May 05, 2008, 06:05 PM // 18:05
|
#21
|
Jungle Guide
Join Date: May 2005
Guild: -None-
Profession: R/Me
|
To put it plainly, their site is not secured against cross-site scripting, which has been a pretty basic measure in web development. Look up cross site scripting in wiki for more details
|
|
|
May 05, 2008, 06:05 PM // 18:05
|
#22
|
Frost Gate Guardian
|
Quote:
Originally Posted by slowerpoke
if this is an expolit you should prolly report it to them and not advertise it here
|
Trust me I reported much more serious flaws than this and they never got fixed.
|
|
|
May 05, 2008, 06:06 PM // 18:06
|
#23
|
Wilds Pathfinder
Join Date: Dec 2006
Location: That one place with the trees, mountains and snow
Guild: Ember Power Mercenaries [EMP]
Profession: Me/
|
Quote:
Originally Posted by slowerpoke
if this is an expolit you should prolly report it to them and not advertise it here
|
pablo24 most likely already reported it and PlayNC probably ignored him (like usual) so the only way to force PlayNC to fix this is making the exploit public.
Last edited by Alexandra-Sweet; May 05, 2008 at 06:18 PM // 18:18..
|
|
|
May 05, 2008, 06:07 PM // 18:07
|
#25
|
Hell's Protector
Join Date: Oct 2005
Profession: R/Mo
|
*pats No Script*
|
|
|
May 05, 2008, 06:09 PM // 18:09
|
#26
|
Frost Gate Guardian
Join Date: Jul 2007
Location: Canada
Guild: Virtual Love [kiSu]
|
Quote:
Originally Posted by Kusandaa
Could that be where the possible hacker got his info from? Regarding the hacked accounts thread thingy... I say it's possible >_>.
|
You're welcome ^^, and yes I'd say it's possible, since this technique amongst other things, can be used to steal credentials without the user ever knowing.
PlayNC needs to fix this, but as security concious users, people should:
- Never blindly follow links from emails, webpages or forums, and
- Whenever credentials are required, get to the webpage on your own (type the url in the browser)
|
|
|
May 05, 2008, 06:13 PM // 18:13
|
#27
|
Forge Runner
|
Ouchies....
Quote:
Originally Posted by Rift
PlayNC needs to fix this, but as security concious users, people should:
- Never blindly follow links from emails, webpages or forums, and
- Whenever credentials are required, get to the webpage on your own (type the url in the browser)
|
A well constructed spoof will fool even the most cautious users.
|
|
|
May 05, 2008, 06:24 PM // 18:24
|
#28
|
Grotto Attendant
|
For those slow on the uptake, the long and short of this is DO NOT follow any links to the PlayNC website. If you must log in to PlayNC, get there by entering the address directly into your address bar.
For those who did get it, since this one would be so easy to move from proof-of-concept to practice, let's not spell out how it works any more than Pablo already has, OK?
|
|
|
May 05, 2008, 06:33 PM // 18:33
|
#29
|
Forge Runner
Join Date: Jul 2006
Profession: N/Mo
|
Dunno if it's related, but let's see.
I checked the links, then I had to reboot due to loss of sound (static electricity discharged on my desk kills my sound card and I have to reboot for it to work). When I booted Windows, SpyBot automatically loaded ("eh look at this, I have a problem ¬¬") and took a couple minutes to search through my files for possible problems. It found 19 total. Of course I ran a check yesterday for similar problems >_>.
Since then, something is trying to modify my registery and caused several CMD applications to open. A couple of .dll files from system32 are missing, and I might have to format my HDD this afternoon if I have too many problems (TBH it wouldn't hurt at all, been running without formatting for nearly 2 years).
I just find it awkward that after I click on those sites... well I'm experiencing problems I've never had before.
|
|
|
May 05, 2008, 06:34 PM // 18:34
|
#30
|
Frost Gate Guardian
|
Quote:
Originally Posted by Kusandaa
Dunno if it's related, but let's see.
I checked the links, then I had to reboot due to loss of sound (static electricity discharged on my desk kills my sound card and I have to reboot for it to work). When I booted Windows, SpyBot automatically loaded ("eh look at this, I have a problem ¬¬") and took a couple minutes to search through my files for possible problems. It found 19 total. Of course I ran a check yesterday for similar problems >_>.
