www.spoofer.de (http://www.spoofer.de)

If you use .htacccess to protect your members area, you had better take a look at this.

You are basically wide open to people downloading the program and getting access.

Now what do we do to protect ourselves? ;)

if I understand it correctly, these guys want me to pay for it ? if you want 10 similar proggies, let me know :(
spoofing referrals is lesson #2 in hacker´s kinder garden school

This isn't a very complex hack. It only affects sites which lease content usually as well. Most users won't be able to make use of it since its a bit complex but i agree that making it easier to spoof isn't a good thing.

WG

i also heared from a friend of me that he just found some passwords which worked at some paysites... he found them while he was looking for warez

Originally posted by Groovy:
<STRONG>i also heared from a friend of me that he just found some passwords which worked at some paysites... he found them while he was looking for warez</STRONG>

Check this: http://www.pornosaur.com/
(Alexa Ranking: 186,345)

You can see many leased feeds, for example the iBroadcast broadband video with sound.

yeah i mxmx, but that's still kinda different.

Thats a refer hack only. Which basically means if you h ave a paysite you are non vulnerable, you use passwords. Leasecontent companies, and AVSes on the otherhand are vulnerable. There are easy ways to foil these types of refer cheats, and still use refer protection though.

Yes, I aggree, it's no big deal... You can even make a simple PHP, cgi or whatever script which gives the other side false referer. You can even do it by hand if you telnet to the port 80 of given server and know syntax of HTTP headers, however with telnet it's not very usefull :-))