|
Silkroad Online
|
Silkroad Forums
|
Affiliates
|



|
|
View unanswered posts | View active topics
Author |
Message |
RedHead
|
Post subject: Posted: Fri Jan 12, 2007 7:01 pm |
|
Casual Member |
 |
 |
Joined: Nov 2006 Posts: 80 Location:
|
Quote: lmao... doubtful... knowing their 'bot search protocol'... i see this being there atleast another 15-20 mins... Very Happy
Well it's more than 30min now and it's still there 
|
|
Top |
|
 |
Ryoko
|
Post subject: Posted: Fri Jan 12, 2007 7:01 pm |
|
Site Owner |
 |
 |
Joined: Dec 2005 Posts: 6390 Location:
|
Bleh. I can see people running allover the Korean office in panic, knocking over wastebaskets on accident and throwing papers in the air.
|
|
Top |
|
 |
SROh4xb0ts
|
Post subject: Posted: Fri Jan 12, 2007 7:03 pm |
|
Hi, I'm New Here |
 |
Joined: Dec 2006 Posts: 17
|
RedHead wrote: Quote: lmao... doubtful... knowing their 'bot search protocol'... i see this being there atleast another 15-20 mins... Very Happy Well it's more than 30min now and it's still there  yes i know... i hope they don't notice for a good couple hours. Ryoko wrote: Bleh. I can see people running allover the Korean office in panic, knocking over wastebaskets on accident and throwing papers in the air.
LMAO... yes... translation
"OMG HOW DO WE CHANGE THE WEB TEMPLATE BACK!?!?!? FIND MY HTML FOR DUMMIES BOOK!!! GIVE ME THAT 1989 PROGRAMMING GUIDE!!!"
_________________ Jan 12th, A day that will live in infamy (LOL)
|
|
Top |
|
 |
NuclearSilo
|
Post subject: Posted: Fri Jan 12, 2007 7:03 pm |
|
Forum God |
 |
 |
Joined: Aug 2006 Posts: 8834 Location: Age of Wushu
|
_________________ Playing Age of Wushu, dota IMBA
|
|
Top |
|
 |
SROh4xb0ts
|
Post subject: Posted: Fri Jan 12, 2007 7:06 pm |
|
Hi, I'm New Here |
 |
Joined: Dec 2006 Posts: 17
|
|
Top |
|
 |
Luoma
|
Post subject: Posted: Fri Jan 12, 2007 7:09 pm |
|
Banned User |
 |
Joined: Sep 2006 Posts: 3895 Location: Artists Corner & Aege
|
ahahahha thats funny  but yeah i hope they have good intesions...
_________________ <<banned from SRF for proof of botting. -SG>>
|
|
Top |
|
 |
Innovacious
|
Post subject: Posted: Fri Jan 12, 2007 7:09 pm |
|
Advanced Member |
 |
 |
Joined: Sep 2006 Posts: 2446 Location:
|
look what i found on the official forums
Quote: Our database is not hacked and never will be hacked.
_________________

|
|
Top |
|
 |
Vandango
|
Post subject: Posted: Fri Jan 12, 2007 7:12 pm |
|
Banned User |
 |
Joined: Jun 2006 Posts: 4143 Location:
|
just took a look at the source code and that is what i found
Code: <td class='linespace2'> <a href='/sro_board/fmboard/fm_board.asp?bID=SB_Inform&sID=1&Page=1&Num=693&List_Ref=465'><span class='bas_font2' style='font-size:15px;'><b>Paypal Notice</b></span></a> <p style='margin:10 0 10 0'></p> <b>Date : <span class='fd_org'>1/12/2007</span></b><br> <b>inquiry : <span class='fd_org'>3603</span></b> <p style='margin:10 0 10 0'></p> <h1>JoyMax, you are neglecting the security of your website. Do you care about your customers at all?</h1> </td>
_________________ <<banned from SRF for bot admission. -SG>>
|
|
Top |
|
 |
LuV3r8o1
|
Post subject: Posted: Fri Jan 12, 2007 7:13 pm |
|
Frequent Member |
 |
 |
Joined: Oct 2006 Posts: 1194 Location:
|
Wow.....idk what to say.
I don't know if this is funny as hell, or scary. If they gained access to the notice system, what else do they have access to?
JM needs to hire new developers. Seriously.
Now, i've never bashed JM, but ****! They make millions of dollars per year from this one single product and they can't even secure a Farking website!?! And it's not just SRO, this is Joymax, Co. Ltd. An international corporation. They have plenty of money to throw around and they can't even hire competent programmers???? W-T-F!?
