Bitcoin Forum
June 15, 2024, 05:39:02 PM *
News: Voting for pizza day contest
 
   Home   Help Search Login Register More  
Bitcoin Forum > Other > Beginners & Help > Can you hack my game?
Pages: « 1 [2]  All
« previous topic next topic »
  Print  
Author Topic: Can you hack my game?  (Read 1869 times)
romsa9 (OP)
Newbie
*
Offline Offline

Activity: 28
Merit: 0


View Profile
August 11, 2013, 01:12:19 PM
 #21
Quote from: TradeFortress on August 11, 2013, 09:10:21 AM
Do you use socket.io? If yes, I'm probably able to crash your server.

by a flood attack?
ZirconiumX
Full Member
***
Offline Offline

Activity: 286
Merit: 100



View Profile
August 11, 2013, 03:17:24 PM
 #22
Quote from: romsa9 on August 11, 2013, 01:03:12 PM
Quote from: ZirconiumX on August 11, 2013, 08:43:33 AM
I've just ran w3af on your URL.

-snip-

Hopefully this helps somewhat.

Matthew:out


There are no credit card numbers to expose.. Not a single credit card number is used anywhere.. What are you doing?

To be honest, I'm not massively sure about why w3af thought that was a credit card number. Maybe it just found something that matched a format for a credit card.

I suppose w3af only really turned up the potential ClickJacking attack.

I'd say the website is secure, but that's not for me to judge.

Matthew:out
romsa9 (OP)
Newbie
*
Offline Offline

Activity: 28
Merit: 0


View Profile
August 11, 2013, 03:50:55 PM
 #23
Quote from: ZirconiumX on August 11, 2013, 03:17:24 PM
Quote from: romsa9 on August 11, 2013, 01:03:12 PM
Quote from: ZirconiumX on August 11, 2013, 08:43:33 AM
I've just ran w3af on your URL.

-snip-

Hopefully this helps somewhat.

Matthew:out


There are no credit card numbers to expose.. Not a single credit card number is used anywhere.. What are you doing?

To be honest, I'm not massively sure about why w3af thought that was a credit card number. Maybe it just found something that matched a format for a credit card.

I suppose w3af only really turned up the potential ClickJacking attack.

I'd say the website is secure, but that's not for me to judge.

Matthew:out

Lol okay, i thought you were trolling Tongue I guess any 16-digit number looks like a CC number.
BitGlory
Full Member
***
Offline Offline

Activity: 168
Merit: 100


DATABLOCKCHAIN.IO SALE IS LIVE | MVP @ DBC.IO


View Profile
August 11, 2013, 05:05:33 PM
 #24
Twitter Bootstrap, again? :p
DiamondCardz
Legendary
*
Offline Offline

Activity: 1134
Merit: 1112



View Profile WWW
August 11, 2013, 11:22:33 PM
 #25
Yeah, you should still set an X-Frame-Options value to prevent a ClickJacking attack, because of the nature of the site (passwords and such).

To prevent the exploit: set X-Frame-Options to DENY in the HTTP header.
BA Computer Science, University of Oxford
Dissertation was about threat modelling on distributed ledgers.
romsa9 (OP)
Newbie
*
Offline Offline

Activity: 28
Merit: 0


View Profile
August 12, 2013, 01:20:21 AM
 #26
Quote from: DiamondCardz on August 11, 2013, 11:22:33 PM
Yeah, you should still set an X-Frame-Options value to prevent a ClickJacking attack, because of the nature of the site (passwords and such).

To prevent the exploit: set X-Frame-Options to DENY in the HTTP header.



Fixed Smiley

Quote from: BitGlory on August 11, 2013, 05:05:33 PM
Twitter Bootstrap, again? :p

Yes, Twitter Bootstrap is quick and easy, and looks decent, with great usability.
Will certainly be looking at upgrading the UI, but right now the aren't enough hands for this.
Kiwi7
Newbie
*
Offline Offline

Activity: 50
Merit: 0



View Profile
August 12, 2013, 02:12:41 PM
 #27
Quote from: Kiwi7 on August 11, 2013, 10:36:56 AM
Tried to register, "invalid captcha" :O
Where is the captcha?
Pages: « 1 [2]  All
  Print  
Bitcoin Forum > Other > Beginners & Help > Can you hack my game?
 « previous topic next topic »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!