Since then, something is trying to modify my registery and caused several CMD applications to open. A couple of .dll files from system32 are missing, and I might have to format my HDD this afternoon if I have too many problems (TBH it wouldn't hurt at all, been running without formatting for nearly 2 years).
|
Nothing to do with this, look at the link yourself to see what it does.
|
|
|
May 05, 2008, 06:35 PM // 18:35
|
#31
|
Desert Nomad
Join Date: Apr 2006
Profession: W/
|
Quote:
pablo24 most likely already reported it and PlayNC probably ignored him (like usual) so the only way to force PlayNC to fix this is making the exploit public.
|
http://www.tigerdirect.com/cgi-bin/S...art=y&msg=This used to accept anything
I found that four years ago. Three years ago they still weren't sanitizing the input even after multiple complaints and a full-fledged proof-of-concept attack on the form the completely replaced their shopping cart with a form that sent data offsite. They finally fixed it within the last year or so.
Unfortunately, there's rarely any way to get directly to the website developers who can fix these sorts of things, and since business majors have no actual competencies, yet are usually the people managing the individuals who DO get the reports, it's pretty much standard procedure for this sort of report to never get into the hands of anybody who knows anything.
Sadly, this sort of incompetence is standard procedure in the business world. Remember that the next time you buy anything online...
|
|
|
May 05, 2008, 06:43 PM // 18:43
|
#32
|
Desert Nomad
Join Date: Jul 2007
Location: Cuba
|
try Gailes wiki? shes heading up support and usually follows up on things brought to her attention
|
|
|
May 05, 2008, 06:43 PM // 18:43
|
#33
|
are we there yet?
Join Date: Dec 2005
Location: in a land far far away
Guild: guild? I am supposed to have a guild?
Profession: Rt/
|
this is not helping me feel any better.....but good to know its there and that we should be even more cautious about what we do.....ugh.
__________________
where is the 'all you can eat' cookie bar?
|
|
|
May 05, 2008, 06:50 PM // 18:50
|
#34
|
Frost Gate Guardian
|
Alright, Gaile finally sent me an email, but keep checking all the links that go to the plaync login site!
|
|
|
May 05, 2008, 07:17 PM // 19:17
|
#35
|
Desert Nomad
Join Date: Sep 2006
Location: Virginia
Guild: Spirit of Elisha
Profession: W/
|
I sent a PM to Regina earlier (back when this thread was 1 page long) and asked her to read this thread since I noticed that she replied in the hacked accounts thread.
She replied quickly and said that she's forwarded the info here onto Gaile and they are looking into fixing it. Hopefully something will get fixed.
Thanks for finding it pablo. I'm glad you're on our side.
|
|
|
May 05, 2008, 07:52 PM // 19:52
|
#36
|
Lion's Arch Merchant
Join Date: Apr 2008
Location: The Netherlands, Europe
Guild: Mystic Spiral [MYST]
Profession: W/
|
That.. Creeped me out o_O
Someone reassure me that there's nothing evil going on on that page?
|
|
|
May 05, 2008, 07:56 PM // 19:56
|
#37
|
Krytan Explorer
Join Date: Mar 2008
Location: Hall of Monuments
Profession: N/
|
Good find Pablo. I never would have thought to look for something like that. This is quite possibly how hackers are stealing people's accounts. It would not be to difficult to do I assume.
|
|
|
May 05, 2008, 08:07 PM // 20:07
|
#39
|
Lion's Arch Merchant
Join Date: Apr 2008
Location: The Netherlands, Europe
Guild: Mystic Spiral [MYST]
Profession: W/
|
I see (triple even!).
Here's to hoping NCsoft pays attention.
|
|
|
May 05, 2008, 08:25 PM // 20:25
|
#40
|
Desert Nomad
Join Date: Oct 2006
Location: Ireland
Guild: Currently LF Active HA Guild, Glad 2, Comm.3, R2
Profession: E/
|
gj and nice find pablo
hopefully it'll be sorted out soon
|
|
|
Thread Tools |
|
Display Modes |
Linear Mode
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT. The time now is 09:31 PM // 21:31.
|