|
|
|
 Real engineers don't need sleep... Just ask our bosses! - Mike Betts [more] |
 |
|
|||||||
|
||||||||
|
|
Thread Tools | Rate Thread | Display Modes |
|
|
|
| Real engineers don't need sleep... Just ask our bosses! - Mike Betts [more] |
|
|
|||||||
|
||||||||
|
|
Thread Tools | Rate Thread | Display Modes |
|
#1
|
|||||
|
|||||
|
ChiefDelphi is 1337.
K, so me and another Chief Delphi member (Adam from 1341) were looking around the new Firefox plugin Yakalike. Yakalike is a program that lets people chat to each other when they are browsing the same site. EG: People browsing ChiefDelphi could all chat together while browsing.
Well, anyways, we were just looking around. We thought it might be based on some sort of IRC backbone (which we still think, and are trying to prove) so we were trying to prove this. Lo and behold, we accidently stumbled upon the login script. So, this sparked our interest. A few stumbles later, and we find out that each site has a unique chat ID. Guess what ChiefDelphi.com is? Quick snippet from my packet sniffer shows...  (channel_id is the GET data referencing what channel to post data to) So yeah, I just thought I should share that with you guys  EDIT: Link to yakalikE http://www.yakalike.com/ And yes, we are currently writing up an email to the developer of yakalikE explaining this security hole and possible ways to fix it. 
|
| Thread Tools | |
| Display Modes | Rate This Thread |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Men of ChiefDelphi: Unite! | DanL | Chit-Chat | 26 | 08-04-2003 23:20 |
| ChiefDelphi Forums Community Bulletin | Brandon Martus | CD Forum Support | 0 | 02-06-2002 23:56 |
| ChiefDelphi Forums Community Bulletin | Brandon Martus | CD Forum Support | 0 | 13-08-2001 08:20 |
| ChiefDelphi Forums Community Bulletin | Brandon Martus | CD Forum Support | 0 | 06-08-2001 10:32 |
| ChiefDelphi Forums Community Bulletin | Brandon Martus | CD Forum Support | 0 | 23-07-2001 08:29 |
Threaded Mode