Title: Admins, take a look at this anomaly. May be an issue. Post by: YuTü.Co.in on January 13, 2018, 02:25:04 AM https://bitcointalk.org/index.php?topixce7y655r00i8uhyvf
Code: topixce7y655r00i8uhyvf Not sure if such could be exploited, but thought it prudent to bring it to your attention nonetheless as thanks for banning me for 7 days, ~2 weeks after the fact where I ceased the infraction on my own accord upon reviewing the rules, of which my user accounts continue to receive PMs from various users violating the very infraction that I was banned for (PM ad spamming). But I digress. TBC with the issue at hand, I can't see how random characters inserted in a URL like "topixce7y655r00i8uhyvf" is able to generate the following page having the correct URL: https://bitcointalk.org/index.php?topic (note: "topic"). BTW, your welcome for thanking me when I've previously brought up other issues/anomalies pertaining to the workings of this forum. Apologies for revisiting the ban aspect, but I do find it odd that my accounts were all banned directly after PM;ing sensitive info to a user. Are my PMs being monitored? And no, I have no issues with any admins or mods, albeit some may have issues with me if I've inadvertently stepped on toes while conducting investigations into rogue actors via my Gleb and other accounts, all of which efforts I've never accepted a satoshi for, always thinking about the betterment of the community first. Strike that! I have been paid. Paid in the form of negative trust by rogue actors on this forum's trust thingy that isn't indexed by Google et al., thus allowing non-registered Newbies to this space to visit this forum and stumble upon users having mega negative trusts who's hawking snake oil, whereupon the Newbies make purchases from linked-to sites for wares they'll never see because ... wait for it ... they're forbidden to see the rogue actors' negative trust ratings because they're not logged in-cum-registered, thus not fully informed like the rest of us. Genius! Again, I digress, for I first brought up the trust thingy anomaly over two years ago, of which it was ignored, akin to Investards ignoring myriad warnings about Bitconnect clones, they now cumulatively tens of millions of dollars poorer. Sadly, ONLY those registered on this forum are aware of my scammy ass, proof depicted in this forum's trust thingy of my user accounts posted by bygone users who are also tens of millions of dollars richer, amassed while I was sticking it up their asses big time. In closing, did I already use "but I digress"? Peace, Bruno Title: Re: Admins, take a look at this anomaly. May be an issue. Post by: ibminer on January 13, 2018, 02:44:33 AM https://bitcointalk.org/index.php?topixce7y655r00i8uhyvf Code: topixce7y655r00i8uhyvf TBC with the issue at hand, I can't see how random characters inserted in a URL like "topixce7y655r00i8uhyvf" is able to generate the following page having the correct URL: https://bitcointalk.org/index.php?topic (note: "topic"). The URL above didn't do anything for me, just goes to https://bitcointalk.org/index.php?topixce7y655r00i8uhyvf and lands on the main page, likely ignoring the injected characters. Maybe this is just more about the ban? So what were you spamming to users to get banned? Title: Re: Admins, take a look at this anomaly. May be an issue. Post by: Quickseller on January 13, 2018, 02:49:24 AM What were you banned for? PM spam? What you were PM'ing?
Title: Re: Admins, take a look at this anomaly. May be an issue. Post by: YuTü.Co.in on January 13, 2018, 03:28:39 AM https://bitcointalk.org/index.php?topixce7y655r00i8uhyvf Code: topixce7y655r00i8uhyvf TBC with the issue at hand, I can't see how random characters inserted in a URL like "topixce7y655r00i8uhyvf" is able to generate the following page having the correct URL: https://bitcointalk.org/index.php?topic (note: "topic"). The URL above didn't do anything for me, just goes to https://bitcointalk.org/index.php?topixce7y655r00i8uhyvf and lands on the main page, likely ignoring the injected characters. Maybe this is just more about the ban? So what were you spamming to users to get banned? That's what I'm saying. It shouldn't go anywhere, yet it resolves to https://bitcointalk.org/index.php?topic, hence the anomaly. Surely there's a bug there that some rogue actor can exploit, just like the same reason why links on this forum are forced to open up in the same tab, formerly opening up in a new tab, changed because of a potential threat. What were you banned for? PM spam? What you were PM'ing? I was PM'ing select users to bring awareness to the link found in my sig. After about 4 dozen sents, it dawned on me that there might be some rule pertaining to such action in spite of myself receiving myriad spam PMs, none of which I felt it prudent to make admins aware. Lo and behold, sure enough I was in violation, immediately ceasing said actions on my own accord. But come ~2 weeks later, I was banned for the offense. Seriously, though, I'm not mad or bitter, in spite of seemingly ranting about it. It's not like I was PM'ing some admins dox which I have but not available at any price unless said person goes rogue, then the price is free. You'll be amazed of the dirt I have on some legacy folks in this space - some info found on my own accord; others given to me in kind over the years, none of which I plan to profit off of. Publicly - solely on this forum - I've allocated time toward exposing mainly new rogue actors, albeit allocating less time of late due to dedicating time to my Bruno Title: Re: Admins, take a look at this anomaly. May be an issue. Post by: MadZ on January 13, 2018, 06:19:16 AM I kinda doubt you've actually read the rules, otherwise you would've seen that evading a ban to post with an alternate account is against them too ::)
Title: Re: Admins, take a look at this anomaly. May be an issue. Post by: ibminer on January 13, 2018, 03:08:37 PM That's what I'm saying. It shouldn't go anywhere, yet it resolves to https://bitcointalk.org/index.php?topic, hence the anomaly. Surely there's a bug there that some rogue actor can exploit, just like the same reason why links on this forum are forced to open up in the same tab, formerly opening up in a new tab, changed because of a potential threat. What I'm saying is when I go to https://bitcointalk.org/index.php?topixce7y655r00i8uhyvf the browser just goes to https://bitcointalk.org/index.php?topixce7y655r00i8uhyvf - it does not redirect to anything. It lands on the main page because there is no server-side scripting to handle ?topixce7y655r00i8uhyvf and so it is ignored and you end up at https://bitcointalk.org/index.php Seriously, though, I'm not mad or bitter, in spite of seemingly ranting about it. It's not like I was PM'ing some admins dox which I have but not available at any price unless said person goes rogue, then the price is free. You'll be amazed of the dirt I have on some legacy folks in this space - some info found on my own accord; others given to me in kind over the years, none of which I plan to profit off of. Publicly - solely on this forum - I've allocated time toward exposing mainly new rogue actors, albeit allocating less time of late due to dedicating time to my I sometimes can't tell if you are being witty, serious, or sarcastic, but are you saying the "sensitive information" PM you alluded to in your OP was regarding the personal information/dox of an admin? theymos/Cyrus? In which case, there could certainly be hard-coded rules for PM's and posts to check for this type of personal information and alert admins. Doesn't necessarily mean they are/were specifically monitoring your PMs though, I'm sure some of the users also reported the PMs you were spamming which gave them additional reason to look. In the end, we should all know privacy of PMs has never been guaranteed. |