CCBILL critical vulnerability story part II

[Maciej Gojny <vuln () ariko-security com>]

hello  FULL  DISCLOSURE!

We have found nice story about our previous ccbill advisory:
http://gfy.com/showthread.php?t=982701&page=2

 CCBILL CEO Ron C has written:

"This report was a complete joke. This was just a variation of a Nigerian scam. We contacted the website and they 
responded via GMAIL if we would "Western Union" them 10k they would tell us what was wrong. LOL They create a fake 
security page and post stuff and hope companies will pay the blackmail money VIA WESTERN UNION (LOL) 
But hey if it is on the Internet it MUST BE TRUE. 
End of Story. "

@Ron C everything you wrote is a lie! We will release soon full ccbill story part #2 with CCBILL working exploits, all 
chat logs etc...i hope you and William Bell will like it :)

You had enough time to fix all vulnerabilities (4 months).

regards,

Marcin Wrona
Ariko-Security TEAM



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/