thpsX
thpsX.com News/Updates => Site General => Topic started by: Krad on December 24, 2016, 12:50:53 am
-
On Dec 18th and into the next morning, a user uploaded about 250 fake .PRK files in the THPSX database. The user also injected meta tag redirect code through the upload system which redirected park files, and the main Park/Skater link to pornographic websites. Once satisfied, the user uploaded a false .SKA file to the skater side.
I'll post the image at the end of this, but the first thing that we did after seeing what happened was locating the IP that was used to upload the files. We cross referenced that with accounts registered on the forum. I'm going to first point out the obvious by saying that the forums, and the skater/parks at the time were completely separate things, and that they did not have any correlation with each other. You previously did not need a forum account to upload files. Theoretically before yesterday, you could have been completely anonymous when uploading a .prk or .ska file.
So the only account that matched the IP address of the user who uploaded the files/redirect codes was Snipe's account. Over the course of conversation with Snipe on Skype he told me that this was not him, that it was not his IP, and that he was not on the site at that time because he had work at 4:30 the next morning. He deleted the one post that tied the ip's together later that day.
The image pretty much shows everything. We see that under the OpenSpy Log Snipe's real IP is 190.84.34.31. The IP belongs to a region in Colombia which is where he's stationed, confirming it's his. The IP used to upload the files is 186.169.235.5. If you view the THPSX log, you can see Snipe was on with his real IP, and that he was on seconds before the uploads started happening.
On the bottom right is a conversation where Snipe says he wasn't even on when the uploads took place. He says he wasn't on "at whatever hour in the night", and then he corrects himself "or morning or afternoon" as if he made a mistake, as if he shouldn't know what time it happened. But to reiterate, he indeed was on exactly when this started to happen, as the IP's show. Not just on around the same time, but when it started.
The access logs, or "THPSX logs" show both ip's are on a linux machine.
There's other circumstantial things that point to Snipe, but I'm pretty convinced with everything here. As a result of what happened, we didn't want Snipe logging into the IRC Peerchat server of OpenSpy where he would have administrative access over all users who connect to OpenSpy. Someone who purposely redirects users to pornographic websites obviously doesn't care for their online safety. I expressed to him that I would have no objection to him still being able to play THUGPro.
Snipe started flooding the THUGPro lobby with fake rooms a day later with anti-thpsx text as the host name. When I asked him about it on Skype he eventually blocked me.
So that's what happened. You'll start to see things returning back to normal. Sk8ace took down the skater/parks section 30 minutes after the last upload took place and has spent a lot of his time bringing it back and making it more secure. If you have any questions or anything feel free to post.
(http://i.imgur.com/sIgS1nD.png)
-
Wow, I never expected something like this to happen...
-
Jeez thats super fucked up, it honestly baffles me that someone would have such a strong vendetta as to do something like this
-
So this is why he made "FreedomSpy".
Apparently tracking IP's for malicious activities is a horrible thing. How dare people take measures to stop hacker attacks, eh?
-
LMAO, I fucking trusted that cunt. Good to see the section back up now.
-
Same, i got a bit of a bad vibe about him when he made FreedomSpy because i was thinking:
Incognito Browsing has its uses that are not.. "These uses", but how can something like that have a legit use?
I guess it's the best tool for the worst people.
Why would Snipe do this stuff in the first place?
-
Same, i got a bit of a bad vibe about him when he made FreedomSpy because i was thinking:
Incognito Browsing has its uses that are not.. "These uses", but how can something like that have a legit use?
I guess it's the best tool for the worst people.
Why would Snipe do this stuff in the first place?
I use FreedomSpy. No particular reason other than privacy.
-
Oh, well, in that case, it's understandable, but for people that got banned, reaally? Abuse is bound to happen.
-
There's no active tracking or going on for users that connect to OpenSpy. If something malicious is going on then something can be looked into to either prove guilt or innocence, but other than that everything is just left alone.
The only reason I can think of as to why Snipe did this is because about a month ago he wanted his tracking bot on the IRC server to track users connecting to OpenSpy for his stats page. I told him I didn't want his bot tracking people. Then he tried to disguise the bot as his personal IRC. When I found that out he got pretty aggravated.
For people that think FreedomSpy means privacy, you're sharing your information with 2 servers now instead of just OpenSpy.
-
I can't express myself being polite.This is horrible, man, what comes in the head of someone to make such a thing?
-
Correction to OP, 186.169.235.5 is a Colombian IP (Not mine though as stated before mine is 190.84.34.31)
The IP of the uploads is instead 185.169.235.5 (Netherlands) not 186.169.235.5 (Colombia).
185.169.235.5 IP info:
http://www.infosniper.net/index.php?ip_address=185.169.235.5
-
With VPNs and TOR proxies, the source of the 185.169.235.5 IP is irrelevant.
-
(https://1.bp.blogspot.com/-ff59ebmURDE/UYyLvQUURGI/AAAAAAAABXc/z7OWx8Mus5Q/s1600/don%27twww-scarfolk-blogspot-com.jpg)
-
With VPNs and TOR proxies, the source of the 185.169.235.5 IP is irrelevant.
Noch die korrektur machen
-
This was after we removed him from Openspy. I noticed snipe was attempting to log on through multipe IP's so I ran a command that showed all his aliases. There is no dispute about whether he uses his servers/VPNs/Proxies and/or GOVT IPs.