Hell, i'm not even that pissed off, it just irks me that a company can continue to feed it's paying customers such piss poor service time and time again. As a computer science major (i truly hate to say that because a lot of idiots like to think they know everything b/c they claim to be a "programmer" or "web master" when they really know jack shit. but i digress)...As a computer science major I honestly cannot understand nor turn my head when I see a huge mistake such as this. Whoever programs this game, and codes that website should be shot. Seriously. How can a programmer take pride in this crap?!
No, I don't expect any game to be bug-free. It happens in software development. But, as I think back on my experience, I cannot think of a single update that didn't result in a new bug. And the amount of time that JM takes to update and fix these bugs is ridiculous. Especially considering that kSRO is ahead of us in every single way. What are they doing? Re-writing available code??
When I first started playing, there was the ????? error. There are still random disconnections. And who can forget the duped gold situation? Then there was the error that disconnected you after taking off you job and teleporting. I get an error that says "wrong calculation" when I try to form a party after taking off a job. Have they fixed that? There was suppose to be a new server, and when they opened it we get a shitload of "inspections" every 10 minutes. Whatever happened to that server, huh? The Thanksgiving event was bugged b/c job items didn't have correct stats nor were there enough for both genders.
We may as well say there are no GM's.
The official forum has a serious flaw that allows for login and password to be obtained. Yes, hackers will find a way to hack any and everything. But, they use PHPbb which doesn't contain that flaw at all. So, it's not the hackers that are just bugging JM, it's Farking JM's shit code that isn't secure.
Now, the main site gets hacked and the notice system is targeted. True, it may just be the HTML and not the code-behind, but the point is that there is a flaw. It has been exploited. Nobody truly knows how deep this goes. This could only be on the web server. Or it could also be connected to the names database. Only the people at JM knows for sure. And those are the people I don't trust right now.
_________________ Venice | LuV3r8o1 | 4x | Int Hybrid | Sword & Shield | Retired
Venice | Your_Killer | 1x | Pure Str | Dual Axes | Retired
|
|
Top |
|
 |
Grimjaw
|
Post subject: Posted: Fri Jan 12, 2007 7:13 pm |
|
Elite Member |
 |
 |
Joined: Nov 2006 Posts: 5136 Location: Final Fantasy Versus 13.
|
Quite possibly it's a grey hacker.
Small summary:
A Grey hat in the computer security community, refers to a skilled hacker who sometimes acts legally to test security issues, sometimes in good will, and sometimes not. They are a hybrid between white and black hat hackers. They usually do not hack for personal gain or have malicious intentions, but may or may not occasionally commit crimes during the course of their technological exploits.
There still is a small chance of this hacker turning bad though.
_________________ Bmw 6 Series owner. Bleach fan. Music Fan.
Reise for Mod. ~ Those who make peaceful revolution impossible will make violent revolution inevitable..
|
|
Top |
|
 |
Revje
|
Post subject: Posted: Fri Jan 12, 2007 7:14 pm |
|
New Member |
 |
 |
Joined: Nov 2006 Posts: 43 Location:
|
Karlos Vandango wrote: just took a look at the source code and that is what i found Code: <td class='linespace2'> <a href='/sro_board/fmboard/fm_board.asp?bID=SB_Inform&sID=1&Page=1&Num=693&List_Ref=465'><span class='bas_font2' style='font-size:15px;'><b>Paypal Notice</b></span></a> <p style='margin:10 0 10 0'></p> <b>Date : <span class='fd_org'>1/12/2007</span></b><br> <b>inquiry : <span class='fd_org'>3603</span></b> <p style='margin:10 0 10 0'></p> <h1>JoyMax, you are neglecting the security of your website. Do you care about your customers at all?</h1> </td>
Actually that would proof some1 inserting html through a form, sir. Since the tags got raped during the process. Anyway, doesn't matter shit. Speculation is cráp.
What is and stays a fact: Silkroad got pwned once again.
Last edited by Revje on Fri Jan 12, 2007 7:15 pm, edited 1 time in total.
|
|
Top |
|
 |
Ryoko
|
Post subject: Posted: Fri Jan 12, 2007 7:15 pm |
|
Site Owner |
 |
 |
Joined: Dec 2005 Posts: 6390 Location:
|
LOL um... a simple SQL injection could change a message like that.
Not like the whole site was torn down and sick pr0n pics posted allover the front page 
|
|
Top |
|
 |
Vandango
|
Post subject: Posted: Fri Jan 12, 2007 7:15 pm |
|
Banned User |
 |
Joined: Jun 2006 Posts: 4143 Location:
|
Grimjaw wrote: Quite possibly it's a grey hacker.
Small summary:
A Grey hat in the computer security community, refers to a skilled hacker who sometimes acts legally to test security issues, sometimes in good will, and sometimes not. They are a hybrid between white and black hat hackers. They usually do not hack for personal gain or have malicious intentions, but may or may not occasionally commit crimes during the course of their technological exploits.
