Silkroad Online Forums

Well it's more than 30min now and it's still there

Bleh. I can see people running allover the Korean office in panic, knocking over wastebaskets on accident and throwing papers in the air.

yes i know... i hope they don't notice for a good couple hours.




LMAO... yes... translation

"OMG HOW DO WE CHANGE THE WEB TEMPLATE BACK!?!?!? FIND MY HTML FOR DUMMIES BOOK!!! GIVE ME THAT 1989 PROGRAMMING GUIDE!!!"

the server is being hacked

no shite

just lol & pwnt

i hope no one gets hacked tho, poor you

ahahahha thats funny but yeah i hope they have good intesions...

look what i found on the official forums

just took a look at the source code and that is what i found

Wow.....idk what to say.

I don't know if this is funny as hell, or scary. If they gained access to the notice system, what else do they have access to?

JM needs to hire new developers. Seriously.

Now, i've never bashed JM, but ****! They make millions of dollars per year from this one single product and they can't even secure a Farking website!?! And it's not just SRO, this is Joymax, Co. Ltd. An international corporation. They have plenty of money to throw around and they can't even hire competent programmers???? W-T-F!?

Hell, i'm not even that pissed off, it just irks me that a company can continue to feed it's paying customers such piss poor service time and time again. As a computer science major (i truly hate to say that because a lot of idiots like to think they know everything b/c they claim to be a "programmer" or "web master" when they really know jack shit. but i digress)...As a computer science major I honestly cannot understand nor turn my head when I see a huge mistake such as this. Whoever programs this game, and codes that website should be shot. Seriously. How can a programmer take pride in this crap?!

No, I don't expect any game to be bug-free. It happens in software development. But, as I think back on my experience, I cannot think of a single update that didn't result in a new bug. And the amount of time that JM takes to update and fix these bugs is ridiculous. Especially considering that kSRO is ahead of us in every single way. What are they doing? Re-writing available code??

When I first started playing, there was the ????? error. There are still random disconnections. And who can forget the duped gold situation? Then there was the error that disconnected you after taking off you job and teleporting. I get an error that says "wrong calculation" when I try to form a party after taking off a job. Have they fixed that? There was suppose to be a new server, and when they opened it we get a shitload of "inspections" every 10 minutes. Whatever happened to that server, huh? The Thanksgiving event was bugged b/c job items didn't have correct stats nor were there enough for both genders.

We may as well say there are no GM's.

The official forum has a serious flaw that allows for login and password to be obtained. Yes, hackers will find a way to hack any and everything. But, they use PHPbb which doesn't contain that flaw at all. So, it's not the hackers that are just bugging JM, it's Farking JM's shit code that isn't secure.

Now, the main site gets hacked and the notice system is targeted. True, it may just be the HTML and not the code-behind, but the point is that there is a flaw. It has been exploited. Nobody truly knows how deep this goes. This could only be on the web server. Or it could also be connected to the names database. Only the people at JM knows for sure. And those are the people I don't trust right now.

Quite possibly it's a grey hacker.

Small summary:

A Grey hat in the computer security community, refers to a skilled hacker who sometimes acts legally to test security issues, sometimes in good will, and sometimes not. They are a hybrid between white and black hat hackers. They usually do not hack for personal gain or have malicious intentions, but may or may not occasionally commit crimes during the course of their technological exploits.

There still is a small chance of this hacker turning bad though.

Actually that would proof some1 inserting html through a form, sir. Since the tags got raped during the process. Anyway, doesn't matter shit. Speculation is cráp.

What is and stays a fact: Silkroad got pwned once again.

LOL um... a simple SQL injection could change a message like that.

Not like the whole site was torn down and sick pr0n pics posted allover the front page

you just named a penertration tester lol

I don't know it took them a few days to fix their mispelling of Joymax (Joynax)

Paying good money to anyone who can change that message to something about SP.

In all honesty... any hacker can be any of those things...

and reguardless of intentions, accessing a company site deemed as "secure" or private property even, is illegal.

Its not on the borderline, it is illegal to access private property... and in the JM agreement, it states all JM code is property of JM, and noone else, editing, copying, or selling yada yada... illegal...

unless you are hired by the company to do it.

However, i don't think a penetration tester would TEST on the actual site... openly like that.. with that message.

so... dunno what to tell u.

All Your Sp Are Belong To Us

True.

But my statement still stands. They need new developers. Everyone knows about SQL injections and they should be able to protect themselves against that.

Or at least fix the damn thing!!!

Lol, if that happens i wil b e laughing so hard

No, they aint. They are sleeping.

Eh, all it takes is one text box entry used in the MYSQL script that isn't mysql-safed first.

Hopefully the forum and the Announcements aren't on the same server. :-|

if so they can get database and even if you haven't posted they may still get your account info, since you're automatically signed up if you have a SRO account..

Meh,different words,same meaning,same outcome.

The notice board might not be that hard to crack,but i would worry more about the fact that they might want to hack the item mall.

But i agree on the fact that the security at joymax needs a boost.

ehh if u look right of the post it says 6 secruity conducts for hacking prevention

maybe they should read those


PERSONNLY

i think its a curropt employee

+1!! I kinda feel like iSRO is the ugly stepchild! Ah but yet I play the game at least 5 hours a day and cannot stand to live without my squirrel and gold ticket.... time for a boycot!

Oh and btw - lol lol lol major pwnage!

Its Like Ryan Air
you pay cheap prices but u get no customer services

2 pages in 10 minutes.. is that a record?