Silkroad Online Forums

A community forum for the free online game Silkroad Online. Discuss Silkroad Online, read up on guides, and build your character and skills.

Faq Search Members Chat  Register Profile Login

All times are UTC




Post new topic Reply to topic  [ 122 posts ]  Go to page Previous  1, 2, 3, 4, 5  Next
Author Message
 Post subject:
PostPosted: Fri Jan 12, 2007 7:01 pm 
Casual Member
User avatar
Offline

Joined: Nov 2006
Posts: 80
Location:
Redsea
Quote:
lmao... doubtful...

knowing their 'bot search protocol'...

i see this being there atleast another 15-20 mins... Very Happy :D

Well it's more than 30min now and it's still there :roll:


Top
 Profile  
 
 Post subject:
PostPosted: Fri Jan 12, 2007 7:01 pm 
Site Owner
User avatar
Offline

Joined: Dec 2005
Posts: 6390
Location:
Off Topic
Bleh. I can see people running allover the Korean office in panic, knocking over wastebaskets on accident and throwing papers in the air.


Top
 Profile  
 
 Post subject:
PostPosted: Fri Jan 12, 2007 7:03 pm 
Hi, I'm New Here
Offline

Joined: Dec 2006
Posts: 17
RedHead wrote:
Quote:
lmao... doubtful...

knowing their 'bot search protocol'...

i see this being there atleast another 15-20 mins... Very Happy :D

Well it's more than 30min now and it's still there :roll:



yes i know... i hope they don't notice for a good couple hours.


Ryoko wrote:
Bleh. I can see people running allover the Korean office in panic, knocking over wastebaskets on accident and throwing papers in the air.


LMAO... yes... translation

"OMG HOW DO WE CHANGE THE WEB TEMPLATE BACK!?!?!? FIND MY HTML FOR DUMMIES BOOK!!! GIVE ME THAT 1989 PROGRAMMING GUIDE!!!"

_________________
Jan 12th, A day that will live in infamy (LOL)
Image
Image
Image


Top
 Profile  
 
 Post subject:
PostPosted: Fri Jan 12, 2007 7:03 pm 
Forum God
User avatar
Offline

Joined: Aug 2006
Posts: 8834
Location: Age of Wushu
the server is being hacked :banghead: :banghead: :banghead: :banghead:

_________________
Playing Age of Wushu, dota IMBA


Top
 Profile  
 
 Post subject:
PostPosted: Fri Jan 12, 2007 7:06 pm 
Hi, I'm New Here
Offline

Joined: Dec 2006
Posts: 17
no shite

_________________
Jan 12th, A day that will live in infamy (LOL)
Image
Image
Image


Top
 Profile  
 
 Post subject:
PostPosted: Fri Jan 12, 2007 7:08 pm 
Regular Member
User avatar
Offline

Joined: Jun 2006
Posts: 321
Location:
Babel
just lol & pwnt :D

i hope no one gets hacked tho, poor you :(

_________________
Image
Image


Top
 Profile  
 
 Post subject:
PostPosted: Fri Jan 12, 2007 7:09 pm 
Banned User
Offline

Joined: Sep 2006
Posts: 3895
Location: Artists Corner & Aege
ahahahha thats funny :D but yeah i hope they have good intesions...

_________________
<<banned from SRF for proof of botting. -SG>>


Top
 Profile  
 
 Post subject:
PostPosted: Fri Jan 12, 2007 7:09 pm 
Advanced Member
User avatar
Offline

Joined: Sep 2006
Posts: 2446
Location:
Off Topic
look what i found on the official forums

Quote:
Our database is not hacked and never will be hacked.

