MESO-Rx

Anabolic Steroids

Brewly - Worldwide Marketplace

A guy with a new account shows up, makes an assertion with no proof and everyone just takes his word? He doesn’t want to use his own account out of fear of being black listed? That in itself discredits him as far as I’m concerned.

I’m not suggesting everyone just go to the site and slam your address in there but this is not evidence of a breach. He’s gonna have to do better than that if he wants to be taken seriously.
 
jackmeoff1 said:
A guy with a new account shows up, makes an assertion with no proof and everyone just takes his word? He doesn’t want to use his own account out of fear of being black listed? That in itself discredits him as far as I’m concerned.

I’m not suggesting everyone just go to the site and slam your address in there but this is not evidence of a breach. He’s gonna have to do better than that if he wants to be taken seriously.
Click to expand...
I'm with you, but you are wasting your breath.
 
DirectBullet said:
That's a lie and you know it. It's easy to proclaim that there is no vulnerability after you solve it. I will send some emails to your customers and see if some are MESO members. Obviously I took screenshots.

If you and DragonOrdnance have balls, transfer 20k to a trusted member of the community as a escrow and let's see if I'm not able to get the addressess of your customers. As you don't have many, let's bet and see if DragonOrdnance does the bet.

Let's see what you guys reply. Send 20k to the admin of Meso and I'm quite sure in a week I have a few thousand of yours orders and trackings.

So yeah, trust these guys. They don't even are willing to pay 1/4 of their promises. Making six figures I'm more bothered about the disrespect than the money.
Click to expand...

Question for ya...

This order information that you were able to hack into. Was that an active order that hadn’t been deleted yet or was I right in assuming that even though that info appears deleted it’s still floating around?
 
Randohando said:
As if you ever made anything close to $200/hr. lol

Everything =). Azure DevOps certified. AWS Solutions Architect Professional. Cloud guru and a decent dev.
Click to expand...
Do you swallow?
DirectBullet said:
That's a lie and you know it. It's easy to proclaim that there is no vulnerability after you solve it. I will send some emails to your customers and see if some are MESO members. Obviously I took screenshots.

If you and DragonOrdnance have balls, transfer 20k to a trusted member of the community as a escrow and let's see if I'm not able to get the addressess of your customers. As you don't have many, let's bet and see if DragonOrdnance does the bet.

Let's see what you guys reply. Send 20k to the admin of Meso and I'm quite sure in a week I have a few thousand of yours orders and trackings.

So yeah, trust these guys. They don't even are willing to pay 1/4 of their promises. Making six figures I'm more bothered about the disrespect than the money.
Click to expand...
Why don't you post here the proof of it? Just have a member here make a test address order through dragon ordnance's brewly storefront, and have him replicate the steps, or post the steps here.

I'm sorry man, I don't really see the whole point of this. If we're not able to replicate, I can't deliver on that. Thats a PRETTY MAJOR vulnerability, and something we worked hard on to not have.

Like literally foolish mistake.
 
DirectBullet said:
That's a lie and you know it. It's easy to proclaim that there is no vulnerability after you solve it. I will send some emails to your customers and see if some are MESO members. Obviously I took screenshots.

If you and DragonOrdnance have balls, transfer 20k to a trusted member of the community as a escrow and let's see if I'm not able to get the addressess of your customers. As you don't have many, let's bet and see if DragonOrdnance does the bet.

Let's see what you guys reply. Send 20k to the admin of Meso and I'm quite sure in a week I have a few thousand of yours orders and trackings.

So yeah, trust these guys. They don't even are willing to pay 1/4 of their promises. Making six figures I'm more bothered about the disrespect than the money.
Click to expand...


Do you only have a screenshot? Or did you happen to export it to a csv file? Validation of your exploit, in my experience, shouldn't take more than 48hrs. If they don't comply, then dump a scrubbed version of the csv to pastbin and then explain to us your attack vector. Otherwise, your just some dude with a screenshot and that doesn't carry to much weight...

@Brewly if the price is right ;)

B Ware said:
Question for ya...

This order information that you were able to hack into. Was that an active order that hadn’t been deleted yet or was I right in assuming that even though that info appears deleted it’s still floating around?
Click to expand...
You people are so quick to believe he actually hacked it. He has posted no evidence. The only thing this jackass is saying is "i hacked you and i have screenshot". POST THE SCREENSHOT THEN! No actual pen tester relies on a screenshot to back their claims. They send compromised data to the owner and the owner should pay up in exchange for the attack vector. If the owner fails to pay, then the pentester should make public the attack vector. @DirectBullet do it bitch
 
Last edited:
wsmwannabe said:
I'm not the early adopter type, so I'll wait and see how it plays out.

