|
|||||||||
|
|||||||||
| |||||||||
|
|||||||||
|
|||||||||
| |||||||||
|
|
|
| |||||||||
 |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Rate Thread | Display Modes |
Dev Shed Forums Sponsor:
|
|
#1
September 26th, 2003, 10:47 PM
|
|||
|
|||
|
http://www.betachat.com/devshed.html
Got a challenge for all of you if you're up to it! Website is..
http://www.betachat.com/devshed.html Main thing is, see if you can log into the chatroom with no username, blank.. Next, see if you can log into the chatroom with the username "Rick".. Then just see if you can spot any security holes.. Written in python. Let me know what you come up with.
__________________
"I haven't failed, I've found 10,000 ways that won't work." - Thomas Edison -=Rick=- Chat Refinance Loans
|
|
#2
September 28th, 2003, 03:10 AM
|
||||
|
||||
|
can't login with "rick"..name is reserved.
can't login with "" ..."Invalid username." can't login with anything else..."name is already in use" don't know what else you would like to try. 
|
|
#3
September 28th, 2003, 09:09 AM
|
|||
|
|||
|
only tried twice...
in firebird 0.6.1 on pc the first time it did something then came back to the first page. the second time it said this: JavaScript Error reported...
|
|
#4
September 29th, 2003, 10:11 AM
|
||||
|
||||
|
The Fort Gordon Policy clearly states that access to this site is prohibited.
For further information please read Fort Gordon Garrison Policy Letter #17. ---John Holmes...
|
|
#5
September 29th, 2003, 01:31 PM
|
|||
|
|||
|
Quote:
I wanted to see if anyone could "crack" passed my reserved name. Empty form will give that error, wanted to see if anyone found any holes in it to be able to login without a username, for instance alt+0160.. Name is already in use is strange.. Thanks for lookin'
|
|
#6
September 29th, 2003, 01:56 PM
|
|||
|
|||
|
Quote:
When you press enter, or click submit, a new window will appear, you may want to try pressing "Ctrl" when hitting enter, or pressing submit. Thanks for tryin'.
|
|
#7
September 29th, 2003, 01:59 PM
|
|||
|
|||
|
Quote:
You must be from Fort Gordon Garrison? I don't see why it's prohibited.. Thanks for tryin' anyway.
|
|
#8
November 16th, 2003, 07:25 PM
|
|||
|
|||
|
Quote:
Sep, what's this about being prohibited?
|
|
#9
November 16th, 2003, 11:11 PM
|
||||
|
||||
|
Quote:
|
|
#12
November 16th, 2003, 11:22 PM
|
|||
|
|||
|
Quote:
Ah, I see. You have to click Chat, then immediately after, punch and hold the control key. It's a new pop up window. That's where the chat will be.
|
|
#13
November 16th, 2003, 11:40 PM
|
||||
|
||||
|
If someone has to do some crap like that to enter a chat room I think most people are not going to bother.
Why don't you come back when you have programmed things properly.
|
|
#14
November 16th, 2003, 11:44 PM
|
|||
|
|||
|
Quote:
It is done properly. You have a popup stopper blocking the page from opening. The pop up is for a reason.
|
|
#15
November 17th, 2003, 01:12 AM
|
||||
|
||||
|
Well I have mozilla with popup blocking enabled.
Redirecting, displaying no message to the user and just expecting things to work is not doing things properly. If you need to make it a popup you should redirect to a page with a javascript link that would say "If you do not see a popup chat window please click here" and that would then run the javascript to popup the window. Due to this being a user-initiated popup the popup blockers shouldnt block it.
|
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
