Kenji

So the person hacking the sites was doing everyone a favor and that makes it okay?

I understand what gm9 and Pinski are saying, but I also understand where Flayedskin is coming from.

Pinski

So, obviously I think you've got this all wrong then. And for the record, no that IP that ballad's posted isn't Kenman's.

How is it harder to make sure, you know there's logs for a reason right? Or are you too stupid to enable those logs to know what happens on your forums? If you don't have logged enabled, then you should be hacked, imo. If you are too stupid to proper secure and setup logging systems to track things, then I hope you get hacked.

__________________
How many times do you hear it? It goes on all day long
Everyone knows everything And no one's ever wrong
Until later...
Who can you believe? It's hard to play it safe
But apart from a few good friends We don't take anything on faith
Until later..

Pinski

No, the person posting the PoC code is the one doing everybody a favor fucking moron. The person hacking the sites is a complete retard, but unless he did serious damage to you, you're a fucking moron for wanting to take him to a court.

__________________
How many times do you hear it? It goes on all day long
Everyone knows everything And no one's ever wrong
Until later...
Who can you believe? It's hard to play it safe
But apart from a few good friends We don't take anything on faith
Until later..

Vainamoinen

CustName: Otelco
Address: 505 3rd Ave East
City: Oneonta
StateProv: AL
PostalCode: 35121
Country: US
RegDate: 2006-06-06
Updated: 2006-06-06

NetRange: 72.242.218.0 - 72.242.219.255
CIDR: 72.242.218.0/23
NetName: ITCD-72-242-218-0
NetHandle: NET-72-242-218-0-1
Parent: NET-72-242-0-0-1
NetType: Reassigned
Comment:
RegDate: 2006-06-06
Updated: 2006-06-06

RTechHandle: ITCDE1-ARIN
RTechName: ITC Deltacom
RTechPhone: +1-800-374-2350
RTechEmail: john.atkins@deltacom.com

OrgAbuseHandle: INAC-ARIN
OrgAbuseName: IP Network ABUSE Center
OrgAbusePhone: +1-800-874-2350
OrgAbuseEmail: mike.ivey@deltacom.com

__________________
I was raised on TV,
Like so many of you I see around me.
Nothing to live or die for;
No religion too.

gm9

What he said.

__________________

Kenji

So it boils down to a matter of perception. Fair enough.

Vainamoinen

Just cause yer from Arab (Alabama), it doesn't make you a terrorist.

__________________
I was raised on TV,
Like so many of you I see around me.
Nothing to live or die for;
No religion too.

Ambarta

I dunno.. retarded statements like this are pretty good.
You think the hacking only started after Vortfu posted this?
This exploit has been around for a long time. People have been dabbling in other guilds eq2dkp pages for quite a bit of time. If you used the same password for other things.. like guild forums... they have been there too. Same password for your EQ Account maybe? Oh noooes Chinese hackers got into my computer, found my password and sold all my gear!
And you want to ban Vortfu for bringing it to everyones attention?
And delete the thread that is warning them?
Fuckwit.

__________________

Snark

I would have done it but I cant search users by IP's =(

__________________


http://heyandy.ytmnd.com/
http://acceptable.tv/videos/769-Cirque-Du-Soleil
http://www.break.com/index/sheep-wea...ares-herd.html

vortfu

Other than shit and giggles (which is always good)?

Firstly, the OP does not violate the site rules ... my post with the meth recipe and how to build an atomic bomb ... maybe =p

But so far you've been informed about a vulnerability in a piece of software which you use blindly out of the box ... and you've even got a patch for the bug right here in the thread (even though it would be better to just sanitize the $user variable in the SQL query to future proof any other code that calls session->create).

That's good right? (not as good as ninja pics ... but still better than nothing)

The other alternative would be for people to NOT know that there's a vulnerability in their systems and thus have nfi on how to fix it. Ignorance isn't always bliss... unless that chick from last weekend really was a man, then you just dont want to know.

By the looks of things no, EQDKP is not being actively developed. There's an occasional update here and there but it's far from being actively developed / supported... thus getting the original grats on being retarded in the OP.

Everyone else seems to fall into the other two gratsed categories.

vortfu