* [Snipe] ([email protected]): Snipe
* [Snipe] s :12/19/2016 03:26
* [Snipe] ([email protected]): Snipe
* [Snipe] s :12/19/2016 03:26
* [Snipe] ([email protected]): Snipe
* [Snipe] s :12/19/2016 03:36
* [Snipe] ([email protected]): Snipe
* [Snipe] s :12/19/2016 03:36
* [Snipe] ([email protected]): Snipe
* [Snipe] s :12/19/2016 03:46
* [Snipe] ([email protected]): Snipe
* [Snipe] s :12/19/2016 03:46
* [Snipe] ([email protected]): Snipe
* [Snipe] s :12/19/2016 15:21
* [Snipe] ([email protected]): Snipe
* [Snipe] s :12/19/2016 15:24
* [Snipe] ([email protected]): Snipe
* [Snipe] s :12/19/2016 15:25
* [Snipe] ([email protected]): Snipe
* [Snipe] s :12/19/2016 15:30
* [Snipe] ([email protected]): Snipe
* [Snipe] s :12/19/2016 15:32
* [Snipe] ([email protected]): Snipe
* [Snipe] s :12/19/2016 15:39
* [Snipe] ([email protected]): Snipe
* [Snipe] s :12/19/2016 15:43
* [Snipe] ([email protected]): Snipe
* [Snipe] s :12/19/2016 15:44
* [Snipe] ([email protected]): ProSkater
* [Snipe] s :12/19/2016 17:28
* [Snipe] ([email protected]): ProSkater
* [Snipe] s :12/19/2016 17:28
* [Snipe] ([email protected]): epinS
* [Snipe] s :12/19/2016 20:38
-
Thanks for the post TNT!
Believe me, the auto kicks aren't personal. We'll get something worked out in the future, I'm sure.
It's not like we wanted to do any of this.
-
Thanks for the post TNT!
Believe me, the auto kicks aren't personal. We'll get something worked out in the future, I'm sure.
It's not like we wanted to do any of this.
I deleted the post lol, but I appreciate the response. I know it isn't personal.
To everyone else, basically FreedomSpy and OpenSpy exist separately. Technically at this very moment in time, I have personally confirmed the more secure and private option is OpenSpy. At this point in time, I can personally, as a normal user, connect to FreedomSpy and actively log every user's ID who connects to it. I can start building a database of users and their IDs. FreedomSpy may also have a unique GS ID structure, which may hinder decoding IPs, but they aren't random. Even though this was something I could personally do on OpenSpy in the past with the same method, it does not work at this time, as they have increased the security. This is no fault of OpenSpy or FreedomSpy, it's an exploit that has existed since it was GameSpy, and they never intended to fix it. Both FreedomSpy and OpenSpy admins will always have the option to track users, and the option to use that data for whatever purpose. At this time, OpenSpy may or my not be logging users. At this time, FreedomSpy is logging users for the purpose of reflecting user data on Snipes website. This isn't terrible, or horrible, and he's not doing it in secret.
Here is a screenshot of being connected to FreedomSpy and it's channels:
(http://tnthps.us/freedomspy.png)
Differences I have noticed so far in FreedomSpy are that Snipe has nulled the GameSpy Gamekeys for all titles, which as far as I know is meaningless, as the keys were used in the past to fool the actual GameSpy server into thinking you were connecting from the game of your choice, instead of a IRC program. FreedomSpy allows up to three connections from a single IP at a time. As stated, FreedomSpy also has a unique ID system.
OpenSpy did the right thing in my personal opinion by denying an outside source the ability to scrape user data to be posted on his site. At the same time, I feel that Snipe did the right thing in hosting his own alternative for his site, and openly admitting the data will be used on his site. With that said, Snipe isn't posting IP addresses, just usernames of who has connected. He's done this in the past, and it is a unique feature to his site that is honestly pretty cool.
As for the 'privacy' and 'getting past bans,' generally you have to be a toxic disease in the community to be banned from OpenSpy, and as I've stated, OpenSpy currently offers more privacy, from the admins and as protection from the community. This is proven further by their decision to not let Snipe scrape data. That was an action of privacy protection.
As a mindless suggestion that I have absolutely no knowledge about, nor if it would work, FreedomSpy connecting to OpenSpy rooms after the lobby may be a way to separate it entirely. If I'm correct, and I may not be, the rooms being displayed in the FreedomSpy lobby are from 'thugpro.ms9.openspy.net' port 28910. I'm not sure if this could be used or not, but perhaps OpenSpy could block the FreedomSpy IP from accessing that data, which would force Snipe to take it a step farther and have separate rooms from OpenSpy users, forcing all FreedomSpy users to edit their game or hosts file, meaning any new Thug Pro user will go through OpenSpy first, never having contact with FreedomSpy users.
Even if possible, that doesn't necessarily mean it's the right thing to do, but to enforce bans it may be necessary.
---------------------
Full privacy disclosure (without mentioning any names). Nothing is as private as you ever think. Take it from me. For a very long time I logged all the THPS GameSpy traffic, and I wasn't the only one. There was even an incident one time that led to me and someone else logging all OpenSpy traffic for one day when it was in it's infancy. I wasn't the operator or admin of either, that was as a user. In both cases the operators or admins were unaware of what I was doing. At the end of the day, you can't focus on this and forget that Thug Pro is worth having your IP scraped. ;) At least if you choose FreedomSpy, or choose to remain with OpenSpy, it's because you're playing Thug Pro, and isn't that what this season is really about? 8) Merry Christmas THPS family
-
At this time, FreedomSpy is logging users for the purpose of reflecting user data on Snipes website. This isn't terrible, or horrible, and he's not doing it in secret.
(http://i.imgur.com/QAfHhyR.png)
- Snipe says you should use his service to avoid being tracked. Does he contradict himself by logging all connections?
- Mods are allowed on OpenSpy as long as they do not disrupt other user's games. Hosting your own room with your mods is the best way to go about it. It's when you join rooms with unsuspecting users and those mods introduce conflict with them.
Because of what Snipe has done to THPS users before (before a week ago), and what he's done so recently I have to question why anyone would use his services.