28 posts
38
Posted in
Protect Your Location
•
11th April 2015, 04:31 PM
Oh god this topic made me cringe. You do know IPs don't give you exact location and if they were serious they would send a "STUN" request which may get your real IP.
0
28 posts
38
Posted in
Credits - We want it back!
•
11th April 2015, 04:09 PM
Choco wrote on 11th April 2015 03:00 PM:
Hashir said on 11th April 2015 02:58 PM:
TimeLock said on 11th April 2015 01:44 PM:
Hashir said on 11th April 2015 12:53 PM:
Damen made a post about extras. Extras made OldCP look more custom and like a CPPS, and we don't want that!
Oh god, just like I thought. Why can YOU be allowed to have nameglow? Why can YOU be allowed to walk on walls? Why can YOU be allowed to have titles? Don't give me because "I'm a moderator" rubbish. If you can have why can't we have credits.
If you want a special namecolor, title etc. why not just work hard to get the rank?
Exactly.
They get it towards hard work. So if you work hard, you'll be rewarded.
TimeLock said on 11th April 2015 01:44 PM:
Hashir said on 11th April 2015 12:53 PM:
Damen made a post about extras. Extras made OldCP look more custom and like a CPPS, and we don't want that!
Oh god, just like I thought. Why can YOU be allowed to have nameglow? Why can YOU be allowed to walk on walls? Why can YOU be allowed to have titles? Don't give me because "I'm a moderator" rubbish. If you can have why can't we have credits.
If you want a special namecolor, title etc. why not just work hard to get the rank?
Exactly.
They get it towards hard work. So if you work hard, you'll be rewarded.
Avoided my question, answer them.
1
28 posts
38
Posted in
Credits - We want it back!
•
11th April 2015, 01:54 PM
Choco wrote on 11th April 2015 01:51 PM:
TimeLock said on 11th April 2015 01:44 PM:
Hashir said on 11th April 2015 12:53 PM:
Damen made a post about extras. Extras made OldCP look more custom and like a CPPS, and we don't want that!
Oh god, just like I thought. Why can YOU be allowed to have nameglow? Why can YOU be allowed to walk on walls? Why can YOU be allowed to have titles? Don't give me because "I'm a moderator" rubbish. If you can have why can't we have credits.
I'm gonna give you the moderator "rubbish" as you call. It's so people can identify them easier. That's only called logic.
Hashir said on 11th April 2015 12:53 PM:
Damen made a post about extras. Extras made OldCP look more custom and like a CPPS, and we don't want that!
Oh god, just like I thought. Why can YOU be allowed to have nameglow? Why can YOU be allowed to walk on walls? Why can YOU be allowed to have titles? Don't give me because "I'm a moderator" rubbish. If you can have why can't we have credits.
I'm gonna give you the moderator "rubbish" as you call. It's so people can identify them easier. That's only called logic.
If you were actually applying logi all they'd need was nameglow so it's different to other names, counter that if you can.
0
28 posts
38
Posted in
Credits - We want it back!
•
11th April 2015, 01:44 PM
Hashir wrote on 11th April 2015 12:53 PM:
Damen made a post about extras. Extras made OldCP look more custom and like a CPPS, and we don't want that!
Oh god, just like I thought. Why can YOU be allowed to have nameglow? Why can YOU be allowed to walk on walls? Why can YOU be allowed to have titles? Don't give me because "I'm a moderator" rubbish. If you can have why can't we have credits.
0
28 posts
38
28 posts
38
Posted in
Credits - We want it back!
•
11th April 2015, 11:43 AM
I know that we had this before but can this be added back, I think it was replaced with Gold, I guess but I liked being able to buy cool features for my penguin. 
Who else wants it back? I bet most staff won't want it because having those features makes them "special", but they can already kick and ipban/ban. So we need some for the users.
Who else wants it back? I bet most staff won't want it because having those features makes them "special", but they can already kick and ipban/ban. So we need some for the users.
5
28 posts
38
Posted in
XSS Vulnerability
•
11th April 2015, 10:10 AM
Found a vulnerability it oldcp_api, it's not a serious one. But still Damen you should patch it.
http://blizzard.api.play.oldcp.biz/oldcp_api/login.php?Username=<script>alert("Got to love XSS")</script><h1>TimeLock rocks</h1>
http://blizzard.api.play.oldcp.biz/oldcp_api/login.php?Username=<script>alert("Got to love XSS")</script><h1>TimeLock rocks</h1>
1
28 posts
38
Posted in
Hacked - How?
