• AÉZA — CLOUD SERVERS FROM 0.02€/HOUR WITH ANTIDDOS PROTECTION

  • You MUST read the Babiato Rules before making your first post otherwise you may get permanent warning points or a permanent Ban.

    Our resources on Babiato Forum are CLEAN and SAFE. So you can use them for development and testing purposes. If your are on Windows and have an antivirus that alerts you about a possible infection: Know it's a false positive because all scripts are double checked by our experts. We advise you to add Babiato to trusted sites/sources or disable your antivirus momentarily while downloading a resource. "Enjoy your presence on Babiato"

I hacked RetryTech - BubbleTok. Expose Time!!

I am new into pentesting, lets be friends :)
zer0gr4vity said:
Hi Guys,

This is Zer0. I generally belong to the Dark web but recently a friend of mine referred me to the "Hottest thread" of this forum which also became "Most Viewed" thread of all time.

Yes, I'm talking about "BubbleTok" (the so called Tik Tok Clone by it's author). Before I get into the detailings, I wanna tell, I'm an active user on Codecanyon too and I recently discovered this app named "BubbleTok". The app is priced at $1004 for a regular license and a freaking 50K USD for an extended one. And there is a lot of hype about this app on the web as well as codecanyon.

At first, I downloaded all the available resources related to it from this forum and tried to run. And soon I realized, it was broken. After reviewing almost 300 comments on this forum and 250ish comments on codecanyon, I decided to do a research about it.

And here it is :

1. I hacked their server.

There are around 4 to 5 more scripts running on the same server. None of them is a quality based product.

2. Hacked it's cPanel.

There are 13 subdomains running on it. Earlier they had Vilo on the same server and they recently shifted to another one after knowing they were hacked.

3. Dumped all their databases.

I've dumped all their database. Not only the one those are linked to scripts. I've downloaded more ;)

There is a very famous app on play store which uses the same "BubbleTok" script. I'm going to reveal more about them in a day or two.

4. Your admin panel looks different than mine.

Since you guys just have the initial version and I've downloaded more of it. My admin panel is better than yours.

5. Look at their Phpmyadmin.

There is a subdomain "vilo.invatomarket.com" which was hosted on the same server as I've mentioned in point 2. Now, Look at the screenshot I've attached below. The database is almost empty. It doesn't have admin records. Now the same subdomain is attached to a different hosting and database.

PS : The attached file "invato domains.txt" has all the list of domains associated with the developer/author.

Conclusion : I've seen people ready to buy this script in collaboration with others. DON'T DO THAT. This guy is a fraud. Also, if you need any of their script that's available on Digicean.com, do let me know. I'll send it to you.
Click to expand...
 
  • Like
Reactions: zer0gr4vity
zer0gr4vity said:
Hi Guys,

This is Zer0. I generally belong to the Dark web but recently a friend of mine referred me to the "Hottest thread" of this forum which also became "Most Viewed" thread of all time.

Yes, I'm talking about "BubbleTok" (the so called Tik Tok Clone by it's author). Before I get into the detailings, I wanna tell, I'm an active user on Codecanyon too and I recently discovered this app named "BubbleTok". The app is priced at $1004 for a regular license and a freaking 50K USD for an extended one. And there is a lot of hype about this app on the web as well as codecanyon.

At first, I downloaded all the available resources related to it from this forum and tried to run. And soon I realized, it was broken. After reviewing almost 300 comments on this forum and 250ish comments on codecanyon, I decided to do a research about it.

And here it is :

1. I hacked their server.

There are around 4 to 5 more scripts running on the same server. None of them is a quality based product.

2. Hacked it's cPanel.

There are 13 subdomains running on it. Earlier they had Vilo on the same server and they recently shifted to another one after knowing they were hacked.

3. Dumped all their databases.

I've dumped all their database. Not only the one those are linked to scripts. I've downloaded more ;)

There is a very famous app on play store which uses the same "BubbleTok" script. I'm going to reveal more about them in a day or two.

4. Your admin panel looks different than mine.

Since you guys just have the initial version and I've downloaded more of it. My admin panel is better than yours.

5. Look at their Phpmyadmin.

There is a subdomain "vilo.invatomarket.com" which was hosted on the same server as I've mentioned in point 2. Now, Look at the screenshot I've attached below. The database is almost empty. It doesn't have admin records. Now the same subdomain is attached to a different hosting and database.

PS : The attached file "invato domains.txt" has all the list of domains associated with the developer/author.

Conclusion : I've seen people ready to buy this script in collaboration with others. DON'T DO THAT. This guy is a fraud. Also, if you need any of their script that's available on Digicean.com, do let me know. I'll send it to you.
Click to expand...


Bhai mujhe bubble tok code with database dijiye @ [email protected]
Thanks :)
 
7gtEO.gif


been fixing by creating my own tables for it
what table is missing for the upload?
@zer0gr4vity
 
  • Like
Reactions: 0nyxx
id love to know the exploits you used to hack it
zer0gr4vity said:
I didn't use any exploits. Hacking is majorly about skills and experience.
Click to expand...
im asking to share your experience with us or with me about server side hack like cpanel and databases without xss mysql injection by php. thank you very much
 
cysystem said:
id love to know the exploits you used to hack it

im asking to share your experience with us or with me about server side hack like cpanel and databases without xss mysql injection by php. thank you very much
Click to expand...