There still is a small chance of this hacker turning bad though.
you just named a penertration tester lol
_________________ <<banned from SRF for bot admission. -SG>>
|
|
Top |
|
 |
hellsharpt
|
Post subject: Posted: Fri Jan 12, 2007 7:15 pm |
|
Ex-Staff |
 |
Joined: Feb 2006 Posts: 3003 Location: Khadgar
|
I don't know it took them a few days to fix their mispelling of Joymax (Joynax)
|
|
Top |
|
 |
Ryoko
|
Post subject: Posted: Fri Jan 12, 2007 7:16 pm |
|
Site Owner |
 |
 |
Joined: Dec 2005 Posts: 6390 Location:
|
Paying good money to anyone who can change that message to something about SP.
|
|
Top |
|
 |
SROh4xb0ts
|
Post subject: Posted: Fri Jan 12, 2007 7:18 pm |
|
Hi, I'm New Here |
 |
Joined: Dec 2006 Posts: 17
|
Grimjaw wrote: Quite possibly it's a grey hacker.
Small summary:
A Grey hat in the computer security community, refers to a skilled hacker who sometimes acts legally to test security issues, sometimes in good will, and sometimes not. They are a hybrid between white and black hat hackers. They usually do not hack for personal gain or have malicious intentions, but may or may not occasionally commit crimes during the course of their technological exploits.
There still is a small chance of this hacker turning bad though.
In all honesty... any hacker can be any of those things...
and reguardless of intentions, accessing a company site deemed as "secure" or private property even, is illegal.
Its not on the borderline, it is illegal to access private property... and in the JM agreement, it states all JM code is property of JM, and noone else, editing, copying, or selling yada yada... illegal...
unless you are hired by the company to do it.
However, i don't think a penetration tester would TEST on the actual site... openly like that.. with that message.
so... dunno what to tell u. 
_________________ Jan 12th, A day that will live in infamy (LOL)
Last edited by SROh4xb0ts on Fri Jan 12, 2007 7:20 pm, edited 1 time in total.
|
|
Top |
|
 |
Vandango
|
Post subject: Posted: Fri Jan 12, 2007 7:20 pm |
|
Banned User |
 |
Joined: Jun 2006 Posts: 4143 Location:
|
Ryoko wrote: Paying good money to anyone who can change that message to something about SP.
All Your Sp Are Belong To Us
_________________ <<banned from SRF for bot admission. -SG>>
|
|
Top |
|
 |
LuV3r8o1
|
Post subject: Posted: Fri Jan 12, 2007 7:20 pm |
|
Frequent Member |
 |
 |
Joined: Oct 2006 Posts: 1194 Location:
|
Ryoko wrote: LOL um... a simple SQL injection could change a message like that. Not like the whole site was torn down and sick pr0n pics posted allover the front page 
True.
But my statement still stands. They need new developers. Everyone knows about SQL injections and they should be able to protect themselves against that.
Or at least fix the damn thing!!! 
_________________ Venice | LuV3r8o1 | 4x | Int Hybrid | Sword & Shield | Retired
Venice | Your_Killer | 1x | Pure Str | Dual Axes | Retired
|
|
Top |
|
 |
Innovacious
|
Post subject: Posted: Fri Jan 12, 2007 7:21 pm |
|
Advanced Member |
 |
 |
Joined: Sep 2006 Posts: 2446 Location:
|
Ryoko wrote: Paying good money to anyone who can change that message to something about SP.
Lol, if that happens i wil b e laughing so hard 
_________________

|
|
Top |
|
 |
Chaby
|
Post subject: Posted: Fri Jan 12, 2007 7:21 pm |
|
Frequent Member |
 |
Joined: Apr 2006 Posts: 1468
|
Ryoko wrote: Bleh. I can see people running allover the Korean office in panic, knocking over wastebaskets on accident and throwing papers in the air.
No, they aint. They are sleeping. 
_________________ <<banned from SRF for bot admission. -SG>>
|
|
Top |
|
 |
Ryoko
|
Post subject: Posted: Fri Jan 12, 2007 7:23 pm |
|
Site Owner |
 |
 |
Joined: Dec 2005 Posts: 6390 Location:
|
LuV3r8o1 wrote: Ryoko wrote: LOL um... a simple SQL injection could change a message like that. Not like the whole site was torn down and sick pr0n pics posted allover the front page  True. But my statement still stands. They need new developers. Everyone knows about SQL injections and they should be able to protect themselves against that. Or at least fix the damn thing!!! 
