#31
|
|||
|
|||
Re: Done.
Thanks, kyleb.
I've edited out the source code, in case it might help others not as generous as you. I don't know, one way or the other, if it would. Is it necessary and safe for you to post it in full? --------------------------- I don't buy the "information is dangerous" card. If people want to create these man-in-the-middle attacks, they will do so. They can get the source code simply by visiting the pages. We can compromise. I won't post the entire source code, but I'm going to put the parts that matter in there for the users to see. People need to be educated on how this stuff happens. Agree? |
#32
|
|||
|
|||
Re: Done.
:::yawn::: not bad, bud. Your output would look similar to so:
2006-05-29 12:16:07 AM - 24.22.162.154 Display Name: kyleb MD5 Hash: 557f387ed69ed2f81ffd4263bd8002b5 E-mail: kyle.boddy@gmail.com Login: kyleboddy Session: w3t_myid=18077; w3t_key=fb0a4009e19343790134fbe71f1b28ee; PHPSESSID=fe8fe78dd5aa0fcd0b787cd892e42819; w3t_mysess=a529ea43c249fcbee9685c74d8baa9eb- Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.3) Gecko/20060426 Firefox/1.5.0.3 Anyhow, these actions are the result of your moderator "jasonb" insulting me. I came to these forums legitimately to report a similar hole with pokerroom.com. The difference is that hole allowed access to dump peoples chips. I got banned for spam and called an idiot. That's rediculous. Unfortunately, the structure of 2p2 is very poor and it is suseptible to a lot of manipulation. The admins have no technical knowledge and basically you are all vuln. If the admins give an apology for the mods conduct, I'll dissapear. If not, well then I guess we'll just have to see what happens next, won't we? Much Love, splices |
#33
|
|||
|
|||
Re: Done.
Quote:
|
#34
|
|||
|
|||
Re: Done.
Quote:
There is nothing I can say to dissaude you from what you are doing. Only that we should educate the people on the forum and listen. You make a good point about "hiding the truth" in your response to Mike Haven's post. Indeed, you are right. What you are doing is wrong, though. And you know it. I am not a man of morals, in fact, I'm a [censored] jerk and I don't care about anyone, really. If you see these people as guilty of some crime they wronged you of, fine. That's a job for the admins and moderators to stop, and you're right - none of them have any idea how to stop this kind of thing. Personally, I'd like to see the information you have about the PokerRoom exploit. |
#35
|
|||
|
|||
Re: Done.
30 minutes is on the clock for an apology to be posted on this thread for jasonb's insults to me that were completely unwarranted.
If you comply with my terms, I'll show forgiveness on this matter. Otherwise, things might get a bit ugly. |
#36
|
|||
|
|||
Re: Done.
30 minutes is on the clock for an apology to be posted on this thread for jasonb's insults to me that were completely unwarranted.
If you comply with my terms, I'll show forgiveness on this matter. Otherwise, things might get a bit ugly. -------------------- It's not up to me, bro. Also, I think you mean jason_t, right? |
#37
|
|||
|
|||
Re: Done.
You are holding an internet forum to ransom for an apology. You sad, pathetic loser.
|
#38
|
|||
|
|||
Re: Done.
yeah - i really dont care to give him the respect of properly declaring his little handle.
26 minutes. As a note, you fscks can ban all these accounts you want - I have plenty to choose from. |
#39
|
|||
|
|||
Re: Done.
I really dont think Jason_T will be the type to apologize. I dont even know if he would check the forums until he got home from work since he's a school teacher (prof?) if I recall correctly.
|
#40
|
|||
|
|||
Re: Done.
kyle, does it grab the password or just the session/md5 info? if its just the session info, that hash is stored somewhere in 2+2 forums database, lets just reset all that information?
if it steals the password, well, ugh... were in for a wild ride |
|
|