_________________
ImageImage


Top
 Profile  
 
 Post subject:
PostPosted: Fri Jan 12, 2007 7:12 pm 
Banned User
Offline

Joined: Jun 2006
Posts: 4143
Location:
Babel
just took a look at the source code and that is what i found

Code:
<td class='linespace2'>
<a href='/sro_board/fmboard/fm_board.asp?bID=SB_Inform&sID=1&Page=1&Num=693&List_Ref=465'><span class='bas_font2' style='font-size:15px;'><b>Paypal Notice</b></span></a>
<p style='margin:10 0 10 0'></p>
<b>Date : <span class='fd_org'>1/12/2007</span></b><br>
<b>inquiry : <span class='fd_org'>3603</span></b>
<p style='margin:10 0 10 0'></p>
&lt;h1&gt;JoyMax, you are neglecting the security of your website. Do you care about your customers at all?&lt;/h1&gt;
</td>

_________________
<<banned from SRF for bot admission. -SG>>


Top
 Profile  
 
 Post subject:
PostPosted: Fri Jan 12, 2007 7:13 pm 
Frequent Member
User avatar
Offline

Joined: Oct 2006
Posts: 1194
Location:
Venice
Wow.....idk what to say.

I don't know if this is funny as hell, or scary. If they gained access to the notice system, what else do they have access to? :?

JM needs to hire new developers. Seriously.

Now, i've never bashed JM, but ****! They make millions of dollars per year from this one single product and they can't even secure a Farking website!?! And it's not just SRO, this is Joymax, Co. Ltd. An international corporation. They have plenty of money to throw around and they can't even hire competent programmers???? W-T-F!?

Hell, i'm not even that pissed off, it just irks me that a company can continue to feed it's paying customers such piss poor service time and time again. As a computer science major (i truly hate to say that because a lot of idiots like to think they know everything b/c they claim to be a "programmer" or "web master" when they really know jack shit. but i digress)...As a computer science major I honestly cannot understand nor turn my head when I see a huge mistake such as this. Whoever programs this game, and codes that website should be shot. Seriously. How can a programmer take pride in this crap?!

No, I don't expect any game to be bug-free. It happens in software development. But, as I think back on my experience, I cannot think of a single update that didn't result in a new bug. And the amount of time that JM takes to update and fix these bugs is ridiculous. Especially considering that kSRO is ahead of us in every single way. What are they doing? Re-writing available code??

When I first started playing, there was the ????? error. There are still random disconnections. And who can forget the duped gold situation? Then there was the error that disconnected you after taking off you job and teleporting. I get an error that says "wrong calculation" when I try to form a party after taking off a job. Have they fixed that? There was suppose to be a new server, and when they opened it we get a shitload of "inspections" every 10 minutes. Whatever happened to that server, huh? The Thanksgiving event was bugged b/c job items didn't have correct stats nor were there enough for both genders.

We may as well say there are no GM's.

The official forum has a serious flaw that allows for login and password to be obtained. Yes, hackers will find a way to hack any and everything. But, they use PHPbb which doesn't contain that flaw at all. So, it's not the hackers that are just bugging JM, it's Farking JM's shit code that isn't secure.

Now, the main site gets hacked and the notice system is targeted. True, it may just be the HTML and not the code-behind, but the point is that there is a flaw. It has been exploited. Nobody truly knows how deep this goes. This could only be on the web server. Or it could also be connected to the names database. Only the people at JM knows for sure. And those are the people I don't trust right now.

_________________
Venice | LuV3r8o1 | 4x | Int Hybrid | Sword & Shield | Retired
Venice | Your_Killer | 1x | Pure Str | Dual Axes | Retired
Image


Top
 Profile  
 
 Post subject:
PostPosted: Fri Jan 12, 2007 7:13 pm 
Elite Member
User avatar
Offline

Joined: Nov 2006
Posts: 5136
Location: Final Fantasy Versus 13.
Quite possibly it's a grey hacker.

Small summary:

A Grey hat in the computer security community, refers to a skilled hacker who sometimes acts legally to test security issues, sometimes in good will, and sometimes not. They are a hybrid between white and black hat hackers. They usually do not hack for personal gain or have malicious intentions, but may or may not occasionally commit crimes during the course of their technological exploits.

There still is a small chance of this hacker turning bad though.

