|
|
| Author |
Message |
Draine
Fresh Meat
Joined: 10 Sep 2005
Posts: 6
|
 Posted: 09/10/05 - 11:29 Post subject: Security flaw on theese forums - important
|
|
|
Hello there,
I bumped into your forums and noticed they are vulnerable to a certain exploit that allows a hacker to login on any user of choice.
Considering my purpose is to help and not destroy, I will not explain further details about it.
However, an admin can give me a in-game message and I'll reply with instructions to fix the flaw.
Keep in mind that me, or anyone, can view your private messages, post/delete/edit with your accounts, login on the admin account and do what the hell I or someone else feel like doing.
Refrain from typing sensitive information such as account details or the like here and make a backup copy if you're an administrator.
This post will be copied to the trade boards aswell.
Signed,
Draine
|
|
|
Back to top
|
|
|
|
 |
Callaren
RealPoor Sensei
Joined: 03 Dec 2003
Posts: 1598
Location: South Jersey
|
|
Posted: 09/10/05 - 11:34 Post subject:
|
|
|
|
instructionz plz
|
|
|
Back to top
|
|
|
|
|
joepromo
Luke Warm
Joined: 28 Jul 2003
Posts: 221
|
|
Posted: 09/10/05 - 11:40 Post subject:
|
|
|
|
injection is fun. If you want to break fedral laws to hack realpoor then you must be retarded.
|
|
|
Back to top
|
|
|
|
|
Draine
Fresh Meat
Joined: 10 Sep 2005
Posts: 6
|
|
Posted: 09/10/05 - 11:44 Post subject:
|
|
|
| joepromo wrote: | | injection is fun. If you want to break fedral laws to hack realpoor then you must be retarded. |
Considering realpoor.com contains trading boards and users that might not be so carefull about giving account details on the internet, it's actually not so retarded.
Also, what if I were destructive and decided to logon a admin and delete all boards, posts and users?
|
|
|
Back to top
|
|
|
|
|
Occulis
RealPoor Jedi
Joined: 11 Oct 2002
Posts: 13293
Location: Moral Relativity Central
|
|
Posted: 09/10/05 - 12:03 Post subject:
|
|
|
That's the same reasoning people give for "Why do you drive a soft top? Anyone could come along and slash it!!!"
Well, yeah. They could. Anyone can take a sharp instrument and destroy something. But why waste your time like that?
If you're so concerned, I would recommend PM'ing Ishmobbin or Khrath
|
|
|
Back to top
|
|
|
|
|
Draine
Fresh Meat
Joined: 10 Sep 2005
Posts: 6
|
|
Posted: 09/10/05 - 12:19 Post subject:
|
|
|
| Occulis wrote: | That's the same reasoning people give for "Why do you drive a soft top? Anyone could come along and slash it!!!"
Well, yeah. They could. Anyone can take a sharp instrument and destroy something. But why waste your time like that?
If you're so concerned, I would recommend PM'ing Ishmobbin or Khrath |
I fail to see how your example has anything to do with my warning.
Unless the feeling of slicing a soft top struck a nerve that struck another nerve and made you feel rather warm for a minute you do benefit more from hacking a user account on a trade forum.
And yes, I am concerned.
|
|
|
Back to top
|
|
|
|
|
Ishmobbin
( . )( . )'s Are Fun!
Joined: 09 Oct 2002
Posts: 1264
Location: Texas
|
|
Posted: 09/10/05 - 12:26 Post subject:
|
|
|
|
if the boards are hacked, there is a backup, so it really doesnt matter that much. and anyone that would PM account information on a message board deserves to get the account stolen.
|
|
|
Back to top
|
|
|
|
|
Callaren
RealPoor Sensei
Joined: 03 Dec 2003
Posts: 1598
Location: South Jersey
|
|
Posted: 09/10/05 - 13:46 Post subject:
|
|
|
| Draine wrote: | | Occulis wrote: | That's the same reasoning people give for "Why do you drive a soft top? Anyone could come along and slash it!!!"
Well, yeah. They could. Anyone can take a sharp instrument and destroy something. But why waste your time like that?
If you're so concerned, I would recommend PM'ing Ishmobbin or Khrath |
I fail to see how your example has anything to do with my warning.
Unless the feeling of slicing a soft top struck a nerve that struck another nerve and made you feel rather warm for a minute you do benefit more from hacking a user account on a trade forum.
And yes, I am concerned. |
You should do it.
|
|
|
Back to top
|
|
|
|
|
Zayahoue
Total Newbie
Joined: 11 Oct 2002
Posts: 40
|
|
Posted: 09/12/05 - 16:13 Post subject:
|
|
|
When one posts on realpoor, it's reasonable to expect a certain level of vileness/hate/ignorance, but jesus, he's identified a site hack and wanted to let us know, and you guys are attacking him? Rofl....