•
11th April 2015, 10:08 AM
Trinity wrote on 11th April 2015 10:01 AM:
May52 said on 11th April 2015 09:56 AM:
I recomend that you change your password every once and a while. But how do you change your password??
Contact an admin if you need to change ur password. Also, timelock you seem pretty experienced in programming and stuff o-o
I recomend that you change your password every once and a while. But how do you change your password??
Contact an admin if you need to change ur password. Also, timelock you seem pretty experienced in programming and stuff o-o
Yeah, I enjoy programming and "stuff"
1
28 posts
38
Posted in
Hacked - How?
•
11th April 2015, 09:53 AM
Trinity wrote on 11th April 2015 09:50 AM:
Nice post, just don't hack any of le accounts Lol.. (not saying ur a hacker). Hackers are nothing if you keep a very strong password, which you can remember.
But if the security of the database isn't good; a strong password won't protect you. But this topic was made so people create stronger passwords.
Zeternal wrote on 11th April 2015 09:08 AM:
Hackers that change pages of websites to something random, well they use Inspect Element. No no, not the Inspect Element that you can use to edit and it goes back to normal after reloading the page, another section of Inspect Element which lets you do changes that last FOREVER.
Oh god. Hackers don't use Inspect Element or some special one, I know this for a fact because I used to do stuff like this. They could find a flaw(example: Uploading), they'd send a shell which has ".jpg" appended repeat the request removing ".jpg". If you security doesn't check it you've now got "root" access - which is when you have beyond administrators. They change the index page to a deface. There it was hacked, this isn't for all cases. To the person who liked his post, you clear are gullible.
0
28 posts
38
Posted in
Hacked - How?
•
11th April 2015, 07:57 AM
Lloyd wrote on 11th April 2015 07:52 AM:
TimeLock said on 11th April 2015 07:44 AM:
Lloyd said on 11th April 2015 07:36 AM:
Mhmmm... I think people that have ranks and stuff have a strong password.
But still, I've seen some users that got hacked because they had a weak password.
I have a feeling they have a normal user password because they are worried they won't remember it - this is because they are normal users just with a higher rank.
I guess I could try to a dictionary attack with threading and see if I get a staff account.
Why would you do that?
Lloyd said on 11th April 2015 07:36 AM:
Mhmmm... I think people that have ranks and stuff have a strong password.
But still, I've seen some users that got hacked because they had a weak password.
I have a feeling they have a normal user password because they are worried they won't remember it - this is because they are normal users just with a higher rank.
I guess I could try to a dictionary attack with threading and see if I get a staff account.
Why would you do that?
I believe I said "I could"
1
28 posts
38
Posted in
Hacked - How?
•
11th April 2015, 07:44 AM
Lloyd wrote on 11th April 2015 07:36 AM:
Mhmmm... I think people that have ranks and stuff have a strong password.
But still, I've seen some users that got hacked because they had a weak password.
But still, I've seen some users that got hacked because they had a weak password.
I have a feeling they have a normal user password because they are worried they won't remember it - this is because they are normal users just with a higher rank.
I guess I could try to a dictionary attack with threading and see if I get a staff account.
1
28 posts
38
Posted in
Hacked - How?
•
11th April 2015, 07:02 AM
Hackers - How are they doing it?
Commonly, if people cannot get in to there account a mysterious hacker with no access to the MySql database appears? Now my theory assumes all the people hacked use simple password like
"kitty", "yourusername", etcetera. If that's the case you can actually be hacked to illustrate this even more. I programmed a program which will hack "TestDemo" - a test account. If your password is complex it either means you forgot it or your cookie was stolen. (Damen does this game even use cookies?)
Possibly your "k9" could of been stolen, your k9 allows you to join the game it's a random hash which well, gives you access to the game - but I doubt it, but bringing up all the possibilities.
Don't say I'm hacker this just a PoC - Proof of Concept.
I left the k9 because most people won't even know what to do with it.
Commonly, if people cannot get in to there account a mysterious hacker with no access to the MySql database appears? Now my theory assumes all the people hacked use simple password like
"kitty", "yourusername", etcetera. If that's the case you can actually be hacked to illustrate this even more. I programmed a program which will hack "TestDemo" - a test account. If your password is complex it either means you forgot it or your cookie was stolen. (Damen does this game even use cookies?)
Possibly your "k9" could of been stolen, your k9 allows you to join the game it's a random hash which well, gives you access to the game - but I doubt it, but bringing up all the possibilities.
Don't say I'm hacker this just a PoC - Proof of Concept.
I left the k9 because most people won't even know what to do with it.
~Discuss this.
8