_________________
Bmw 6 Series owner. Bleach fan. Music Fan.
Image Reise for Mod.
~ Those who make peaceful revolution impossible will make violent revolution inevitable..


Top
 Profile  
 
 Post subject:
PostPosted: Fri Jan 12, 2007 7:14 pm 
New Member
User avatar
Offline

Joined: Nov 2006
Posts: 43
Location:
Babel
Karlos Vandango wrote:
just took a look at the source code and that is what i found

Code:
<td class='linespace2'>
<a href='/sro_board/fmboard/fm_board.asp?bID=SB_Inform&sID=1&Page=1&Num=693&List_Ref=465'><span class='bas_font2' style='font-size:15px;'><b>Paypal Notice</b></span></a>
<p style='margin:10 0 10 0'></p>
<b>Date : <span class='fd_org'>1/12/2007</span></b><br>
<b>inquiry : <span class='fd_org'>3603</span></b>
<p style='margin:10 0 10 0'></p>
&lt;h1&gt;JoyMax, you are neglecting the security of your website. Do you care about your customers at all?&lt;/h1&gt;
</td>


Actually that would proof some1 inserting html through a form, sir. Since the tags got raped during the process. Anyway, doesn't matter shit. Speculation is cráp.

What is and stays a fact: Silkroad got pwned once again.


Last edited by Revje on Fri Jan 12, 2007 7:15 pm, edited 1 time in total.

Top
 Profile  
 
 Post subject:
PostPosted: Fri Jan 12, 2007 7:15 pm 
Site Owner
User avatar
Offline

Joined: Dec 2005
Posts: 6390
Location:
Off Topic
LOL um... a simple SQL injection could change a message like that.

Not like the whole site was torn down and sick pr0n pics posted allover the front page :roll:


Top
 Profile  
 
 Post subject:
PostPosted: Fri Jan 12, 2007 7:15 pm 
Banned User
Offline

Joined: Jun 2006
Posts: 4143
Location:
Babel
Grimjaw wrote:
Quite possibly it's a grey hacker.

Small summary:

A Grey hat in the computer security community, refers to a skilled hacker who sometimes acts legally to test security issues, sometimes in good will, and sometimes not. They are a hybrid between white and black hat hackers. They usually do not hack for personal gain or have malicious intentions, but may or may not occasionally commit crimes during the course of their technological exploits.

There still is a small chance of this hacker turning bad though.


you just named a penertration tester lol

_________________
<<banned from SRF for bot admission. -SG>>


Top
 Profile  
 
 Post subject:
PostPosted: Fri Jan 12, 2007 7:15 pm 
Ex-Staff
Offline

Joined: Feb 2006
Posts: 3003
Location: Khadgar
I don't know it took them a few days to fix their mispelling of Joymax (Joynax)


Top
 Profile  
 
 Post subject:
PostPosted: Fri Jan 12, 2007 7:16 pm 
Site Owner
User avatar
Offline

Joined: Dec 2005
Posts: 6390
Location:
Off Topic
Paying good money to anyone who can change that message to something about SP.


Top
 Profile  
 
 Post subject:
PostPosted: Fri Jan 12, 2007 7:18 pm 
Hi, I'm New Here
Offline

Joined: Dec 2006
Posts: 17
Grimjaw wrote:
Quite possibly it's a grey hacker.

Small summary:

A Grey hat in the computer security community, refers to a skilled hacker who sometimes acts legally to test security issues, sometimes in good will, and sometimes not. They are a hybrid between white and black hat hackers. They usually do not hack for personal gain or have malicious intentions, but may or may not occasionally commit crimes during the course of their technological exploits.

There still is a small chance of this hacker turning bad though.


In all honesty... any hacker can be any of those things...

and reguardless of intentions, accessing a company site deemed as "secure" or private property even, is illegal.

Its not on the borderline, it is illegal to access private property... and in the JM agreement, it states all JM code is property of JM, and noone else, editing, copying, or selling yada yada... illegal...

unless you are hired by the company to do it.