I haven't been on this forum long, but it seems there is plenty of pissing contests between members and members shitting on vendors (Although there is some excellent posts/info sprinkled throughout, and there are some VERY helpful members on here, you just gotta be willing to read and search). More often than not it does in fact look like snakes are getting run off, but that usually seems to happen in the first couple of pages. After 430 posts in this thread the OP seems to be sticking to what he said and isn't changing his story or his tone, which generally isn't the case. And since he isn't cracking, forum members are pushing harder to get... something, I'm not really sure what. Maybe some people are just bored, maybe OP fucked someone's mom. I'm not really sure. But some have a hard-on for OP for no reason.
Click to expand...
Obviously you haven't been here long. The crack house DO was hacked! We vet sources here. I see no testing on any of those vendors except for 1. DO is a nobody. Read through much more here before you try to attack us.
 
BigBaldBeardGuy said:
^^^ Lol, there’s always at least one member in the fan club!

So the site was down for over a day. A guy posts that he was able to get in and see customer orders, addresses, emails, etc. and you’re still in favor of this???

We’re all just a bunch of dumb meatheads. If someone was able to get in just to see, then imagine what someone motivated by greed or laws would be able to do.

This whole thing needs to be abandoned. It’s already been compromised in less than a week.
Click to expand...
We got reported by someone to our registrar. Similar situation that's been happening to some sources here, sources on SST, and SST itself. This is not as big of a deal as it may seem. The site was never down, it was just unreachable via the domain.

We've been dealing with this as well as attempted DDOS attacks. Again, a similar situation to what's been going on with sources here, sources on SST, and SST itself. Fortunately, we have a DDOS mitigation service in place.

I can't definitively tell you these cases are related, though it is sus. We have our hands full dealing with these things.

We were unable to replicate the vulnerability issue reported by the gentleman in this thread. If anyone here can replicate it, let me know.
 
Jacked82 said:
Obviously you haven't been here long. The crack house DO was hacked! We vet sources here. I see no testing on any of those vendors except for 1. DO is a nobody. Read through much more here before you try to attack us.
Click to expand...
Wait a second... you mean to tell me the vendors are BERATED to no end, and you thought my response was an attack?

HAHAHAHAHA
 
BigBaldBeardGuy said:
You are aware that this isn’t really a legitimate venture? Like they have a team in R&D validating this?

Dude hacked in. Took screenshots and emailed. Wtf needs to be validated on the “Software Development Life Cycle”??

All this nerd talk and the thread will turn back to Lurping talk.
Click to expand...
"You are aware that this isn’t really a legitimate venture?"
Can you clarify what you mean by this? We have a development team, yes. You can't just one-click setup a site like this in wordpress or something.

It takes a lot of time and money to develop a custom built site with a custom payment processor, live messaging, reviews, order updates, etc. I know it seems very simple on the surface, but it's not.

I get where you're coming from, but we can't have a productive conversation if every time I offer an explanation, it's just regarded as "nerd talk/gibberish" or now, "illegitimate".
 
Brewly said:
"You are aware that this isn’t really a legitimate venture?"
Can you clarify what you mean by this? We have a development team, yes. You can't just one-click setup a site like this in wordpress or something.

It takes a lot of time and money to develop a custom built site with a custom payment processor, live messaging, reviews, order updates, etc. I know it seems very simple on the surface, but it's not.

I get where you're coming from, but we can't have a productive conversation if every time I offer an explanation, it's just regarded as "nerd talk/gibberish" or now, "illegitimate".
Click to expand...

Easy... by “Legitimate” I’m talking legal business.

I’m not punching your baby. Just clarifying to your soon to be intern that validation procedures that he may employ thru the course of his job are not applicable to a peddler of illegal PEDs and PED accessories.
 
combover said:
maybe the time difference finally kicked in and he got tired...
Click to expand...
It do be getting rough.

Test_Subject said:
I guess I just don't see the point of this service. Amazon is as successful as it is because they provide a platform for vendors who have the ability to source a vast variety of products that people who don't have connections in the wholesale market don't have access to. There's a huge cost-savings compared to buying most things in a brick-and-mortar or on a single-company e-commerce site.

With this service, there's no real cost savings and I have to deal with yet another level of involvement when I can just e-mail my guy directly. If I use Brewly, I have to trust two people to not fuck things up instead of one. I have to trust the security of your website, deal with adding funds to your website etc. when I can just open Protonmail and say "hey, I need this" and transfer some BTC between wallets.

I really don't get it.

Edit: I just looked out of curiosity and the prices for most things on Brewly are nuts. $65 USD for tren E? Oh yeah...
Click to expand...
I think realistically, for most people, it's a convenience thing. One place for everything kind of deal. I understand if you don't get it/it's not your cup of tea.

