Good point, never thought of that. So it was probably something else. What's scripts are really tricky.
Good point, never thought of that. So it was probably something else. What's scripts are really tricky.
Knowing their paranoid level, I wouldn't be surprised if they eliminated that random salt on their site (although gazelle public version uses it), and even, store the passwords in plain text.
New user, password, mail, browser (without any addons installed that can link to my previous account), bittorrent client (from uT 2.0.0 to transmission 1.91), bittorrent port, cookies, ip (i went from a 2XX.XXX.XXX.XXX range one to a 9X.XXX.XXX one), no css leak, no cheating...etc
The only thing that stays the same is my ISP and country (not banned, obv )
Last edited by nperversion; 14.03.10 at 16:07.
It still seems like it would cause false positives. Esp since most people use weak passwords.
If you're gonna edit your post, then I'm gonna edit mine too. Judging by what you say, it is even less likely that they use the information. But you know, an innocent person would, in this situation report it and try to talk to them to get his account back because he would have NO idea why he was banned.
Now please stop hijacking the thread
Last edited by TheUnknown; 14.03.10 at 16:11.
Yeah, they may have filters for the script for pw such as 123, 123456, 123123, password, asdfg...etc but my pw was REALLY long and special
That or someone here accessed to my IP here (I don't use proxy for sb-i) but that would get half of us immediately banned from everywhere.
Last edited by nperversion; 14.03.10 at 16:10.
I'd say that what you just said about IPs is more likely than them getting rid of password salts, just to give you an idea of how unlikely it is that they decided to store them in plaintext.
That would mean that anyone with DB access (which reduces to anyone with access to the server) could steal all the passwords and fuck everyone over. This is just not done nowadays.
I remember I prank hacked a forum 10 years ago that allowed HTML and Javascript, unescaped (so i locked everyone out for 2 days by making an account that had a javascript that closes IE). The admin finally got back at me by reading my password and changing it on other sites. He even got my AIM. luckily he was a nice guy and gave everything back.
Well I guess only WhatMan should have full access to the DB. And yeah nowadays someone with skills can always fuck you over. I guess smart people use always different passwords for different scenarios, I'd never be using my local windows acc pw on anywhere else, and less on anywhere in internet.
My computer password is not secure; I just avoid pissing people off.
Presumably, anyone who can access the site's config files will have access to the file that tells the webserver how to log in to the database, therefore anyone who works on the site would have it. I don't know how many people that is. But really, you should go complain and ask why you got banned.
That's right, but how does it relate to nperversion's comment? Not even the admins here can get users' IPs, since they're not logged at all.
"I just remembered something that happened a long time ago."
EVERYONE GET OUT OF THE BOAT! ANON=WHATMAN
Yeah I was joking. I don't even know how they caught me. I'd really like to ask them in the disabled room but I know I won't be getting the answer obviously
Well it's not possible they disabled me for cheating, as I didn't even made an announce to the tracker. The account was only up for 1 day so I don't really know why I am b7.
Then you'd lose nothing going to their IRC... unless they've already read this.
In that case say hi to TedMaul and mn!
"I just remembered something that happened a long time ago."
Bookmarks