Ikonboard » Printable Version of Topic » cr0 : I would turn off html.

Forum: The Classroom
Topic: cr0 : I would turn off html.
started by: Ansible

Posted by Ansible on Jun. 18 2000,00:40

I would really consider turning off html in posts. I found it is VERY easy to grab the passwords of anyone who uses cookies if it is enabled. A friend snagged about 10 passwords for ars when he was testing the method.

Posted by Bob_Cannibal on Jun. 18 2000,01:48

have you got mine?

Posted by Chrissy on Jun. 18 2000,04:30

that sucks ass

------------------
"The causes we know everything about depend on the causes we know nothing about, which depend on the causes we know absolutely nothing about."- Tom Stoppard

Posted by Ansible on Jun. 18 2000,10:41

No, I havent grabbed any. If you want, and cr0 doesnt object, I could demo it, and post just the passwords without usernames to show it really works.

Posted by kuros- on Jun. 18 2000,12:05

by all means go ahead!!

Posted by masher on Jun. 18 2000,12:55

whoops

looks like infopop needs to cover some holes in their coding

------------------
vegemite rocks!!!

Remember, its all your fault.

Posted by Ansible on Jun. 18 2000,15:44

If cr0 gives me the go ahead, i'll post the code to catch them... We are all waiting for you, Sir cr0bar.

Posted by cr0bar on Jun. 18 2000,21:21

Too late.

------------------
"Everyone's favorite implement for any task"
------------------

Posted by Ansible on Jun. 18 2000,21:32

Good man.

Posted by Kayy on Jun. 18 2000,23:16

It's all fair and well being able to grab peoples passwords, but who in all honesty is LAME enough to do that on here? and more to the point, what's the point of doing it? you dont gain anything, there's nothing to gain, you cant do anything with the passwords apart from post on here or possibly get into the admin area if you have a pass for an admin. And cr0 aint likely to use raw HTML on a post anyways.

------------------
When darkness calls and the pain and suffering begin again, you can guarantee that I shall be the instigator.
-
Kevin "Kayy" Beadle, The Proprietor and Innovator of Kayyos-Vx WebDesigns.

Posted by DrunkNigel on Jun. 19 2000,12:12

dude, it's called 'braging rights'. >=)

------------------
"If it doesn't work, hit it with a hammer."

Posted by Rol3x on Jun. 20 2000,22:55

I personally dont care, but if i was Ansible, or whoever has the code to get the pw's, i would just say i had it, and leave it at that. but i agree with Kayy, theres almost no point in actually getting them.
-

Posted by neotope on Jun. 20 2000,23:01

People shouldnt be using their standard passwords here anyways. I'm using the password that I was assigned. Why don't I change it? Well it really doesnt matter because its saved by a cookie so I never need to type it. If someone finds out this password oh boy they might be able to post some messages as me.