Totally respect that man, and I appreciate you at least taking the time to check us out :)

wsmwannabe said:
I agree with the vetting being necessary.

When you say it like that, it makes a lot of sense. It just all seems very childish and counter productive in the way in which it is handled. The "throw a bunch of shit at the wall and see what sticks" method isn't very useful. It seems some people come on here just to get their aggression and frustration from daily life out.

No I don't trust him, but to be fair I don't trust anyone that sells AAS. I just have a supplier that I "least distrust".
Click to expand...
Yeah we think a more formal review process is a more efficient, objective form of vetting. Customers can place reviews, it affects ranking/visibility. Simple, just like any other marketplace or even DNM. If the DNM can do it with hard drugs, why can't we do it with AAS?

Though of course we want to add more forum-like features for public discourse with vendors.
 
BigBaldBeardGuy said:
Easy... by “Legitimate” I’m talking legal business.

I’m not punching your baby. Just clarifying to your soon to be intern that validation procedures that he may employ thru the course of his job are not applicable to a peddler of illegal PEDs and PED accessories.
Click to expand...
I see, my mistake then, I appreciate you clarifying.

Though, web development is web development. Someone reports an issue, we look into it, if we can replicate it, we fix it.
 
B Ware said:
Question for ya...

This order information that you were able to hack into. Was that an active order that hadn’t been deleted yet or was I right in assuming that even though that info appears deleted it’s still floating around?
Click to expand...
Make a dummy order right now (you don't have to pay it) then delete the info. I'll post you a screenshot of what I see from admin dashboard. Use fake info if you're scared.

Of course, you won't believe me though.

I don't understand why you think we'd save that information? How does it benefit the growth of Brewly or help our bottom-line?

Jacked82 said:
The system works here. Brewly is not a source and should not even have a thread here.
Click to expand...
Fair enough, thanks for considering Brewly.
 
Brewly said:
Make a dummy order right now (you don't have to pay it) then delete the info. I'll post you a screenshot of what I see from admin dashboard. Use fake info if you're scared.

Of course, you won't believe me though.

I don't understand why you think we'd save that information? How does it benefit the growth of Brewly or help our bottom-line?


Fair enough, thanks for considering Brewly.
Click to expand...

Can we see a screenshot of your BTC balance to see that you actually have the 10k to pay out on that proposed bounty?
 
MisterSuperGod said:
Can we see a screenshot of your BTC balance to see that you actually have the 10k to pay out on that proposed bounty?
Click to expand...
Screenshot is useless my friend.

Bitcoin is however a wonderful piece of tech that allows to sign a message with an address - providing an irrefutable piece of evidence.

I just mentioned that because it's interesting bit of cryptography if you feel like looking it up.
 
Eg.

Verify a Bitcoin Signed Message

Web site created using create-react-app
www.verifybitcoinmessage.com www.verifybitcoinmessage.com

Address: bc1q0perwtw72em6tvu3dy5nnpfcpwhseuqxndf8vw
Signature: IAfzk0beHPWm3G60ttLBkDIBw1JMPPtHNV+LKNNXzC09TvRRnC4u0lHJKkh2FazogRtNj3ag2WBDo+OwGgyIaKM=
Message: I love penis.

Proves that I am owner of the BTC wallet bc1q0perwtw72em6tvu3dy5nnpfcpwhseuqxndf8vw

Cheers
 
Brewly said:
I don't understand why you think we'd save that information? How does it benefit the growth of Brewly or help our bottom-line?
Click to expand...

It honestly hasn’t crossed my mind that you guys are saving personal info. It’s more of a tech concern. There are other platforms where I know deleted post, pics, etc are still stored


Brewly said:
Of course, you won't believe me though.
Click to expand...

I’ve had a peek behind the curtain. Pretty hard to gain trust after that.
 
You must log in or register to reply here.

Similar threads

FUYAO
FUYAO Peptides: Best quality and prices
2 3 4
Replies
62
Views
3K
accidentaljedi173
accidentaljedi173
Cain_SPC
Introducing SPC/SNP Nexaph.com – Premium USA Domestic Peptides at Unbeatable Prices!
3 4 5
Replies
89
Views
7K
TyroneBiggums
TyroneBiggums
F
Seeking Raw Material Supplier - Assistance Needed
Replies
15
Views
580
iris
I
Arail
Arail Pharmaceuticals - US Domestic
2 3
Replies
56
Views
4K
Arail
Arail
el_traficante
General Pharmaceuticals - EU Domestic & International
2 3
Replies
49
Views
6K
el_traficante
el_traficante

Sponsors

Latest posts

Back
Top