Logripping/JTR fun ruiners
Damn, Like I said earlier I've been out of this game for a while, what is it with all the billing companies ruining the fun from log ripping and using JTR.
You used to be able to just download Verotelrum.log and get plain text number combos... now it looks to me like the password is encryped and never dumped to the log :-
2006-07-11 04:19:55 [29382] | request from IP 195.20.32.174, amount '19.95', trn 'rebill', trn_id '30090270', usercode '31658824'
They have even added IP checking to check the ADD comes from the verotel server, again once upon a time you could just ADD as long as you had $secret-key
Same thing has happened with CCBILL by the looks of it...
Gone from this :-
ADD-rednuht:992Cme7PbQrI.|rednuht:1024395326:20020404:20020504:Recurring
to
ADD-111|20060718162020|nxehoH|46145163|64.38.240.97
UPDATE-111|20060718162133|nxehoH|46145163|64.38.240.97
I managed to download a copy of the RUM package from Verotel but CCBill asks for VAT code so I can't interpret the log entry much, obviously ADD, 111, date stamp. IP I understand. Went to sign up and no option to pick user/pass so I presume nxehoH is a random gen'd username name, is the 46145163 just a transaction ID ?
Scratch that.. must be a diff type of script that site is running. Cos another one is in the classic format with a recent date (17/07/06) :-
ADD-denver:349.CEDpqCm5U|denver:46102975:20060717::Recurring
ADD-CMSFRAT:99OeZnPjYxtyw|CMSFRAT:46122651:20060717::Recurring
KILL-CMSFRAT
Last edited by jamie_p; 07-19-2006 at 12:55 PM..
|