I'm wondering if it's possible to get the email database from this site by hacking into it. Not that I want to right now, but I know that someone did get the pin database for Neopets, maybe it's possible to get the email database for Club Penguin. Does anyone know about Club Penguin?
Of course, lol
Not really. I just depends if the page itself has a vuln were you can insert SQL or just keylog every users. The actual database is easier to access if you can get to the page were you modify the site, implying you could just ban users. You can't have the emails, but you can have the usernames, the emails are pretty much deleted, even they exist somewhere in the web, it'd be almost impossible to get to them.
If it were as easy as just wanting them, anybody would wanna go after it.
Im sure it's possible, but yeah, you would have to know what you were doing as with everything.
You should be prepared to shell out a bunch of money too!
It could be easy if you are lucky , but its highly doubtful.... How many other people would of tried before?
You need to look in places no one else has and to do that , you cannot use automated tools usually. For instance all basic neopets urls are protected from sql injections , however the urls that are inside game files might not be. No automated tool can decompile swfs and extract links from it so no default tool will find those vuns and that would be a good place to start to look... With a custom tool .
Going after any 1 company can take a long time and alot of trial and error. Without someone with skills/passion to do it you will need a fat wallet to justify there time lol.
Well, I think there is one or two pages that have a vuln. Every page has, even NORAD does, even it took over four hours to decrypt to access three minutes to a drone, it's possible. Like DDoSing*, it wasn't possible without using a downloaded LOIC*, but now you can go into http://santapizza.mx/index.html were you can use a online LOIC.
Same with IP's, you couldn't go into http://whatismyipaddress.com/ before, you had to do some Terminal, router, cmd or whatever function you could do. Now you just click a link and done. So yeah, it'd probably take a shit ton of time to decrypt a very minor part of Club Penguin, but it's probably possible.
Loic works in different ways depends on the target. Sometimes for instance you might want to crack a password to a database for instance and you have found it allows unlimited attempts. On a single pc it would take years litrally to go
ect for -10 letters and even longer with numbers + upercase. Now with a ddos network you could send a command to 1000s of pcs giving them each a small part of the job to execute and the time becomes more managable. For large botnets its actually possible for them to scan every ip adress on the web in a few hours. This means they can scan for vulnerabilitys in windows across the entire internet and spread there bots even further only giving them more clients.
Though from what I remember LOIC is a opt in tool.