However, i don't think a penetration tester would TEST on the actual site... openly like that.. with that message.

so... dunno what to tell u. :D

_________________
Jan 12th, A day that will live in infamy (LOL)
Image
Image
Image


Last edited by SROh4xb0ts on Fri Jan 12, 2007 7:20 pm, edited 1 time in total.

Top
 Profile  
 
 Post subject:
PostPosted: Fri Jan 12, 2007 7:20 pm 
Banned User
Offline

Joined: Jun 2006
Posts: 4143
Location:
Babel
Ryoko wrote:
Paying good money to anyone who can change that message to something about SP.


All Your Sp Are Belong To Us

_________________
<<banned from SRF for bot admission. -SG>>


Top
 Profile  
 
 Post subject:
PostPosted: Fri Jan 12, 2007 7:20 pm 
Frequent Member
User avatar
Offline

Joined: Oct 2006
Posts: 1194
Location:
Venice
Ryoko wrote:
LOL um... a simple SQL injection could change a message like that.

Not like the whole site was torn down and sick pr0n pics posted allover the front page :roll:



True.

But my statement still stands. They need new developers. Everyone knows about SQL injections and they should be able to protect themselves against that.

Or at least fix the damn thing!!! :banghead:

_________________
Venice | LuV3r8o1 | 4x | Int Hybrid | Sword & Shield | Retired
Venice | Your_Killer | 1x | Pure Str | Dual Axes | Retired
Image


Top
 Profile  
 
 Post subject:
PostPosted: Fri Jan 12, 2007 7:21 pm 
Advanced Member
User avatar
Offline

Joined: Sep 2006
Posts: 2446
Location:
Off Topic
Ryoko wrote:
Paying good money to anyone who can change that message to something about SP.


Lol, if that happens i wil b e laughing so hard :D

_________________
ImageImage


Top
 Profile  
 
 Post subject:
PostPosted: Fri Jan 12, 2007 7:21 pm 
Frequent Member
Offline

Joined: Apr 2006
Posts: 1468
Ryoko wrote:
Bleh. I can see people running allover the Korean office in panic, knocking over wastebaskets on accident and throwing papers in the air.


No, they aint. They are sleeping. :)

_________________
<<banned from SRF for bot admission. -SG>>


Top
 Profile  
 
 Post subject:
PostPosted: Fri Jan 12, 2007 7:23 pm 
Site Owner
User avatar
Offline

Joined: Dec 2005
Posts: 6390
Location:
Off Topic
LuV3r8o1 wrote:
Ryoko wrote:
LOL um... a simple SQL injection could change a message like that.

Not like the whole site was torn down and sick pr0n pics posted allover the front page :roll:



True.

But my statement still stands. They need new developers. Everyone knows about SQL injections and they should be able to protect themselves against that.

Or at least fix the damn thing!!! :banghead:


Eh, all it takes is one text box entry used in the MYSQL script that isn't mysql-safed first.


Top
 Profile  
 
 Post subject:
PostPosted: Fri Jan 12, 2007 7:24 pm 
Common Member
Offline

Joined: Jan 2007
Posts: 107
Hopefully the forum and the Announcements aren't on the same server. :-|

if so they can get database and even if you haven't posted they may still get your account info, since you're automatically signed up if you have a SRO account.. :x


Top
 Profile  
 
 Post subject:
PostPosted: Fri Jan 12, 2007 7:25 pm 
Elite Member
User avatar
Offline

Joined: Nov 2006
Posts: 5136
Location: Final Fantasy Versus 13.
Karlos Vandango wrote:
Grimjaw wrote:
Quite possibly it's a grey hacker.

Small summary:

A Grey hat in the computer security community, refers to a skilled hacker who sometimes acts legally to test security issues, sometimes in good will, and sometimes not. They are a hybrid between white and black hat hackers. They usually do not hack for personal gain or have malicious intentions, but may or may not occasionally commit crimes during the course of their technological exploits.

