-
-
Yep, I don't mind the copyright at all, but I do like to keep things clean and I also remove the <br /> so everything is on one line.Comment
-
And hackers can still go to modcp/ to find the version number or open one of the .js files.Comment
-
also gives makes them wonder what version your using so they hack you to find out, but you could go to modcp etc but, if you .htaccess protect it its still easy because then they just find the .htpsswd file and decript the password
.
Comment
-
I highly doubt they can just download the .htaccess and .htpasswd file. Especially the latter is a file you don't have to save in the same dir but somewhere outside the public html directory.
Adding .htaccess to your modcp/ and admincp/ and removing the install/ directory is a good additional security layer.Comment
-
Indeed, but being a white hat hacker (dont do any damage) its still pretty easy to get to those files.Comment
-
You can't download .ht* files in the first place. And even if you could, you can't "decode" password hashes. But please, go ahead and hack those sites if it's so easy.Comment
-
I Never said download them.
i said view them.
ie in there cpanel etc.
and i never said i hack all the time.Comment
-
Comment
-
When you go to cpanel you click cancel on the .htaccess one, and then takes you to the login error page which has a login part so you just crack that haha
you view htaccess to find out where .htpsswd is ie it would be like this most of the time
AuthGroupFile /dev/null
AuthName "Admin's Only"
AuthType Basic
AuthUserFile /home/*****/*******/*******/.htpasswd/******/******/.htpasswd
require valid-userComment
Tweet
because when people ask me to hack something i hack them instead.
Comment