Sorry guys, but I'm out of a job in South Africa forever and ever

TelkomUseless

TelkomUseless

Honorary Master
Joined
Mar 13, 2006
Messages
14,785
timgaul said:
The baas, he shout me!
Click to expand...
LOL!

Isn't "Lotto" a reserved word. I'm sure that he can't use it (except if they gave him permission)

I remember long time ago... a guy I knew had a website with lotto in the name. He had to change it..
 
semiautomatix

semiautomatix

Honorary Master
Joined
Nov 9, 2005
Messages
11,914
TelkomUseless said:
LOL!

Isn't "Lotto" a reserved word. I'm sure that he can't use it (except if they gave him permission)

I remember long time ago... a guy I knew had a website with lotto in the name. He had to change it..
Click to expand...

You also know Darryl Otto van Schalkwyk or darrylottovanschalkwyk.co.za?
 
Black Sheep

Black Sheep

Well-Known Member
Joined
Jul 16, 2009
Messages
154
TelkomUseless said:
LOL!

Isn't "Lotto" a reserved word. I'm sure that he can't use it (except if they gave him permission)

I remember long time ago... a guy I knew had a website with lotto in the name. He had to change it..
Click to expand...

What?!
That doesn't sound right.
 
Black Sheep

Black Sheep

Well-Known Member
Joined
Jul 16, 2009
Messages
154
EtienneK said:
I think he's right. If you own a trade mark, you have to protect that trade mark by stopping others from using it, otherwise you may lose it.
Click to expand...

But there's like a gazillion products/sites, which are not affiliated which makes use of the word lotto or some derivative thereof.
 
E

evilsee

Senior Member
Joined
Sep 12, 2003
Messages
563
I actually got offered a job , by 'hacking' a site.

One day I received some weird spam sms, being annoyed, I visited the site.

I thing proceeded to try some sql injection for the login, and voila, I managed to login as the admin user, which also allowed me to see the admin profile page ( this listed the owners details: address, cell phone, id number).

I could not do much really other than upload files, which allowed me to upload a .php and execute code via the browser. So I upload a file to:

1. print our the directory structure,
2. then I uploaded one to print out the code from all the files - got the db details this way
3. then I uploaded one that allowed me to run sql commands and using this I managed to have a look at the db

it had about 50 000 records of mobile phone numbers.

I was very tempted to replace all of these number with the owners phone number,

but instead I called him up and asked him how he got my number and that I wanted to be removed. I also told him he site was insecure and explained to him why. He then asked if I need a job, I declined being content in my current job.

I wish I could remember the name of this company
 
R

Reelix

Senior Member
Joined
Jun 24, 2008
Messages
597
Gawd that site is terrible :|

I register using fake details, then try to change my pass.

Upon trying to change my pass, it complains my e-mail address is in an invalid format.

I then firebug the e-mail box status to valid (It was disabled) and continue on my way.

Error Type:
Microsoft OLE DB Provider for ODBC Drivers (0x80040E14)
[Microsoft][ODBC SQL Server Driver][SQL Server]Line 1: Incorrect syntax near 'Notsosecure'.
/lottolive/secsite/site/AccountDetails.asp, line 22


And now I better stop before he phones ME up -_-


- Edit -

Heh evilsee - After pentesting a companies sites, and finding severe SQL injection in around 90% of them (Tested about 20), and reporting I was also offered a job :p

Ive also gotten into some serious job-related issues with people tracking me down, and complaining to anyone they could find relating to my name (Eg: My boss)

So yea, pros and cons :p
 
Last edited:
You must log in or register to reply here.
Top