Forum

> > Unreal Software > Protect Unrealsoftware
Forums overviewUnreal Software overviewLog in to reply

English Protect Unrealsoftware

6 replies
To the start Previous 1 Next To the start

old Protect Unrealsoftware

Grand Master
User Off Offline

Quote
Firstly I'm not trolling or scaring pepole or something, this topic is about protecting unrealsoftware accounts from hacking/hijacking. Some days ago, I got a result. Hackers can hack the accounts by using that ways/methods,
1. The hack tool will enter an incorrect password, then there still may a connection between unrealsoftware and the hacker, then it will let the hacker to get the password from the database. It's what I think, also I am right I think.
2. Add a script what will not let the user connect to unrealsoftware till it gets the user browser, ip and other. You can add the browsers that you want to be in whitelist, then the system will only allow them. It can protect Unrealsoftware from ddosing/hacking in some ways, also same to accounts.
3. I am really not sure about MySQL tables and others, Could you check them again.
4. Can't you use oauth2 to protect Unrealsoftware accounts from hacking.
5. You have to use
1
htmlspecialchar
like
1
htmlspecialchar($_POST['name'])
to protect Unrealsoftware accounts from XSS Attacks.
6. You can use
1
2
preg_match
preg_match ( string $pattern , string $subject [, array &$matches [, int $flags = 0 [, int $offset = 0 ]]] ) : int
for the name input.

So to protect Unrealsoftware accounts from hijacking can't you add a system when we login and we enter the name, password, then it sends an account verification to our email. (it's the best way to protect Unrealsoftware accounts from hijacking and hacking)

√ If you use my methods to protect Unrealsoftware accounts from hacking and hijacking, Unrealsoftware accounts will never be hacked again, also it will not be possible for hijackers to hijack unrealsoftware accounts like now.
edited 5×, last 21.09.19 12:14:07 am

old Re: Protect Unrealsoftware

Starkkz
Moderator Off Offline

Quote
I don't think it's currently possible to implement OAuth2 on the UnrealSoftware forum. But even if it was implemented, the OAuth2 client credentials would still be embedded on the browser so I don't think it would make much of a difference.

If you have found a security vulnerability you should directly contact @user DC.

old Re: Protect Unrealsoftware

ohaz
User Off Offline

Quote
You're listing a lot of Threats, but not a single Vulnerability. What is DC supposed to do with this? I think he knows about the Threats already, currently the only thing that would actually help is reporting Vulnerabilities

old Re: Protect Unrealsoftware

Gaios
Reviewer Off Offline

Quote
Wtf is that thread about? We don't get any account hijacking here.. I don't see any vulnerability here.
All we can do yet is CSRF Protection.

@user Grand Master: If you're so hard, hack my account then.

old Re: Protect Unrealsoftware

Grand Master
User Off Offline

Quote
user Gaios > https://imgur.com/a/2nYiqbM
Can you tell me what is happening there

Hundreds accounts got hijacked/hacked, and you're still trying to hide them. At least find a solution.

Also all you can do yet is not only CRSF Protection. You can do many more things to protect Unrealsoftware accounts.
edited 1×, last 21.09.19 10:13:39 am

old Re: Protect Unrealsoftware

Grand Master
User Off Offline

Quote
user Gaios has written
You will get a ban when you violate the rules. A banned account is very limited. It is not allowed to get a new account. Every person is only allowed to have one single account.

illegal http://unrealsoftware.de/rules.php


The hacker(I don't want to mention his name here, PM me if you want to know) is playing with a new usgn everyday, so he violated the rules, he didn't even get ban yet, But we're not allowed to have multiple accounts.
To the start Previous 1 Next To the start
Log in to replyUnreal Software overviewForums overview