Eat Your Own Dog Food

Well it seems like the guy who actually got into Matt´s account was not that clever after all, he forgot to secure his own email address, so here I'm! It was really stupid to get access to his email address, he used automattic as the password, so it took me no more than five minutes to hack him back. Ok, so what can we do with this blog right now? Oh yes, i do have some mailing between the guy and Matt, and i do have his password... if you want some insides drop some money on the left and i see what i can do ;) Oh, BTW, anyone interested in buying this blog or should i wait for a Google call?

ReviewThem

First of all i want to say that they are paying me some money to tell you this, in fact i have to say that this is a sponsored post because those are the rules of this game, but i can still say whatever i want about this new service. RevieMe is yet another service that has launched today that enables bloggers to write sponsored posts in return for a payment from advertisers. Whether you are using the pretty unsecured blogging platform that we all love or the old fashioned blogger, you can make some money with RevieMe just for... well, blogging. It was easy schmeazy to sign up, and within a few seconds I had an account and my first review was waiting on the dashboard.

Bloggers: Get paid to review services and Web sites that are of interest to your readers, and reap the benefits of conversation with advertisers. Advertisers: Get your service or Web site reviewed by bloggers, gaining your site traffic, invaluable feedback, and word of mouth buzz.

Do you blog? Go on and sign up.

The Comment

Well, now that i see all the sites i got access to has been reconfigured, i will let you know which is the comment that gave me the password. But first, i want to cite this:

Wow. What a big brain this guy has. Not only did he guess an easily guessed password based on published clues, but he -- a non hacker -- figured out what to do with that knowledge to make an ass of himself! #

This was only to probe that no one is safe from hackers, not even smart people as Matt —not you, obviously— and even more important is that you have to take good care of your information and what you give public access in the web. This may not be the best way to do it, but it gets to the point, so if i make the difference, even for 1 person, then it would have worked. Don´t like it, close the window, It is called freedom. Now, back to the comment thing... forget all the stupid ideas about security risks, password cracking, md5 hashes , exploits and all that crap, OK? It has nothing to do with WordPress. Wordpress is perfectly safe, and you can keep on using it. I got the password in plain text, and i found it in a public web address, that was accessible to ANYONE who has an internet connection. The comment is here http://asymptomatic.net/2006/06/01/2369/dear-web-development-community/#comment-62017

Hack the Matt

Here is the story of some guy who was doing his daily bloglines thing, when he found a comment that triggered the —always dangerous— question, what if <!-- insert EVIL ACTION in here -->... ?. I'm not a hacker, I'm not an expert in system administration nor server management, i don't do password cracking in my spare time, and i don't even speak or write English very well! but i do have common sense, and that is all i need. Matt Mullenweg, the lead developer of WordPress, is a really smart guy, i even admire him and pretty much all of his work, but i couldn't resist to see what would happen if I just... So, here is the story. After reading one of his comments, it only took me 5 minutes to find out Matt's password, the funny thing is that i tried to convince myself that he wouldn't be that silly, but guess what? he is that silly!. It is not that i only got access to his blog, he was using the SAME password —really crappy one— for ALL of his information/server/data/etc, I've got access to EVERYTHING MATT, trust me he is hanging from one of his balls right now. Fortunately for him, as i said before I'm not a hacker, nor a cracker, nor a dirty bastard who did not receive enough love when i was a baby, but imagine what i could have done with that information... just think for a minute. Here is a lesson for everyone, USE your god damn brain! I did nothing besides the redirection (yes, you are welcome), and NO i won't be revealing the password until i get confirmation of Matt that it has been changed and everything is safe. P.S. I'm sorry Matt, but it was so easy... i couldn't resist. Ok, now the Matt is back you can have some screenshots.