Bleach Online Forum

Title: [FIXED] Possible account trading exploit [Print this page]

author: dionysvs    time: 2016-4-26 19:47:30     Title: [FIXED] Possible account trading exploit

Edited by dionysvs at 2016-5-4 05:54

Link method disabled, link only works temporarily now.

Note for sellers: i was looking around for safe ways to sell/buy an acct, there are some 3rd party sites that provide guarantees not sure how those work, but if the buyer pays via paypal they can easily do a chargeback either to paypal directly or to the credit card company and theres nothing you can do

author: AssassinwithRPG    time: 2016-4-26 20:16:07

Fuck just checked this. Please take this thread down. Notifying about this is great and all but this exploint will do more damage than good. Thanks.
author: [email protected]    time: 2016-4-26 20:20:53

Edited by [email protected] at 2016-4-26 20:28

oh my then dont trade ur acc lol. paypal will just ban ur acc for a trade like this ne ways read the paypal tos.If u get scammed your screwed Ive had it happen b4.
author: dionysvs    time: 2016-4-26 20:22:58

Edited by dionysvs at 2016-4-26 20:28
AssassinwithRPG replied at 2016-4-26 20:16
Fuck just checked this. Please take this thread down. Notifying about this is great and all but this ...

i get that but a lot of players already use this link method in everyday playing so its better for everyone involved to be aware of the risks
also, ive tested this on CN too and it doesnt work because you dont get the direct login link with source, it might work for UN since they are both joyfun?

author: AssassinwithRPG    time: 2016-4-26 20:27:25

Edited by AssassinwithRPG at 2016-4-27 01:29
dionysvs replied at 2016-4-27 01:22
i get that but a lot of players already use this link method in everyday playing so its better for ...

Its a fucking link, it can be edited you are aware, gaining access to other accounts. This is an exploit which can result in not scamming but "hacking". That ain't something you should notify people about but the support. Or at least edit the thread so you don't show to do it.
author: dionysvs    time: 2016-4-26 20:29:43

Edited by dionysvs at 2016-4-26 20:33
AssassinwithRPG replied at 2016-4-26 20:27
Its a fucking link, it can be edited you are aware, gaining access to other accounts. This is an e ...

thats next to impossible, not only would you need the right combination of time, server, acct id number, the sign in detail is more than 20 characters by itself
author: AssassinwithRPG    time: 2016-4-26 20:33:15

dionysvs replied at 2016-4-27 01:29
thats next to impossible, not only would you need the right combination of time, server, acct, the ...

I agree with that. But I don't want bs flowing into forum. There is another way of using this that would be a lot more efficient than just typing stuff in.  I ain't saying shit though. Gonna  mess with it though to see the potential it has.

Massive security flaw.
author: dionysvs    time: 2016-4-26 20:38:45

AssassinwithRPG replied at 2016-4-26 20:33
I agree with that. But I don't want bs flowing into forum. There is another way of using this that  ...

ive removed the exactly how to get the link, but a lot of ppl know this already, ive seen ppl mention it before and one guy even posted his link in an image without knowing it can be used to access his acct
author: AssassinwithRPG    time: 2016-4-26 20:40:02

dionysvs replied at 2016-4-27 01:38
ive removed the exactly how to get the link, but a lot of ppl know this already, ive seen ppl ment ...

Appreciated if they have this type of security flow I wonder how easy it would actually to gain access to admin panel...no joke, gg getting fucking stupid now.
author: Devvoke2    time: 2016-4-26 20:54:31

Note: The author has been banned or deleted.
author: [email protected]    time: 2016-4-26 21:41:04

This is how i get on my account, much easier and no damn kon on the bottom screen
author: King_Akaba    time: 2016-4-26 21:49:55

