781

>>30339481
>bagnnel
how are the bags sir?

>> No.30342220

>>30341781
Sold my bags at a 40% loss.

>> No.30342371

>>30340149
The brainiacs here finding wp features and freaking out about "finding flaws". God you biz folk really are idiots

>> No.30342666

>>30342220
Hahaha classic. Fucking retard, always buying the top.

>> No.30342992

>>30342371
Replicate the problem on another wp site used by a crypto. You cant. Because every other crypto knows how to build a website.

>> No.30343235

>>30342220
Now it all makes sense. You are emotionally hurt - keep it up

>> No.30343237

>>30342992
Everyone is agreeing that it's amateur and unprofessional (really to even be using Wordpress at all) but every developer is also telling you it's not important at all.

>> No.30343652

>>30342992
How about don't worry about cosmetic differences on wp websites and worry about the fact they are using wp in the first place. Only noobs use wp for a non-blogging site.