And you guys are saying that no one would s***w around with this board if they found out how just because it's illegal? ...... I dont even f*****g know what to say.
| Quote: |
That's the same reasoning people give for "Why do you drive a soft top? Anyone could come along and slash it!!!"
Well, yeah. They could. Anyone can take a sharp instrument and destroy something. But why waste your time like that?
|
Yeah because vandalism never happens.
Wow....
|
|
|
Back to top
|
|
|
|
|
Occulis
RealPoor Jedi
Joined: 11 Oct 2002
Posts: 13293
Location: Moral Relativity Central
|
|
Posted: 09/12/05 - 16:39 Post subject:
|
|
|
I don't think you understand the mindset of retards very well. You're probably a decently intelligent guy. I'll clue you in, since it has been suggested I am a retard.
If I discover there is an exploit with a forum, do I:
1) Warn the site admin
2) Ignore the exploit
3) Use the exploit
4) Make a public post, demanding attention
I choose #1. This retard chooses #4.
And the reference to jeeps (soft tops) wasn't saying that "no one commits vandalism." I was saying that nothing is bulletproof, nothing is free of intrusion. You drive on rubber tires. Rubber tires can be slashed. Do you spend 100% of your money and time trying to make your car slash-proof? No, you make a best-effort approach and hope for the best. Same thing here. We have a public forum and hope that no idiots come along and s***w it up.
This new guy is just an attention-seeking troll. Regardless of actual age, he's behaving like a child.
|
|
|
Back to top
|
|
|
|
|
Callaren
RealPoor Sensei
Joined: 03 Dec 2003
Posts: 1598
Location: South Jersey
|
|
Posted: 09/12/05 - 18:17 Post subject:
|
|
|
| Occulis wrote: | I don't think you understand the mindset of retards very well. You're probably a decently intelligent guy. I'll clue you in, since it has been suggested I am a retard.
If I discover there is an exploit with a forum, do I:
1) Warn the site admin
2) Ignore the exploit
3) Use the exploit
4) Make a public post, demanding attention
I choose #1. This retard chooses #4.
And the reference to jeeps (soft tops) wasn't saying that "no one commits vandalism." I was saying that nothing is bulletproof, nothing is free of intrusion. You drive on rubber tires. Rubber tires can be slashed. Do you spend 100% of your money and time trying to make your car slash-proof? No, you make a best-effort approach and hope for the best. Same thing here. We have a public forum and hope that no idiots come along and s***w it up.
This new guy is just an attention-seeking troll. Regardless of actual age, he's behaving like a child. |
pwned
|
|
|
Back to top
|
|
|
|
|
joepromo
Luke Warm
Joined: 28 Jul 2003
Posts: 221
|
|
Posted: 09/12/05 - 23:25 Post subject:
|
|
|
|
Fattguyy likes penis in his ass
|
|
|
Back to top
|
|
|
|
|
Zayahoue
Total Newbie
Joined: 11 Oct 2002
Posts: 40
|
|
Posted: 09/13/05 - 11:51 Post subject:
|
|
|
| Occulis wrote: |
4) Make a public post, demanding attention
I choose #1. This retard chooses #4.
|
Is the OP looking for attention? Well, yeah - he's new, and he probably was looking to feel important. Do 99.9999423% of the posts on this forum exist for the exclusive purpose of generating (or hoping to generate) attention? I say his method fits right in. Besides, as a new user, I could spend time trying to figure out who's an admin and/or trying to figure out how to message the site admin, or I could just post. Granted, I would probably have taken the time to mail the site admin, but whatever works.
| Occulis wrote: |
Well, yeah. They could. Anyone can take a sharp instrument and destroy something. But why waste your time like that?
|
Reading this, I see "No one destroys things because it's a waste of their time." and hence, attacked your post. Hrmm...I could be wrong I suppose, but the interpretation looks solid to me.
| Occulis wrote: |
Do you spend 100% of your money and time trying to make your car slash-proof? No, you make a best-effort approach and hope for the best. Same thing here. We have a public forum and hope that no idiots come along and s***w it up.
|
Err, I agree with you - however, if someone told you (which is kinda what the OP did) "Hey man, don't park there - you're going to get your shit slashed." You would at least consider what he was telling you, right?
Excellent reply! Well thought out, and it presents your case 100%. What else can I say?
-Zaya
[Edit - mistype]
|
|
|
Back to top
|
|
|
|
|
Binnamar
Fresh Meat
Joined: 29 Jun 2005
Posts: 6
|
|
Posted: 09/17/05 - 15:20 Post subject:
|
|
|
|
This reminds me of "National Treasure" where Nicholas Cage tells the FBI that the Declaration is gonna be stolen, and nobody believes him. He goes and tells another person that it's gonna be stolen, then he steals it and everyone was like "wtf".
|
|
|
Back to top
|
|
|
|
|
|
|
