Jump to content
MakeWebGames

Recommended Posts

Posted

ok guys i have a guy on my game who basically just said that my game is unsecure

i said to him ok show me

so he showed me buy sending an annoucement using my account can some one give me some advise and also which pages of my game is unsecure

www.thedestroyers.co.cc

please dont hack it but you dont really want to see another mccodes game go do you so please help me :)

Posted

Re: Some Advise

its called sql_injection... and the only way to stop it is using secure coding on every page.

which will take a very long time.

all of your pages are unsecure.

Posted

Re: Some Advise

 

ok guys i have a guy on my game who basically just said that my game is unsecure

i said to him ok show me

so he showed me buy sending an annoucement using my account can some one give me some advise and also which pages of my game is unsecure

www.thedestroyers.co.cc

please dont hack it but you dont really want to see another mccodes game go do you so please help me :)

Well this post kinda gives away that announcments.php is insecure.

Posted

Re: Some Advise

On the cmarket.php you can only exploit to get crystal's. So no it won't be crystal market.

Possibly one of the following wich i had trouble with:

forums.php

authenticate.php

forgotpassword.php

I would recomend deleting the forums.php and see what the little boy has to say then.

Posted

Re: Some Advise

 

On the cmarket.php you can only exploit to get crystal's. So no it won't be crystal market.

oh now thats wrong i could get anything from any exploitable place...

not trying to be mean here but you're giving out wrong information.

any sql weakness can be exploited to do a large amount of things, if you know how

most games block cmarket and forums n think nothing of it lol

Posted

Re: Some Advise

I am spending $0.00 - $1000 to a professional programmer to secure all files on my site, create protection portals etc. My admins have all Chipped in some money to make it a bit easier on me. Once that job is done it will move out of the Stage (3) BETA into the open. Also have completely New registration, header.php etc being coded. Good hopes!

Posted

Re: Some Advise

 

I am spending $0.00 - $1000 to a professional programmer to secure all files on my site, create protection portals etc. My admins have all Chipped in some money to make it a bit easier on me. Once that job is done it will move out of the Stage (3) BETA into the open. Also have completely New registration, header.php etc being coded. Good hopes!

1k is a little high for a mc codes game, is it Nyna?

maybe not 250 a hour is her fee lol

Posted

Re: Some Advise

Zero-Affect, set up a test game. Try exploiting the cmarket.php. Try getting a user's password and what what.

Authenticate... Some site's have had this problem where i can put in your username and my password and i can login to your account.

Forgot Password... Some site's have had this problem aswell where a user can get the admin's password reset and the email is sent to the user who is exploiting.

Forums... ALL site's have had this problem when they begin there v2 mccode game or even v1. Where the exploiter use's something like userpass,userpass,userpass,userpass,userpass,userpass,userpass where userid=1 or am i wrong?

 

Now as for the cmarket. The only input you got is when your selling your own crystal's and it is only removing crystal's from the user's account.

I might be wrong but with a simple union select userpass from userid=1 MIGHT work but i am not sure.

Posted

Re: Some Advise

 

I am spending $0.00 - $1000 to a professional programmer to secure all files on my site, create protection portals etc. My admins have all Chipped in some money to make it a bit easier on me. Once that job is done it will move out of the Stage (3) BETA into the open. Also have completely New registration, header.php etc being coded. Good hopes!

1k is a little high for a mc codes game, is it Nyna?

maybe not 250 a hour is her fee lol

No i said im willing to spend up to $1000. By the time im finished with it, it will not be MCcode.

No its not Nyna and no its not $250 an hour. The Programmer is David Schwartz if i decide to go into business with him. If not him ill probably go with MK5 who charges $125 but at the moment i believe its around $80. It takes much longer then 4 hours aswell to secure every file i believe.

This is my hobby, i love it and i will expand on it. When everything is sweet, i will then use this code for any future games i do make which i have one planned with POG1 right now.

None the less this isnt just a little game, its a small enterprise xD You have to spend some to make some.

Posted

Re: Some Advise

 

I would not recomend MK5. Altho he can program/code very good. He tend's to run off some time's and come back after a week with some stupid excuse.

reminds me of someone...

actually Kyle i have a test site i also have several codes for extracting username password and various other user table rows

im sure you're mistake my friend

on another note, good luck radio hope it works out well

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...