[From-Scratch] Coded forum - (PHP/MySQL)

Phrate Senior Member It's been 9 years! Posts: 1,297 Phrate inherit 54640 0 Jul 2, 2019 10:52:15 GMT -8 Phrate It's been 9 years! 1,297 Senior Member August 2005 ghotherkill	[From-Scratch] Coded forum - (PHP/MySQL) Dec 10, 2009 18:52:29 GMT -8 Select Post Deselect Post Link to Post Member Give Gift Back to Top Post by Phrate on Dec 10, 2009 18:52:29 GMT -8 Dec 10, 2009 18:39:44 GMT -8 Renegade said: i found some security flaws And apparently you downed the whole website. Please change it back. Edit: Seems to be only on Safari
	Last Edit: Dec 10, 2009 18:56:53 GMT -8 by Phrate

Renegade Alpha Tester As unique as mice pudding milkshake Posts: 40,557 Renegade inherit Alpha Tester 12045 micepudding renegadeocop 0 Nov 19, 2012 14:52:05 GMT -8 Renegade As unique as mice pudding milkshake 40,557 Collecting Dust August 2003 Facebook Twitter YouTube renegade	[From-Scratch] Coded forum - (PHP/MySQL) Dec 10, 2009 18:59:58 GMT -8 Select Post Deselect Post Link to Post Member Give Gift Back to Top Post by Renegade on Dec 10, 2009 18:59:58 GMT -8 i didnt do anything that major
	Shoutboxes with PB security options (and full PB integration!) \| Free games \| Multiplayer Gaming Are you awesome enough to join the PB AIM room? Apply here.

Phrate Senior Member It's been 9 years! Posts: 1,297 Phrate inherit 54640 0 Jul 2, 2019 10:52:15 GMT -8 Phrate It's been 9 years! 1,297 Senior Member August 2005 ghotherkill	[From-Scratch] Coded forum - (PHP/MySQL) Dec 11, 2009 16:14:33 GMT -8 Select Post Deselect Post Link to Post Member Give Gift Back to Top Post by Phrate on Dec 11, 2009 16:14:33 GMT -8 Yeah, nevermind. Had to do with my reputation feature, I guess.

S\|P\|L\|A\|T v5 Beta Tester Posts: 1,324 S\|P\|L\|A\|T inherit v5 Beta Tester 96206 DylanxMowsxFaces 0 Apr 8, 2024 11:48:08 GMT -8 S\|P\|L\|A\|T 1,324 Senior Member January 2007 splatcatballa99	[From-Scratch] Coded forum - (PHP/MySQL) Dec 11, 2009 20:32:07 GMT -8 Select Post Deselect Post Link to Post Member Give Gift Back to Top Post by S\|P\|L\|A\|T on Dec 11, 2009 20:32:07 GMT -8 lol so you ip banned me for finding an exploit in your forum? I didn't do anything malicious with it... shows your maturity level.
	Last Edit: Dec 11, 2009 20:32:23 GMT -8 by S\|P\|L\|A\|T Free Premium Image Hosting!

Phrate Senior Member It's been 9 years! Posts: 1,297 Phrate inherit 54640 0 Jul 2, 2019 10:52:15 GMT -8 Phrate It's been 9 years! 1,297 Senior Member August 2005 ghotherkill	[From-Scratch] Coded forum - (PHP/MySQL) Dec 12, 2009 4:12:38 GMT -8 Select Post Deselect Post Link to Post Member Give Gift Back to Top Post by Phrate on Dec 12, 2009 4:12:38 GMT -8 I didn't ban you.. I was informed that one of my staff members just wanted to see if you were any good at what you were doing, so they banned you, tempting you to get back in I guess?

