- Posts: 12
- Thank you received: 0
Silas, have you been hacked?
- Nick-BC
- [Nick D]
-
Topic Author
- Offline
- New Member
-
Less
More
14 Apr 2016 21:55 #226840
by Nick-BC
Silas, have you been hacked? was created by Nick-BC
Just got a message which obviously wasn't from you.
Please Log in or Create an account to join the conversation.
- flowing alpy
- [flowing alpy]
-
- Offline
- Platinum Member
-
Less
More
- Posts: 1272
- Thank you received: 0
15 Apr 2016 10:37 #226842
by flowing alpy
Replied by flowing alpy on topic Re: Silas, have you been hacked?
Hey Silas, Silver for Solstice or s4s this year looks do-able.
Please Log in or Create an account to join the conversation.
- flowing alpy
- [flowing alpy]
-
- Offline
- Platinum Member
-
Less
More
- Posts: 1272
- Thank you received: 0
20 Apr 2016 16:53 #226874
by flowing alpy
Replied by flowing alpy on topic Re: Silas, have you been hacked?
He must be skiing some great snow.
Please Log in or Create an account to join the conversation.
- kamtron
- [kamtron]
-
- Offline
- Senior Member
-
Less
More
- Posts: 269
- Thank you received: 8
21 Apr 2016 10:16 #226877
by kamtron
Replied by kamtron on topic Re: Silas, have you been hacked?
TAY should use SSL. Completely insecure as-is
Please Log in or Create an account to join the conversation.
- BrianT
- [saxybrian]
-
- Offline
- Junior Member
-
Less
More
- Posts: 174
- Thank you received: 0
22 Apr 2016 11:05 #226879
by BrianT
I can't believe I never noticed this before...
Via the HTTP request to log in
www.turns-all-year.com/skiing_snowboardi...ex.php?action=login2
POST index.php?action=login2
200 OK turns-all-year.com 20 B
208.113.215.5:80 235ms
ParamsHeadersPostResponseHTMLCacheCookies
Parametersapplication/x-www-form-urlencodedDo not sort
cookielength 180
passwrd mypassword
user myusername
Yeah, don't EVER use a decent password that you use with anything else on this site. This really should be addressed.
Replied by BrianT on topic Re: Silas, have you been hacked?
TAY should use SSL. Completely insecure as-is
I can't believe I never noticed this before...
Via the HTTP request to log in
www.turns-all-year.com/skiing_snowboardi...ex.php?action=login2
POST index.php?action=login2
200 OK turns-all-year.com 20 B
208.113.215.5:80 235ms
ParamsHeadersPostResponseHTMLCacheCookies
Parametersapplication/x-www-form-urlencodedDo not sort
cookielength 180
passwrd mypassword
user myusername
Yeah, don't EVER use a decent password that you use with anything else on this site. This really should be addressed.
Please Log in or Create an account to join the conversation.
- BrianT
- [saxybrian]
-
- Offline
- Junior Member
-
Less
More
- Posts: 174
- Thank you received: 0
22 Apr 2016 11:06 #226880
by BrianT
Replied by BrianT on topic Re: Silas, have you been hacked?
You can see from the above POST request to send the username/password is sent in CLEAR text, there's nothing hashing this and it's completely able to be sniffed anywhere on the wire/net. 
Please Log in or Create an account to join the conversation.
- flowing alpy
- [flowing alpy]
-
- Offline
- Platinum Member
-
Less
More
- Posts: 1272
- Thank you received: 0
30 Apr 2016 20:10 #226947
by flowing alpy
Replied by flowing alpy on topic Re: Silas, have you been hacked?
Saw him driving like a bat outta hell thru the neighborhood yesterday!
Please Log in or Create an account to join the conversation.
- flowing alpy
- [flowing alpy]
-
- Offline
- Platinum Member
-
Less
More
- Posts: 1272
- Thank you received: 0
05 May 2016 06:41 #226988
by flowing alpy
Replied by flowing alpy on topic Re: Silas, have you been hacked?
Silas, you going to Alpental today?
Please Log in or Create an account to join the conversation.