Eh, all it takes is one text box entry used in the MYSQL script that isn't mysql-safed first.
|
|
Top |
|
 |
SkyNight
|
Post subject: Posted: Fri Jan 12, 2007 7:24 pm |
|
Common Member |
 |
Joined: Jan 2007 Posts: 107
|
Hopefully the forum and the Announcements aren't on the same server. :-|
if so they can get database and even if you haven't posted they may still get your account info, since you're automatically signed up if you have a SRO account.. 
|
|
Top |
|
 |
Grimjaw
|
Post subject: Posted: Fri Jan 12, 2007 7:25 pm |
|
Elite Member |
 |
 |
Joined: Nov 2006 Posts: 5136 Location: Final Fantasy Versus 13.
|
Karlos Vandango wrote: Grimjaw wrote: Quite possibly it's a grey hacker.
Small summary:
A Grey hat in the computer security community, refers to a skilled hacker who sometimes acts legally to test security issues, sometimes in good will, and sometimes not. They are a hybrid between white and black hat hackers. They usually do not hack for personal gain or have malicious intentions, but may or may not occasionally commit crimes during the course of their technological exploits.
There still is a small chance of this hacker turning bad though. you just named a penertration tester lol
Meh,different words,same meaning,same outcome.
The notice board might not be that hard to crack,but i would worry more about the fact that they might want to hack the item mall.
But i agree on the fact that the security at joymax needs a boost.
_________________ Bmw 6 Series owner. Bleach fan. Music Fan.
Reise for Mod. ~ Those who make peaceful revolution impossible will make violent revolution inevitable..
|
|
Top |
|
 |
Vandango
|
Post subject: Posted: Fri Jan 12, 2007 7:26 pm |
|
Banned User |
 |
Joined: Jun 2006 Posts: 4143 Location:
|
ehh if u look right of the post it says 6 secruity conducts for hacking prevention
maybe they should read those
PERSONNLY
i think its a curropt employee
_________________ <<banned from SRF for bot admission. -SG>>
|
|
Top |
|
 |
LadyOphelia
|
Post subject: Posted: Fri Jan 12, 2007 7:28 pm |
|
Active Member |
 |
 |
Joined: Jan 2007 Posts: 990 Location: Mommyland
|
Quote: it just irks me that a company can continue to feed it's paying customers such piss poor service time and time again. As a computer science major (i truly hate to say that because a lot of idiots like to think they know everything b/c they claim to be a "programmer" or "web master" when they really know jack shit. but i digress)...As a computer science major I honestly cannot understand nor turn my head when I see a huge mistake such as this. Whoever programs this game, and codes that website should be shot. Seriously. How can a programmer take pride in this crap?!
+1!! I kinda feel like iSRO is the ugly stepchild! Ah but yet I play the game at least 5 hours a day and cannot stand to live without my squirrel and gold ticket.... time for a boycot!
Oh and btw - lol lol lol major pwnage! 
_________________ RIP: Devon 01.23.08 Ian 10.23.08
|
|
Top |
|
 |
Vandango
|
Post subject: Posted: Fri Jan 12, 2007 7:28 pm |
|
Banned User |
 |
Joined: Jun 2006 Posts: 4143 Location:
|
LadyOphelia wrote: Quote: it just irks me that a company can continue to feed it's paying customers such piss poor service time and time again. As a computer science major (i truly hate to say that because a lot of idiots like to think they know everything b/c they claim to be a "programmer" or "web master" when they really know jack shit. but i digress)...As a computer science major I honestly cannot understand nor turn my head when I see a huge mistake such as this. Whoever programs this game, and codes that website should be shot. Seriously. How can a programmer take pride in this crap?!
+1!! I kinda feel like iSRO is the ugly stepchild! Ah but yet I play the game at least 5 hours a day and cannot stand to live without my squirrel and gold ticket.... time for a boycot! Oh and btw - lol lol lol major pwnage! 
Its Like Ryan Air
you pay cheap prices but u get no customer services
_________________ <<banned from SRF for bot admission. -SG>>
|
|
Top |
|
 |
oyeah
|
Post subject: Posted: Fri Jan 12, 2007 7:30 pm |
|
Casual Member |
 |
Joined: Jan 2007 Posts: 51
|
Ryoko wrote: Paying good money to anyone who can change that message to something about **. 
|
|
Top |
|
 |
SROh4xb0ts
|
Post subject: Posted: Fri Jan 12, 2007 7:38 pm |
|
Hi, I'm New Here |
 |
Joined: Dec 2006 Posts: 17
|
|
Top |
|
 |
Ryoko
|
Post subject: Posted: Fri Jan 12, 2007 7:39 pm |
|
Site Owner |
 |
 |
Joined: Dec 2005 Posts: 6390 Location:
|
oyeah wrote: Ryoko wrote: Paying good money to anyone who can change that message to something about **. 

|
|
Top |
|
 |
Who is online |
Users browsing this forum: No registered users and 10 guests |
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot post attachments in this forum
|
|