STAFF TEAM
Hello DarkForums community, Today I present a leak I feel very strongly about, and If you want to personally say fuck you to the Fowl individuals that run this site and help save children from potential monsters, I found some Anti human trafficking charities and have listed on this paste, if you want to donate anything, you can do it here, however I'm not forcing: https://snippet.host/bfgufz
The database I have is basically everyone who is apart of this ring, 627 database entries to be exact, although the user database on this website is claimed to be 4 million, sadly, I couldn't obtain it, the database I did obtain is of the "staff" as they are called who operate the website, and most of them are the ones producing it themselves.
here is some more information: https://snippet.host/hmduzy/raw
Without further ado, here it is:
![[Image: qne4w8.jpg]](https://files.catbox.moe/qne4w8.jpg)
Yeah there logo really is this blurry and shitty lol
FULL DATABASE LEAK: https://files.catbox.moe/itf5vy.txt
also, I found a bit of backend code from a folder marked "Forbidden" which I was able to access the file through a disclosure flaw, anyway, here is the code: https://privatebin.net/?0aba808753214362...BnZ4uavtk4
=======Who is the Founder/Owner of Loliporn onion site??===========
His identity has been unknown for years until now I caught a "little slip up" which I will explain eventually
His real name is Roudra Sarker, and he is an Indian who lives in Dhaka, Bangladesh
A detailed paste will be uploaded with all his information will be uploaded shortly
STAFF TEAM
15-05-25, 10:43 PM
(This post was last modified: 15-05-25, 10:49 PM by @desoxy.)
STAFF TEAM
15-05-25, 11:47 PM
(This post was last modified: 15-05-25, 11:49 PM by @l33tfg.)
(15-05-25, 10:43 PM)desoxy Wrote: Good work! interesting story.
by the way, the 3rd link is down.
is this him?
https://github.com/KasRoudra
Correct, it is him
The reason why I know its him, is because he accidentally left one of his emails which had his username KasRoudra in it, however he was quick to remove it within a day, but I luckily found it when I did, either way, it was a bad Opsec move for him to have a username connected to his real identity, with the same proton email he ran built the entire site from, the email in question was this: bykasroudra@protonmail.ch
if you search Bykasroudra, you will see its a signature used by him in various projects he does
I'll upload the paste a soon as possible, I want the make the formatting and quality of the paste/dox as good as I can possibly make it
Don't worry, I'll comment the new link to the backend source code when I can find a new place to upload it.
basically bykasroudra@protonmail.ch was temporarily listed in the site source code by accident lol, he thought nobody would see if he removed it quick enough
STAFF TEAM
(15-05-25, 11:47 PM)l33tfg Wrote: it was a bad Opsec move
average jeet behavior
STAFF TEAM
It is done: The ADMINS DOX: https://doxbin.com/upload/LolipornADMINDOX/raw
still looking for a paste site to reupload the backend source that can handle the file size and not expire in a few days, but I will eventually get it reuploaded
STAFF TEAM
what is the .onion link of this site ?
STAFF TEAM
(17-05-25, 09:53 AM)ahmed234 Wrote: what is the .onion link of this site ?
I didn't want to share it publicly, not only is it against the forums rules to share CP links regardless of the context, but I also don't want any pedos to cross this thread and use the link to access the CP site, because then I would be doing them a favor which I don't want
However if you want to find it, you easily can with any Tor search engine like Deepsearch
The only reason I would give it out privately, is if someone wanted to help me identify the children being exploited and turn it over to law enforcement, which is an ongoing process I've been trying to do.
STAFF TEAM
(17-05-25, 08:25 AM)l33tfg Wrote: still looking for a paste site to reupload the backend source that can handle the file size and not expire in a few days, but I will eventually get it reuploaded
Seeing you've mentioned me in a video, I'd be more than glad to take the source code off your hands mate and give you some credit... I'd of course go over everything and scrub it of links and shit as I don't want it to be linking off to actual CSAM so yk (and yes, I am the one and only Evil Rabbit Security, At me on X and I'll prove it)
STAFF TEAM
19-05-25, 01:56 AM
(This post was last modified: 19-05-25, 02:02 AM by @l33tfg.)
(18-05-25, 12:39 PM)EvilRabbitSec Wrote: (17-05-25, 08:25 AM)l33tfg Wrote: still looking for a paste site to reupload the backend source that can handle the file size and not expire in a few days, but I will eventually get it reuploaded
Seeing you've mentioned me in a video, I'd be more than glad to take the source code off your hands mate and give you some credit... I'd of course go over everything and scrub it of links and shit as I don't want it to be linking off to actual CSAM so yk (and yes, I am the one and only Evil Rabbit Security, At me on X and I'll prove it)
Yo whats good EvilRabbit
I have the source code now,
I found what appears to be backend PHP code: https://files.catbox.moe/2dgfs3.php
and I also found JavaScript code that seems to be used in Backend handling as they contain several endpoints related to backend services,
such as: - (used for contact form submissions)
- (used for settings updates)
- (used for restricted access or PIN verification)
all these where found in the following Javacript Jquery files, these files where inaccessible to the public view, and where found in a folder that was Forbidden, there must be some reason for that, it was in the /dist/ folder, I will analyze the code to see if theres any vulnerabilities that can be found
https://files.catbox.moe/ixqepx.txt
cdn.dashjs.org/latest/dash.all.min.js
cdn.jsdelivr.net/npm/flv.js@latest/dist/flv.min.js
(19-05-25, 01:56 AM)l33tfg Wrote: (18-05-25, 12:39 PM)EvilRabbitSec Wrote: (17-05-25, 08:25 AM)l33tfg Wrote: still looking for a paste site to reupload the backend source that can handle the file size and not expire in a few days, but I will eventually get it reuploaded
Seeing you've mentioned me in a video, I'd be more than glad to take the source code off your hands mate and give you some credit... I'd of course go over everything and scrub it of links and shit as I don't want it to be linking off to actual CSAM so yk (and yes, I am the one and only Evil Rabbit Security, At me on X and I'll prove it)
Yo whats good EvilRabbit
I have the source code now,
I found what appears to be backend PHP code: https://files.catbox.moe/2dgfs3.php
and I also found JavaScript code that seems to be used in Backend handling as they contain several endpoints related to backend services,
such as: - (used for contact form submissions)
- (used for settings updates)
- (used for restricted access or PIN verification)
all these where found in the following Javacript Jquery files, these files where inaccessible to the public view, and where found in a folder that was Forbidden, there must be some reason for that, it was in the /dist/ folder, I will analyze the code to see if theres any vulnerabilities that can be found
https://files.catbox.moe/ixqepx.txt
cdn.dashjs.org/latest/dash.all.min.js
cdn.jsdelivr.net/npm/flv.js@latest/dist/flv.min.js
for the PHP file, I scrubbed off the links and annoying comments for you mate
STAFF TEAM
What does each column represent in this breach? Is the first column a password? I noticed all the hashes are the same across the breaches - so what are they hashes of?
|
![[-]](https://darkforums.st/images/MyRes-MultipleCol/collapse.png)