There still is a small chance of this hacker turning bad though.


you just named a penertration tester lol


Meh,different words,same meaning,same outcome. :wink:

The notice board might not be that hard to crack,but i would worry more about the fact that they might want to hack the item mall.

But i agree on the fact that the security at joymax needs a boost.

_________________
Bmw 6 Series owner. Bleach fan. Music Fan.
Image Reise for Mod.
~ Those who make peaceful revolution impossible will make violent revolution inevitable..


Top
 Profile  
 
 Post subject:
PostPosted: Fri Jan 12, 2007 7:26 pm 
Banned User
Offline

Joined: Jun 2006
Posts: 4143
Location:
Babel
ehh if u look right of the post it says 6 secruity conducts for hacking prevention

maybe they should read those


PERSONNLY

i think its a curropt employee

_________________
<<banned from SRF for bot admission. -SG>>


Top
 Profile  
 
 Post subject:
PostPosted: Fri Jan 12, 2007 7:28 pm 
Active Member
User avatar
Offline

Joined: Jan 2007
Posts: 990
Location: Mommyland
Quote:
it just irks me that a company can continue to feed it's paying customers such piss poor service time and time again. As a computer science major (i truly hate to say that because a lot of idiots like to think they know everything b/c they claim to be a "programmer" or "web master" when they really know jack shit. but i digress)...As a computer science major I honestly cannot understand nor turn my head when I see a huge mistake such as this. Whoever programs this game, and codes that website should be shot. Seriously. How can a programmer take pride in this crap?!


+1!! I kinda feel like iSRO is the ugly stepchild! Ah but yet I play the game at least 5 hours a day and cannot stand to live without my squirrel and gold ticket.... time for a boycot!

Oh and btw - lol lol lol major pwnage! :P

_________________
RIP: Devon 01.23.08 Ian 10.23.08
Image


Top
 Profile  
 
 Post subject:
PostPosted: Fri Jan 12, 2007 7:28 pm 
Banned User
Offline

Joined: Jun 2006
Posts: 4143
Location:
Babel
LadyOphelia wrote:
Quote:
it just irks me that a company can continue to feed it's paying customers such piss poor service time and time again. As a computer science major (i truly hate to say that because a lot of idiots like to think they know everything b/c they claim to be a "programmer" or "web master" when they really know jack shit. but i digress)...As a computer science major I honestly cannot understand nor turn my head when I see a huge mistake such as this. Whoever programs this game, and codes that website should be shot. Seriously. How can a programmer take pride in this crap?!


+1!! I kinda feel like iSRO is the ugly stepchild! Ah but yet I play the game at least 5 hours a day and cannot stand to live without my squirrel and gold ticket.... time for a boycot!

Oh and btw - lol lol lol major pwnage! :P

Its Like Ryan Air
you pay cheap prices but u get no customer services

_________________
<<banned from SRF for bot admission. -SG>>


Top
 Profile  
 
 Post subject:
PostPosted: Fri Jan 12, 2007 7:30 pm 
Casual Member
Offline

Joined: Jan 2007
Posts: 51
Ryoko wrote:
Paying good money to anyone who can change that message to something about **.
:shock:


Top
 Profile  
 
 Post subject:
PostPosted: Fri Jan 12, 2007 7:38 pm 
Hi, I'm New Here
Offline

Joined: Dec 2006
Posts: 17
2 pages in 10 minutes.. is that a record? :D

_________________
Jan 12th, A day that will live in infamy (LOL)
Image
Image
Image


Top
 Profile  
 
 Post subject:
PostPosted: Fri Jan 12, 2007 7:39 pm 
Site Owner
User avatar
Offline

Joined: Dec 2005
Posts: 6390
Location:
Off Topic
oyeah wrote:
Ryoko wrote:
Paying good money to anyone who can change that message to something about **.
:shock:


Image


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 122 posts ]  Go to page Previous  1, 2, 3, 4, 5  Next

All times are UTC


Who is online

Users browsing this forum: No registered users and 10 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group