Malagrond v5 Beta Tester Remember, remember the 5th of November. Posts: 813 Malagrond inherit v5 Beta Tester 123128 0 Feb 3, 2020 13:53:38 GMT -8 Malagrond Remember, remember the 5th of November. 813 Full Member April 2008 malagrond	[From-Scratch] Coded forum - (PHP/MySQL) Dec 17, 2009 8:44:10 GMT -8 Select Post Deselect Post Link to Post Member Give Gift Back to Top Post by Malagrond on Dec 17, 2009 8:44:10 GMT -8 I know your site warns that it's best viewed in Internet Explorer, but this with Safari? I'll try to test some injections for ya too. ~Mala
	Gift from Meghansaran \| [Template] Return PBSupport's Graphics Request section is almost useless.

Phrate Senior Member It's been 9 years! Posts: 1,297 Phrate inherit 54640 0 Jul 2, 2019 10:52:15 GMT -8 Phrate It's been 9 years! 1,297 Senior Member August 2005 ghotherkill	[From-Scratch] Coded forum - (PHP/MySQL) Dec 18, 2009 8:21:58 GMT -8 Select Post Deselect Post Link to Post Member Give Gift Back to Top Post by Phrate on Dec 18, 2009 8:21:58 GMT -8 Yes, that's with just about any browser besides IE. But, a fellow named Luke is going to help make it cross-browser. And, that's not necessary. In fact, I'd appreciate it if everyone stopped trying.

Charles Stover v5 Beta Tester Posts: 1,731 Charles Stover inherit v5 Beta Tester 130228 0 Jul 11, 2024 19:19:59 GMT -8 Charles Stover 1,731 Senior Member August 2008 gamechief	[From-Scratch] Coded forum - (PHP/MySQL) Dec 18, 2009 11:34:44 GMT -8 Select Post Deselect Post Link to Post Member Give Gift Back to Top Post by Charles Stover on Dec 18, 2009 11:34:44 GMT -8 And, that's not necessary. In fact, I'd appreciate it if everyone stopped trying. It's better someone find it now than a member who's intent is malicious.

Renegade Alpha Tester As unique as mice pudding milkshake Posts: 40,557 Renegade inherit Alpha Tester 12045 micepudding renegadeocop 0 Nov 19, 2012 14:52:05 GMT -8 Renegade As unique as mice pudding milkshake 40,557 Collecting Dust August 2003 Facebook Twitter YouTube renegade	[From-Scratch] Coded forum - (PHP/MySQL) Dec 18, 2009 13:04:11 GMT -8 Select Post Deselect Post Link to Post Member Give Gift Back to Top Post by Renegade on Dec 18, 2009 13:04:11 GMT -8 you still haven't fixed the major flaw i found last week, or even disabled the way I was using it. do you need a demonstration of the damage I could do with it before you decide its worth changing?
	Shoutboxes with PB security options (and full PB integration!) \| Free games \| Multiplayer Gaming Are you awesome enough to join the PB AIM room? Apply here.

Jordan
Moderator

What is truth?

Posts: 11,838

[From-Scratch] Coded forum - (PHP/MySQL) Dec 19, 2009 17:28:43 GMT -8

Post by Jordan on Dec 19, 2009 17:28:43 GMT -8

Dec 18, 2009 13:04:11 GMT -8 Renegade said:

you still haven't fixed the major flaw i found last week, or even disabled the way I was using it. do you need a demonstration of the damage I could do with it before you decide its worth changing?

What is the exploit that you did? I did some messing around on the forum, but since I'm not very knowledgeable about common exploits I didn't find anything before I was banned.

I'm not going to be going back on the forum, but I plan on making a simple website in the future and I'm just wondering what the common injections are. I saw that you made a post and then modified it to remove the exploit. What exactly did you do? Did you just put a Javascript code in it?

