• There is NO official Otland's Discord server and NO official Otland's server list. The Otland's Staff does not manage any Discord server or server list. Moderators or administrator of any Discord server or server lists have NO connection to the Otland's Staff. Do not get scammed!

Be carefull with Gesior aac developers!

Talaturen said:
Whether it violates law or not, it's common sense that we won't allow you to post sensitive data that belongs to another member.
Click to expand...
Yes, now is question: What about violates of sensitive data from another user?
Screenshot from phpmyadmin (without passwords, mails form users)?
Screenshot with sql injection on website, which is now turned off?

Feloth said:
You're missing the point. It's like talking to an open window. Blah.
Click to expand...
I don't understand your metaphor. Please rewrite to polish language. ;z
 
Last edited:
Dulin said:
Yes, now is question: What about violates of sensitive data from another user?
Screenshot from phpmyadmin (without passwords, mails form users)?
Screenshot with sql injection on website, which is now turned off?
Click to expand...

I would not say that mails from users is sensitive data, and a screneshot with SQL injection should not be considered that either because if there is a vulnerability in a website application posted here it is better if everyone knows about it so that they can patch it than just a few people who are more likely to take advantage of this vulnerability.

The problem with the screenshot that someone posted in this thread is that it contained the root password to Kekox MySQL server.
 
Well, i'd say that posting exploits should be legal. Posting userdata shouldn't (Actually it's breaking the law in many countries not to encrypt passwords etc). Everyone should enable SHA1, SHA512 or VAHASH.
 
stian said:
Well, i'd say that posting exploits should be legal. Posting userdata shouldn't (Actually it's breaking the law in many countries not to encrypt passwords etc). Everyone should enable SHA1, SHA512 or VAHASH.
Click to expand...

I think, messing someone's data, basically doing bad staff on purpose without his permission is consiredet as crime as well.

I think it's consiredet within Computer's misuse act, and posting exploits in the software and hacking someone with it is a crime. :huh:

http://en.wikipedia.org/wiki/Computer_Misuse_Act_1990

1) unauthorised access to computer material, punishable by 6 months' imprisonment or a fine "not exceeding level 5 on the standard scale" (currently £5000);
2) unauthorised access with intent to commit or facilitate commission of further offences, punishable by 6 months/maximum fine on summary conviction or 5 years/fine on indictment;
3) unauthorised modification of computer material, subject to the same sentences as section 2 offences.
 
stian said:
Well, i'd say that posting exploits should be legal. Posting userdata shouldn't (Actually it's breaking the law in many countries not to encrypt passwords etc). Everyone should enable SHA1, SHA512 or VAHASH.
Click to expand...

What does this have to do with the database connection? There is a difference on encrypting information saved inside the mysql, but in the actual config file you need to type the password unencrypted.
 
Kekox said:
@Up
They are not.. :) only cybershoot uz he's so inocent
Click to expand...

hahaha, especially Gesior is guilty who didn't edit this code since 0.3.4 version ;/
think sometimes, please... some people edited some lines of code and were releasing under Gesior's name ;/
 
Great, they changed widnet's name, probably trying to get away from all the discussion about him, or he's going to try and attempt to hack more people (hopefully not)

DONT BE CONFUSED!

widnet = Liugarneth
 
Talaturen said:
I would not say that mails from users is sensitive data, and a screneshot with SQL injection should not be considered that either because if there is a vulnerability in a website application posted here it is better if everyone knows about it so that they can patch it than just a few people who are more likely to take advantage of this vulnerability.

The problem with the screenshot that someone posted in this thread is that it contained the root password to Kekox MySQL server.
Click to expand...

I think Talaturen is a pretty cool guy, eh has forum and doesn't afraid of anything.
 
You know what a simple solution is? Stop freeloading. Jesus Christ. If the allegations against the ACC developers are true, then I give them props. Honestly people, if you are going to whine about getting screwed over when you are FREELOADING then make your own ACC. Seriously. There are tons of servers out there that use Gesior ACC and have a large amount of players on all the time. Nothing happens to them.

I mean, absolutely no offence intended, but from the looks of the thread starter; you are someone who downloads a distribution, downloads scripts and ACCs and then just launch your server. Maybe if you spent all the time you wasted on this thread you could have fixed the exploitable problems.
 

Similar threads

TheSeviest
The state of Dragon Ball OT servers (as for 2024)
Replies
6
Views
1K
Tofame
Tofame
Tormented
Torment OTS 7.4 Modern-Retro OTS
Replies
8
Views
631
Tormented
Tormented
Back
Top