Hey, CPPSHQ,
I would like to inform you that a user recently broke into CP-Pro’s MySQL Database, and posted a leak of their passwords to the public. The leak has not yet been removed, nor the URL to it, so it may still be seen by everybody.
This brings me to my first important point. If you have an account registered on CP-Pro, and you use the password there on other sites, CHANGE YOUR PASSWORD! Remember that everybody can still see the link to the leak, so they could get your password and decrypt it.
Now, you may be thinking something along the lines of, “Ha! Decrypt it! CP-Pro doesn’t just use MD5 or Base64!” Well, I would like to inform you that in fact, it does use MD5. There have been rumors, but all the passwords are not encrypted in the language iFlexs claims they are. Firstly, the swfs give away that it’s encrypted in MD5. Secondly, the leak has all it’s passwords as MD5. Do not believe what is said about it’s password encryption. It is plain MD5.
Now, anyway, along with that, CP-Pro was taken down by another user, like it says on its site. Beware of the security of CP-Pro, as the person who leaked the passwords and the user who took down the CPPS are two different people. I’m not sure if the CPPS will be back soon.
More news soon,
B00mX0r
