Page 1 of 1

WARNING: (Hack the planet I did it HELLYEAH) Youre trivia...

PostPosted: Fri Nov 17, 2006 7:55 pm
by Gabriël
Your quizzes can be hacked, maybe thats why they're not so kind to give credit for it anyway you can solve this by including a meta tag to PRAGMA NO CACHING and any other hack you know to permit POST GET caching (Mozilla did this with my magic hands) 4 seconds for 10 questions ... some score huh !@!

DECLARATION // INVOICE
TO: The Webmaster or phukup fruitcake that is involved solving this meuk
IN NAME OF THE HOLY INTERNET ETHICS GOD I COMMAND YOU TO TRANSFER ANY REASONABLE AMOUNT FOR THIS INFORMATION... (your karma will grow faster if you give more)

PostPosted: Sat Nov 18, 2006 4:29 pm
by nesman
Let me see if I follow. You filled in the quiz pages, so Mozilla would cache the data. Then, exited the quiz, restarted it with cached data and promptly submitted the page with your cached data. Even if there was a meta tag to prevent caching (setting this from the php header function would be better anyway) it is very easy to post data to the page without using a browser. Still, to prevent this from happening accidentally, I agree it's not a bad idea for Battye to double check how cache control is handled in the quiz mod.

You should check out cURL and wget for more information on passing POST and GET vars outside of your browser.

I'd say this is more of an abuse than a hack. ;) Setting cache control would work in the same way that checking for referer stops image hotlinking. It might stop people from making this happen by accident, but a determined person wouldn't have any trouble. Then again, why a hacker would be interested in cheating at a phpbb quiz is beyond me. :)

Edit:
Btw, Battye: I think the security functions for your phpbb are set a little high. I wouldn't let me post the words cURL and wget untill I munged them. See if it lets you. (quote this page to see what I had to do). I think we ran into this before when we were talking about some script. Maybe CMX uptime?

PostPosted: Mon Nov 20, 2006 10:48 am
by Gabriël
nesman wrote:Let me see if I follow. You filled in the quiz pages, so Then again, why a hacker would be interested in cheating at a phpbb quiz ?

Why ... oh .,.. why ....
For me to know for you to figure out.
Hacking is an art, it's phun on anything, from PHP to your entire social network. Ow, and can anybody spam me that link of the virtual world I heard so much about (some virtual city on the net where people can build entire lives ... virtually.) Since I have my melanchy-filled days for now and then it would be nice to have a hide-out / hangingspot.

PostPosted: Tue Nov 21, 2006 10:11 pm
by threewing
nesman wrote:I agree it's not a bad idea for Battye to double check how cache control is handled in the quiz mod.


And install a 100 CMX$ reward for cheetah/Hackah of the month (flashy billboard, the works, you know)

nesman wrote:Then again, why a hacker would be interested in cheating at a phpbb quiz is beyond me. :)


I know that one!!!
It is there, he/she can get into it, he/she wants to find out/show how he/she can crack it/win it to well/ill-inform the owner to either warn/threaten/annoy the owner and use/abuse/ignore the subjected system/swiss cheese :D
Don't know much about hacking though, or PHP. But I know 'bout swiss cheese... I saw Gabriël beat most time records that evening. And even I know the advantages of the F5 button.
I just wonder why anyone would hack a quiz where there are so few contenders. Even I never participate there :P

I voted the 1200 for this :shock: :oops: :D

PostPosted: Tue Nov 21, 2006 10:50 pm
by pokesthelippyfish
i'll be happy with the swiss cheese

PostPosted: Wed Nov 22, 2006 8:48 am
by Gabriël
threewing wrote:
nesman wrote:I agree it's not a bad idea for Battye to double check how cache control is handled in the quiz mod.


And install a 100 CMX$ reward for cheetah/Hackah of the month (flashy billboard, the works, you know)

nesman wrote:Then again, why a hacker would be interested in cheating at a phpbb quiz is beyond me. :)


I know that one!!!
It is there, he/she can get into it, he/she wants to find out/show how he/she can crack it/win it to well/ill-inform the owner to either warn/threaten/annoy the owner and use/abuse/ignore the subjected system/swiss cheese :D
Don't know much about hacking though, or PHP. But I know 'bout swiss cheese... I saw Gabriël beat most time records that evening. And even I know the advantages of the F5 button.
I just wonder why anyone would hack a quiz where there are so few contenders. Even I never participate there :P

I voted the 1200 for this :shock: :oops: :D


Thank you ... Finally ... someone sees me again (don't know what this is about: click the link: )

Okay phuk em all

PostPosted: Fri Nov 24, 2006 10:42 pm
by Gabriël
Aight, you don't wanna listen? Check my credits! I hacked your coin toss .... SUE ME!

PostPosted: Sat Nov 25, 2006 12:50 am
by p2p-sharing-rules
STOP fukin hacking the games ! :roll: :evil:

PostPosted: Sat Nov 25, 2006 2:02 am
by moongirl
Coin Toss is just a game!!
You can make a heap of loot without lowering the bar on behaviour here at CMX.

PostPosted: Sun Nov 26, 2006 12:28 pm
by Gabriël
I think grinch so much want to show he's a better GOD because he can take all my bucks away again. .... But c if I care. I GOT them HONESTLY... No code phreaking involved ... mere statistics. I wanted to help you (and someone else with the 40K) .... but now .... go away ! :evil: you have the emphatic common sense of a goldfish. I'm not sure that I will continue to be here... this is just lame. :cry: :?

PostPosted: Sun Nov 26, 2006 1:15 pm
by moongirl
It is Christmas time...a Grinch must do what a Grinch must do!! Image

PostPosted: Sun Nov 26, 2006 4:45 pm
by garmabeaneth
gabby.. i'm unsure if your trying to be helpful with finding loopholes in the games or if your just trying to exploit them for your gain. If you are trying to help make the games more secure then good on you. But if yer exploiting the games for your gain, then don't be surprised if people get upset with you. sorry this is how i see it.

PostPosted: Sun Nov 26, 2006 9:00 pm
by pokesthelippyfish
to add to what garma said..... if you're doing it to show up weaknesses in code or whatever.... then that's something to be in contact with battye with... not to post to forums just to show you can... it's not attractive...

PostPosted: Mon Nov 27, 2006 9:22 am
by battye
As Garmy and Pokes have said, if you are trying to be helpful, we appreciate it, but for God's sake you are going about it the wrong way.

It may be a breakdown in the culture/language barrier, you may think that the way you are handling it is correct, but if you find a problem, simply report it to one of the moderators, don't exploit it publicly, it just isn't the way you go about it.

Everyone here at the forum has treated with the utmost respect, we would appreciate it if you return the favour. :)

PostPosted: Mon Nov 27, 2006 10:12 am
by battye
Gabriël wrote:check your pm


Thank you for the PM, I am looking into the problem.

Your help is appreciated :)