Edited by King_Akaba at 2016-4-26 21:51

*le sigh* security flaws... black screens for a bunch of us US server players... Cyrus, Charlie, and the rest of the "team" need to get their shit together before I call it quits and give my account to my group chat peeps.
author: dionysvs    time: 2016-5-2 07:23:13

bump put the link method back in since no on got hacked and can help ppl with logging in when the main site is down
author: [email protected]    time: 2016-5-2 07:34:46

Yea, please take this down.
This post is doing more harm than good, most people who were supposed to know about this already knew about this.

author: [email protected]    time: 2016-5-2 07:35:59

[email protected] replied at 2016-4-27 03:41
This is how i get on my account, much easier and no damn kon on the bottom screen

This^^









author: Sylencer90    time: 2016-5-2 07:36:02

Note: The author has been banned or deleted.
author: [email protected]    time: 2016-5-2 07:41:51

Edited by [email protected] at 2016-5-2 13:44
dionysvs replied at 2016-5-2 13:23
bump put the link method back in since no on got hacked and can help ppl with logging in when the ma ...

M8, it has nothing to do with whether people actually get hacked or not.
It is about the fact that you are exposing a way to get hacked, it is about the fact that it *COULD* be used, now if it does get used that would be your fault entirely.

The way to hack the link is easier than you think, i will not be making a guide on it, but just know that it can be done, and very easily at that.

As i mentioned earlier, the people using this method of accessing the acc already know about this exploit and gogames staff 100% already knew about this, only people that don't / didn't know about this are people who have no need to know.

author: dionysvs    time: 2016-5-2 07:56:44

Edited by dionysvs at 2016-5-2 07:59
[email protected] replied at 2016-5-2 07:41
M8, it has nothing to do with whether people actually get hacked or not.
It is about the fact that  ...

1. show me you have hacked someone with this method eg livinggod and ill take it down
2. if gogames think this is a big enough problem, they would have/will patch it, this doesnt even work for CN
3. while you are online playing when the main site is down, try to think how frustrated ppl are when they cant get on during ES

edit: if someone is smart enough to manipulate the link to hack an acct chances are they know this already, if they arent smart enough to figure out this link even during main site down and cant log in, prob not a problem either...

author: jw4115ta    time: 2016-5-2 08:03:42

fuck you man why did you had to show it .
brah pls delete this
author: [email protected]    time: 2016-5-2 15:01:01

Edited by [email protected] at 2016-5-2 21:10
dionysvs replied at 2016-5-2 13:56
1. show me you have hacked someone with this method eg livinggod and ill take it down
2. if gogames ...

This is the whole problem, people don't usuall just stumble upon this method of access.
You know someone who told you about this method of accessing your account.


Sharing this method of access does no good at all, people who wanted to use the link for good, have always been told how to access it, but a new user doesn't need to know about this, a hacker just reading forum would because of you find this method of access.
You don't want to be the one blamed for someone getting their account hacked...

So please m8, almost every single major factor on forum has spoken out against you sharing this, does that not say enough?
Is that not enough?
BTW* The link does NOT work when the site/servers are down, only when the main login site is down, but the servers are still up, this has only happened once to my knowledge.


author: Zento-Hazashi    time: 2016-5-2 15:12:42

SOLUTION:

Don't buy accounts, build your own
author: Brahmastra    time: 2016-5-2 15:31:59

Zento-Hazashi replied at 2016-5-2 21:12
SOLUTION:

Don't buy accounts, build your own

This
author: [email protected]    time: 2016-5-2 15:41:06

Brahmastra replied at 2016-5-2 21:31
This

Add: Don't share your link you idiot^^/ Don't share your account details.

author: Mojito1985    time: 2016-5-3 16:40:45

and the session key never runs old or something?
author: [email protected]    time: 2016-5-3 16:56:39

Edited by [email protected] at 2016-5-4 12:44
Mojito1985 replied at 2016-5-3 22:40
and the session key never runs old or something?

Yep, it never does.
Now please everyone stop bumping this thread <3




Welcome to Bleach Online Forum (http://forums.gogames.me/) Powered by Discuz! X2