| |||
Views: 88,485,842 |
Main | FAQ | Uploader | IRC chat | Radio | Memberlist | Active users | Latest posts | Calendar | Stats | Online users | Search | 04-26-24 07:11 AM |
|
Guest: Register | Login |
0 users currently in The Landfill | 2 guests |
Main - The Landfill - Termingamer2-JD (Jamie Dignam) singlehandedly fucking killed this forum. | New thread | Thread closed |
OPN2 |
|
kuja killer |
| ||
Level: 55 Posts: 624/628 EXP: 1243860 Next: 70329 Since: 03-20-07 From: Lake Havasu City, Arizona Last post: 282 days Last view: 7 days |
It's exactly what i thought about not long ago. That one certain person who constantly makes a million accounts, and extremely annoying as hell posts.
i honestly believe he's part of the main reason for driving good, innocent people away. And it seriously pisses me off. |
OPN2 |
|
Niidle |
| ||
Level: 15 Posts: 36/44 EXP: 14439 Next: 1945 Since: 08-13-17 From: Sweden Last post: 408 days Last view: 2 days |
Aand Jamie does it yet again. Talks shit about himself on another account only to turn around and go "aaa I wish I never registered here ever I ruined it for everyone". Anyways... (Also no I'm not yet another Jamie account)
Giving it a second look passwords aren't even salted, just MD5 hashed. If you hash your password externally through md5sum and compare to the hash in passenc it will be identical. Frankly this probably isn't that much of a vulnerability, you will only see your own hash and you would need to spam requests to brute force a hash in an identical way to brute forcing the login page. The fact it passes this hash unsanitised into an SQL query is concerning but magic_quotes takes care of that, nothing out of the ordinary for Acmlmboard. And then there's the random places that don't sanitise input properly (e.g. mood avatar selection in the post box and usermood.php itself), but they can't really be exploited as you can't escape the quoted string they are in thanks to magic_quotes. You can still break queries with it (e.g. creating empty threads or peeking in people's user mood avatars), and the fact you can upload mood avatars when not logged in is hilarious, but no actual SQL injection looks to be possible. All in all though, seeing a place like this fall into disarray with no real maintainer to check up on it from time to time is just a tad bit depressing. I would quite like to see someone here becoming a moderator to take care of the regular spam ____________________ Average phpBB fan: Average Acmlmboard enjoyer: |
Jamie the Nonce |
|
blÄhaj |
|
Jamie the Nonce |
|
AndrewLuc |
|
shan |
| ||
Newcomer Level: 6 Posts: 7/7 EXP: 718 Next: 189 Since: 03-12-20 Last post: 534 days Last view: 529 days |
i do actually think its surprising how the rom hacking community here still exists in some capacity
i dont know if moderation would necessarily make anyone care about the general chat sections but it would certainly, at least, less the board look less fugly |
Jamie the Nonce |
|
Jamie the Nonce |
|
Main - The Landfill - Termingamer2-JD (Jamie Dignam) singlehandedly fucking killed this forum. | New thread | Thread closed |
© 2005-2023 Acmlm, blackhole89, Xkeeper et al. |
MySQL - queries: 45, rows: 64/65, time: 0.015 seconds. |