Announcement

Collapse
No announcement yet.

Any one else have problems posting?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Guest's Avatar
    Guest replied
    Originally posted by 3 Phase Lightbulb
    Yup, there is almost an unlimited list of things I can do, however I don't do anything unusual except tickle IOWOLF a little bit. I log posts in case someone tries to abuse this system via my proxy.

    If anyone doesn't want their post logged, then run the local proxy server.

    -Adrian
    Theres one in every crowd, usually its me.As the saying goes there is always a bigger D*CK.

    Leave a comment:


  • Guest's Avatar
    Guest replied
    Originally posted by Evan
    If you use Adrian's remote proxy to log in to the BBS or use any function that requires you to enter your password it is possible for Adrian to capture your Password. I am not saying he does but the possibility exists.

    All he needs to do is to modify the login page so it doesn't call the MD5 hash function so that your password is returned to his proxy in plaintext. He can then run the MD5 hash to present it to the HSM server.

    Since all communication with the HSM server are unencrypted except the password it is trivial to do. Only this part of the web page needs to be modified:

    Code:
    <!-- login form -->
            <form action="login.php" method="post" onsubmit="md5hash(vb_login_password, vb_login_md5password, vb_login_md5password_utf, 0)">
            <script type="text/javascript" src="clientscript/vbulletin_md5.js">
    Yup, there is almost an unlimited list of things I can do, however I don't do anything unusual except tickle IOWOLF a little bit. I log posts in case someone tries to abuse this system via my proxy.

    If anyone doesn't want their post logged, then run the local proxy server.

    -Adrian

    Leave a comment:


  • Guest's Avatar
    Guest replied
    Originally posted by IODICK
    The Sqrt() of Pi is 1.7724538515682938875632762356675467 ..
    Wow, IODICK suddenly got smarter

    Leave a comment:


  • Guest's Avatar
    Guest replied
    My point exactly!

    This is what you could sound like with some help from a de-idiotizer:

    http://www.bbssystem.com:82/bbs/show...327#post215327



    -Adrian

    Leave a comment:


  • Evan
    replied
    If you use Adrian's remote proxy to log in to the BBS or use any function that requires you to enter your password it is possible for Adrian to capture your Password. I am not saying he does but the possibility exists.

    All he needs to do is to modify the login page so it doesn't call the MD5 hash function so that your password is returned to his proxy in plaintext. He can then run the MD5 hash to present it to the HSM server.

    Since all communication with the HSM server are unencrypted except the password it is trivial to do. Only this part of the web page needs to be modified:

    Code:
    <!-- login form -->
            <form action="login.php" method="post" onsubmit="md5hash(vb_login_password, vb_login_md5password, vb_login_md5password_utf, 0)">
            <script type="text/javascript" src="clientscript/vbulletin_md5.js">

    Leave a comment:


  • Guest's Avatar
    Guest replied
    Yawn!!!!!!!

    Leave a comment:


  • Guest's Avatar
    Guest replied
    IODICK,

    I'm sure all of your problems are self induced.

    One thing I could do for you, is add intelligence to the proxy server so you can just basically continue to post your normal nonsense, and the proxy server could transform your worthless drivel into intelligent statements before posting them here. When people read your new "intelligent" posts, they might actually think you're intelligent.

    -Adrian

    Leave a comment:


  • PolskiFran
    replied
    Problems posting? I had trouble just logging on for the past week. I finally figured out that I had to click the "remember me" box. This is my first post on the new format, I hope it takes.

    I'll get it figured out,
    Frank

    Leave a comment:


  • Leigh
    replied
    It appears the kill filter IS working

    Leave a comment:


  • Guest's Avatar
    Guest replied
    I assume your not using Adrians proxy. Even if you were, he wouldnt have the ability to delete your posts from the server.

    Leave a comment:


  • Steve Stube
    replied
    Any one else have problems posting?
    Yes, it took 2 hours making my last post. I can't speed up my typing but I guess I could turn off the TV - maybe I should just spend full time watching the race.

    Leave a comment:


  • TECHSHOP
    replied
    Not lately

    One the "old" software I had that problem quite often. But I think it was my dial up connection and old house wiring. Earlier today, this site was slow, but I found a few "hidden" update downloads going on.

    Leave a comment:


  • Guest's Avatar
    Guest replied
    It may be the admin is working on the board if it messes up now and then. It is common to have problems like that on boards that may still be being worked on.

    Leave a comment:


  • vinito
    replied
    Paranoid much?

    Leave a comment:


  • JIMofalltrades031
    replied
    Neil probably forgot and left the "child proof" mode on......MAYBE if you are nice and sit still and be quiet he will fix it for you.

    Leave a comment:

Working...
X