Bro, first things first, there has to be a loophole obviously. I didn't use any of the techniques you just mentioned. When it comes to hacking, you need to have a deep research on your target. I somehow found a place where I could upload an image but it didn't allow my shell to work initially, then I had to put a .htaccess file to fool the server into running my php shell. I also did a cPanel password reset via email spoofing. And there we some commands involved.
 
  • Like
Reactions: frpfix, dududududu and cysystem
TO EVERYONE WHO'S ASKING FOR CODE, BUBBLETOK IS A BROKEN APP AND YOU NEED A LOT OF HOMEWORK TO MAKE IT WORK. I'VE ALREADY HACKED THEM AND REVEALED IT HERE.

NOW, ALL I WANT TO CONVEY IS THAT WE'RE WORKING ON A FIX. AND SINCE IT'S A MAJOR TIME INVESTMENT, WE MIGHT SELL IT FOR LESS OR MAYBE EVEN PUBLISH IT FOR FREE. TIME WILL DECIDE. THANKS FOR YOUR PATIENCE.
 
  • Haha
  • Like
Reactions: dududududu and ipwnd
zer0gr4vity said:
Bro, first things first, there has to be a loophole obviously. I didn't use any of the techniques you just mentioned. When it comes to hacking, you need to have a deep research on your target. I somehow found a place where I could upload an image but it didn't allow my shell to work initially, then I had to put a .htaccess file to fool the server into running my php shell. I also did a cPanel password reset via email spoofing. And there we some commands involved.
Click to expand...
thank you very much
 
  • Like
Reactions: zer0gr4vity
zer0gr4vity said:
Hi Guys,

This is Zer0. I generally belong to the Dark web but recently a friend of mine referred me to the "Hottest thread" of this forum which also became "Most Viewed" thread of all time.

Yes, I'm talking about "BubbleTok" (the so called Tik Tok Clone by it's author). Before I get into the detailings, I wanna tell, I'm an active user on Codecanyon too and I recently discovered this app named "BubbleTok". The app is priced at $1004 for a regular license and a freaking 50K USD for an extended one. And there is a lot of hype about this app on the web as well as codecanyon.

At first, I downloaded all the available resources related to it from this forum and tried to run. And soon I realized, it was broken. After reviewing almost 300 comments on this forum and 250ish comments on codecanyon, I decided to do a research about it.

And here it is :

1. I hacked their server.

There are around 4 to 5 more scripts running on the same server. None of them is a quality based product.

2. Hacked it's cPanel.

There are 13 subdomains running on it. Earlier they had Vilo on the same server and they recently shifted to another one after knowing they were hacked.

3. Dumped all their databases.

I've dumped all their database. Not only the one those are linked to scripts. I've downloaded more ;)

There is a very famous app on play store which uses the same "BubbleTok" script. I'm going to reveal more about them in a day or two.

4. Your admin panel looks different than mine.

Since you guys just have the initial version and I've downloaded more of it. My admin panel is better than yours.

5. Look at their Phpmyadmin.

There is a subdomain "vilo.invatomarket.com" which was hosted on the same server as I've mentioned in point 2. Now, Look at the screenshot I've attached below. The database is almost empty. It doesn't have admin records. Now the same subdomain is attached to a different hosting and database.

PS : The attached file "invato domains.txt" has all the list of domains associated with the developer/author.

Conclusion : I've seen people ready to buy this script in collaboration with others. DON'T DO THAT. This guy is a fraud. Also, if you need any of their script that's available on Digicean.com, do let me know. I'll send it to you.
Click to expand...
you are so cool, thanks for sharing i also came to notice some of their issues so i already warned in the thread. This guy is actually from Gujrat, and some of my friends says that he also runs a youtube channel of Gamemods
 
Hello friends, I have seen all the work done. very good work. I wanted to ask if the correct code was finally obtained.
 
modman9 said:
you are so cool, thanks for sharing i also came to notice some of their issues so i already warned in the thread. This guy is actually from Gujrat, and some of my friends says that he also runs a youtube channel of Gamemods
Click to expand...
His is a kid, he gig is available in Fiverr, Just google his company name.. You will find his gig
 
You must log in or register to reply here.

Similar threads

jelbey00
My website got hacked/malware
Replies
11
Views
847
General Discussion
danyb0ss
danyb0ss
Indiweb
Need help-Hacked my bro gmail account and linked YouTube account
Replies
1
Views
322
General Discussion
Euro7
E
S
Wordpress site hacked
Replies
41
Views
2K
General Discussion
hpa105
hpa105
S
Wordpress Site hacked
Replies
9
Views
1K
General Discussion
alexmisaila
A
YUCATAN.DANCE
My Site's been hacked!
Replies
73
Views
6K
General Discussion
3xploit
3xploit

Latest posts

Forum statistics

Threads
79,312
Messages
1,138,927
Members
247,830
Latest member
RizalAbdullah

Share this page

Share this page
Top Bottom
Back
AdBlock Detected

We get it, advertisements are annoying!

However in order to keep our huge array of resources free of charge we need to generate income from ads so to use the site you will need to turn off your adblocker.

If you'd like to have an ad free experience you can become a Babiato Lover by donating as little as $5 per month. Click on the Donate menu tab for more info.

I've Disabled AdBlock