Alright let's talk about Pony, the guys have some cool stats.
The panel is on 220.127.116.11 and the sql server used by pony is located elsewhere on 18.104.22.168
I've tried to add my own user inside the panel, but i got some difficulty forcing me to dump the f*cker and review the source code.
I've read just a small part of the code but that was fun, here is the authentication function:
They call mixed_sha1():
ok cool, i know how to hash my password, where they records IPs now ?
Alright, let's get bad guys IPs:
SELECT * FROM pony_system_log WHERE log_source LIKE 'login'
Now let's have a fast look on Pony builder:
Changelog (available here http://pastebin.com/ufiueRSH):
Pony 1.9 got leaked in december 2012 and translated to English by Unic0de.
Someone trying to sell Pony the same day it got leaked (lol?):
Now for the panel of our bad guys, login:
Stolen passwords in the last 24 hours:
Stolen passwords in the last month:
FTP Clients popularity:
E-mail client popularity:
Add New User: