Join us on Discord!
You can help CodeWalrus stay online by donating here.

12test (IRC colors in post notifications or how to be banned)

Started by Dream of Omnimaga, October 21, 2016, 03:50:24 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages 1 2
User actions

Yuki

#15
October 24, 2016, 03:44:15 AM
Quote from: Streetwalrus on October 23, 2016, 06:42:03 PM
Quote from: DJ Omnimaga on October 21, 2016, 09:48:18 PM
Actually, the exploit I am talking about was basically this: The post notification was sent by running a PHP file with URL parameters. Anyone who knew the URL and required arguments could send any text from the post notifier at will by opening the file URL in their browser. That was somewhere in 2011, hence why I was a bit against making CW bot a PHP script at first. But as an admin, it was fun while it lasted :trollface: .
Technically that's what the bot does, but it only accepts connections from localhost. I sometimes make it say the game. :P
Yeah, basically the exploit is there, the bot itself does not check who sent stuff to it, but it only accepts connections from localhost. So, basically, you'd need to be either have access to the server or abuse another exploit that would probably result in a CVE number being assigned to it.
  • Calculators owned: TI-83+ (dead?), Casio Prizm (also dead???)
  • Consoles, mobile devices and vintage computers owned: A lot
Read Zarmina!
YUKI-CHAAAANNNN
In the beginning there was walrii. In the end there will be walrii. All hail our supreme leader :walrii: --Snektron

if you wanna throw money at me and/or CodeWalrus monthly it's here
Print
Go Up Pages 1 2
User actions
Powered by EzPortal