We wish you good evening. This thread is not the tutorials. Here I want to discuss and find a solution to a problem in the security, which in my opinion exists flash games on many projects. I'll start from far away some time ago, I heard from a third party that had been hacked several major projects (including futurecraft, hil.su and several more). Technical details were not available, so I decided to contact the administration of these projects. Next, our correspondence: Hello Heard recently heard some interesting information: you and a few other projects broke through a hole in the authorization bukkit. Heard not the first person, so the technical details I was not given) I only know that you, like, the only project that who fixed a hole. The remainder flash games identified xAuth, but according to burglars it will not save them. I understand you had a lot of sweat to find and eliminate this vulnerability, but I would still love to hear from you and a way to break (if easy) way to fix this vulnerability. Will enough of the class name and line number (the function name) from GitHub To be honest, I do not know how the authorization Bukkit (and still did not look), but based on indirect evidence, I realized that the package sent to the nickname of another flash games player after the first stage of authorization . It's amazing that you were able to understand how you were hacked, or was still in the log Exception flash games that helped you? If it was not - respect you; D A: Hello. We are not the only project that this fixed a vulnerability. We were helped by friendly project (even more precise to say his creator) who gave us a fix, for what they are, Hil.SU, a special thank you. Unfortunately I can not tell you how this vulnerability works and how it fixed a, as we are not the authors of this fixation. Enjoy the game for FC. Administration HIL.SU to my letter was not answered. I believe that this issue should be considered by all, and its decision is lined with the public. What I would like to hear from you? 1. What do you think works default authorization minecraft (not licensed) 2. What are the three classes are used. Have you encountered flash games this problem 4. The solution, if you have one
As far as I know was a hole in 1.6.2. To go by whatever name it was necessary to change the time between handsheykami. Even seen especially the customers for that.
Offline blackalegator Member
# 8
alexandrage, flash games November 1, 2013
Offline The_Luuzzi flash games Member
Points: 58
} Else {
this.loginKey = (this.server.getOnlineMode ()? Long.toString (random.nextLong (), 16): "-");
# 18
Page 1 of 2 1 2 Next>
Search titles only Posted by Member:
Translation: XF-Russia.ru
No comments:
Post a Comment