Michael Part of the Furniture Posts: 14,585 Michael inherit 100824 0 May 13, 2012 5:37:49 GMT -8 Michael 14,585 Part of the Furniture March 2007 wrighty	[From-Scratch] Coded forum - (PHP/MySQL) Dec 21, 2009 8:38:07 GMT -8 Select Post Deselect Post Link to Post Member Give Gift Back to Top Post by Michael on Dec 21, 2009 8:38:07 GMT -8 Would be rather handy for coders if common exploits were listed etc...
	Me, my site and I

Renegade Alpha Tester As unique as mice pudding milkshake Posts: 40,557 Renegade inherit Alpha Tester 12045 micepudding renegadeocop 0 Nov 19, 2012 14:52:05 GMT -8 Renegade As unique as mice pudding milkshake 40,557 Collecting Dust August 2003 Facebook Twitter YouTube renegade	[From-Scratch] Coded forum - (PHP/MySQL) Dec 21, 2009 12:35:12 GMT -8 Select Post Deselect Post Link to Post Member Give Gift Back to Top Post by Renegade on Dec 21, 2009 12:35:12 GMT -8 yeah, that's a good plan, i'll just post here how to wreck his forum. oh wait - that's not a good plan at all
	Shoutboxes with PB security options (and full PB integration!) \| Free games \| Multiplayer Gaming Are you awesome enough to join the PB AIM room? Apply here.

Luke v5 Beta Tester Posts: 2,993 Luke inherit v5 Beta Tester 112533 0 Dec 8, 2022 0:53:44 GMT -8 Luke 2,993 *Pro* Member October 2007 darkzer0	[From-Scratch] Coded forum - (PHP/MySQL) Dec 21, 2009 16:47:17 GMT -8 Select Post Deselect Post Link to Post Member Give Gift Back to Top Post by Luke on Dec 21, 2009 16:47:17 GMT -8 Dec 21, 2009 8:38:07 GMT -8 Michael said: Would be rather handy for coders if common exploits were listed etc... Try this: www.securereality.com.au/studyinscarlet.txt

Ryan *Pro* Member hi Yo. Posts: 4,431 Ryan inherit hi 65816 pbsryan 401009006 0 Dec 19, 2020 21:47:21 GMT -8 Ryan Yo. 4,431 *Pro* Member December 2005 eliasfong	[From-Scratch] Coded forum - (PHP/MySQL) Dec 23, 2009 14:37:40 GMT -8 Select Post Deselect Post Link to Post Member Give Gift Back to Top Post by Ryan on Dec 23, 2009 14:37:40 GMT -8 Nov 25, 2009 13:28:48 GMT -8 frufru said: Remember when Renegade, Martyn, and Pat Clinger came and had fun with some guy's web app that was full of security holes?

RedBassett
Moderator

Bark Different.

I'm a Marxist/Lennonist of the Groucho/John variety.

Posts: 15,405
Mini-Profile Theme: RedBassett's Mini-Profile

[From-Scratch] Coded forum - (PHP/MySQL) Dec 27, 2009 9:09:37 GMT -8

Post by RedBassett on Dec 27, 2009 9:09:37 GMT -8

Common suggestion:

Do not tell someone when they (fail to) login if it is the username or password that they have wrong. This makes it easier to guess at the login, especially under some circumstances.

[From-Scratch] Coded forum - (PHP/MySQL)

Post by Phrate on Dec 10, 2009 18:52:29 GMT -8

Post by Renegade on Dec 10, 2009 18:59:58 GMT -8

Post by Phrate on Dec 11, 2009 16:14:33 GMT -8

Post by S|P|L|A|T on Dec 11, 2009 20:32:07 GMT -8

Post by Phrate on Dec 12, 2009 4:12:38 GMT -8

Post by Malagrond on Dec 17, 2009 8:44:10 GMT -8

Post by Phrate on Dec 18, 2009 8:21:58 GMT -8

Post by Charles Stover on Dec 18, 2009 11:34:44 GMT -8

Post by Renegade on Dec 18, 2009 13:04:11 GMT -8

Post by Jordan on Dec 19, 2009 17:28:43 GMT -8

Post by Michael on Dec 21, 2009 8:38:07 GMT -8

Post by Renegade on Dec 21, 2009 12:35:12 GMT -8

Post by Luke on Dec 21, 2009 16:47:17 GMT -8

Post by Ryan on Dec 23, 2009 14:37:40 GMT -8

Post by RedBassett on Dec 27, 2009 9:09:37 GMT -8