|
Give me ideas
The Weakness in the Login System is still not fixed
so im asking u guys what should i do to get the attention of outspark! So that they will FINALLY fix that serious design flaw. Give me your ideas :D I though about blocking the gms from logging in, by hijacking every session i get and whitelisting everyone who hasn't a char named after a known gm. So u can log in after a 2nd try. Or maybe i should send whispers to all your friends online ? ;-) Give me your ideas!!! ps.: i already tried talking and the results are already documentated here. And outspark never, i mean never tried to get in contact with me. |
Have you provided screenshot proof to Outspark? Maybe you should screen how you do it and send it to them.
Then again.. they may still be trying to fix it. I can't and won't tell you to hack peoples accounts. |
i provided them with a proof of concept. If they would have asked, i would have provided my source code too.
But like with the SHN-Viewer, Outspark does not speak directly to me(Well Steam did...). I really have tried to get in contact with them. Mhh i guess i got some funny ideas.:D When it will happen i will warn u guys before, so u know what will happen lol. And maybe outspark will fix the weakness before that ;) And if they throw i awaw what i send them, i will gladly give it away again. p.s.: of course i wont harm any player in any way in the process. |
i like that idea of blacklisting GMs. just seems so funny.
|
yeh hes tellign the truth (well everyone knows allready) but yeh ghostly proved it to me by making my fiesta account say multiple logins detected when i asked her to show me on msn.
btw umm how bout logging on an admins account and using the command /area 999999999999 for liek exp n stuff then they wud get mad and have to listen to you. |
btw umm how bout we don't talk about specifics of any hacking on these forums?
Maxoff - e-mail support@outspark.com with links to images and such and maybe PM one of the GM's we have in these forums through the PM box here since the FF PM box is probably not as overwhelmed as the PM box on the officials. |
I always get a response from a GM... Maybe you should go on to one of their accounts, and move their items around, or something? Or make chests spawn?Just something to show them how big of an issue it is. (Because no one likes the idea of someone else on their account.)
Quote:
|
We're really not supposed to condone ANY kind of ToS violations on here, such as exploits and hacks.
This is somewhat in between the two. Just remember... you can talk about what you're going to do, without detail. But saying how, providing links on how to do it, or showing us via screenshots or pics, is not allowed. Also, we have staff members who lurk here too. I know Maxoff is trying to get noticed, but someone else might naively talk about the things they do. |
Quote:
Just saying . . |
hack the GMs and do random stuff in towns with it? o.o?
|
contact Fox News? Lol. They'll do a story on just about ANYTHING.
|
And then they will have a 15 minute debate between two professionals on whether it will get Outsparks attention.
Who knows, maybe they do know about it, but they're just still working on it? o.O Perhaps SKiNG will read this thread. And maybe giving it a more eye catching title will catch his eye on his next visit. |
I dont get response from any other GMs in game but Steam, when he was around. I tried to talk to Dakkon, but he didn't respond, after 10 minutes of waiting for response, I asked if he's there, he logged off
|
Quote:
And it was ghostly who inspired me to look into a weakness i knew since some time. 1st i hijacked the same account. 2nd i hijacked account under my control 3th i hijacked ghostly account to proof it working lol but it don't think using a gm command like "/Area" would be a smart idea. I can not test run a mass hack, and then even using something like that could be fatal. But it is a good idea, combined with the idea to constantly d/c the gm's. |
Outspark never tells us anything even if they are working on it...
then one day BAM its implemented (working or not) and there's SOOOOOOOOOOO much stuff that outspark is pressured by the players to fix... and then they have to convince the developers that it's important to do this or that 1st... looking at their maintenance schedules, it seems like we only get 1 patch a month... so i dont think this is something you can expect them to fix within 2-3 months, and them not saying anything doesnt mean they dont know about it or they're not working on it... GMs are under some weird contract about allowed telling players anything... (even if its good news) and esp when this has something to do with hacking... its even more reason for them to not leak any information out... i suggest you leave it for now |
if what u say is true, i would gladly wait.
BUT Outspark never spoke a single word about it with me. They didn't even said: "Thank you for reporting, we will take a look into it". They just banned the account i was reporting it on it. And i lost some important test character with it, too :(. And since im trying to make it public, they also never contacted me. They didn't even asked me to stop. |
Well... its kinda hard for them to say "thanks" when you're hacking their system right? They've told you to stop, so they DO know about wat you're doing....
and i dont think they can ask you for code and resources, coz that'll be asking for you to hack right? |
I agree with Hessah on this one *winks*, cause brute-forcing the servers again can lead to people DCing and data loss... You should already know that. The best you can do right now is warn people about this and tell them to keep a 15-char password.
|
i believe wat he's doing has nothing to do with ur password :D
but yeah with outspark.. you REALLY have to be patient... or try to... |
I don't think you can expect any trust from Outspark after hacking them..
|
Quote:
Quote:
Quote:
Quote:
Quote:
site note: i have the strange tendency to forget names, actions and negations. So plz don't wonder if something is missing in a sentence..... |
Quote:
|
Random suggestion: hijack one of the GMs characters and use it to PM another of the GMs telling them that there is this weakness in the game, and that that character is being hijacked atm. they cant exactly ignore a GM going "hi im a hacker who just hacked into this account" can they? no need to do anything that would harm innocent players...
|
Ok, I must first state that I DO NOT condone hacking in any way and although I have followed this thread closely to make sure it does not go beyond the rules of our forums, I have tried to stay out of this discussion. With that said, I must say NotMyWay's suggestion cracked me up.
GM_Dakkon - Psst... SnakeEyes, It's me Dakkon. GM_SnakeEyes - wth you just left your computer to go get coffee.... GM_Dakkon - I am a hacker I have taken over this account GM_SnakeEyes - Quit messing with me, did you install a computer in the break room? GM_Dakkon - Doh.... GM_SnakeEyes - I'll have some of that coffee you're having in there man. |
lol @ Spirit, but no i wasnt exactly expecting something like that...
actually what i was thinking was after the other GM replies "Quit messing with me, did you install a computer in the break room?" or something like that, you could reply "no, i am serious", then explain the vulnerability and how it can be fixed. |
I'll say this simply and quickly, and get straight to the point: I do not suggest you use your 'methods' in any way to cause a problem linked with any character account or server data. In the event that somehow a bug occurs in the midst of this, and Outspark loses data, they can hold you liable, and therein prosecute as they see it fit to do so.
Even if the matter is only to bring this to their attention, the way you're going about it, you could be risking a lawsuit you won't win. |
Quote:
GM_SnakeEyes - You know what I like but here's my password you already know? ******** GM_Dakkon - Alright Just log out and I'll bring your coffee. GM_SnakeEyes - Ok? ~Logs out~ MaxOff - Mwahahahahahahahahahaha Success ~Leaves sublinear message written in coffee stains on GM_SnakeEyes's pants. |
| All times are GMT. The time now is 10:12 PM. |
Powered by vBulletin® Version 3.8.6
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.