Home
Forum
Help
Login
Register
Username
Password
Anarchic Frontiers Minecraft Server
/
Forum
/
General Forums
/
General Forum
/ Topic:
what in the hell..
Pages: [
1
]
« previous
next »
Print
Author
Topic: what in the hell.. (Read 16241 times)
Intangir
Global Moderator
Posts: 5164
what in the hell..
«
on:
January 23, 2009, 02:13:24 am »
wow fantastic..
someone posted some pretty damn inappropriate spam on here and within less than a day it says 24 views, and it was full of pictures... really wrong pictures...
wtf is that..
someone manually did it too, this site is the least active site on the damn net these days and someone manually adds the most rotten shit on it, with links to another site.. and it gets 24 views instantly..
Logged
Hotshot[SF]
Global Moderator
Posts: 3305
Re: what in the hell..
«
Reply #1 on:
January 23, 2009, 08:05:44 am »
... you sure its not a bot?
And 24 view as in 24 unique IP's? Might of been the bot viewing his own post over and over?
edit: looking at this SMF, it seems rather weak. Cant seem to pull up any useful info :\ I cant even see your IP from the previous post, even tho the site says I should because im a mod.
«
Last Edit: January 23, 2009, 08:12:42 am by Hotshot[SF]
»
Logged
Intangir
Global Moderator
Posts: 5164
Re: what in the hell..
«
Reply #2 on:
January 23, 2009, 02:09:39 pm »
ok we should be able to now
we can also ban
global moderator is different than admin
i changed us to global moderator cause of the way i redesigned the site to share elements across all sites, (but also hide certain elements from certain sites, like wow stuff from the intangir.org site, or one guilds vent info from anothers) so now i dont log in as admin unless i need to make changes cause the site looks screwed up
Logged
Intangir
Global Moderator
Posts: 5164
Re: what in the hell..
«
Reply #3 on:
January 24, 2009, 02:51:43 am »
well they shouldnt be able to get away with it anymore
none of their bbcode tags will work
ours still will though
Logged
Hotshot[SF]
Global Moderator
Posts: 3305
Re: what in the hell..
«
Reply #4 on:
January 24, 2009, 11:59:00 am »
works now...
but while we are talking about security you are aware that this site sends the passes in plain text right?
Anyone sniffing the connection will have our username and passwords in plain text.
Logged
Intangir
Global Moderator
Posts: 5164
Re: what in the hell..
«
Reply #5 on:
January 24, 2009, 05:27:57 pm »
which part? the forum?
the passwords themselves are stored in the DM encrypted.. would be dumb of them to not send them that way. but i didnt write the forum so i dont know
Logged
Hotshot[SF]
Global Moderator
Posts: 3305
Re: what in the hell..
«
Reply #6 on:
January 27, 2009, 01:36:50 pm »
eh nevermind... just started looking up some security stuff...
Using either a packet sniffer or a firefox HTTP header addon I was able to see my password in plain text... but using a packet sniffer to detect it from another PC (like from my vmware) it wont work...
Long story short: Its calling a function that applies SHA-1 twice... not sure how that can work, but looking it up right now.
edit: Wow.... I am using Firefox with an extension called "No script" that stops javascript for all sites expect the ones you specifically say its ok on... ironically in this case it it was sending my pass in plain text...
«
Last Edit: January 27, 2009, 07:10:20 pm by Hotshot[SF]
»
Logged
Pages: [
1
]
Print
« previous
next »
Jump to:
Please select a destination:
-----------------------------
General Forums
-----------------------------
=> General Forum
-----------------------------
Anarchic Frontiers Forums
-----------------------------
=> Anarchic Frontiers Chat
=> Trades and Auctions
=> Points of Interest
=> Griefers and Bounties
=> Anarchic Frontiers News
Loading...