unqfester Posted September 30, 2010 Report Share Posted September 30, 2010 Intrebarea mea este, la acest joc sa gasit un "bug" sa zic asa ... intri in joc si sus in pagina de net scrii un "script" [(javascript:alert(document.cookie)] apoi iti apare un SID (ex: SID=4ee38a482b740b70da0d29dbaf282820; BiteFight_servers_de_201=true; __utma=48777273.526678296.1284750647.1285766008.1285872861.10; __utmz=48777273.1284750647.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=48777273.eingeloggt; BiteFight_servers_de_10=true; __utmc=48777273; __utmb=48777273.6.10.1285872861 ) apoi cu sid`ul asta nu stiu ce se face unde se baga ce si cum dar tot ce este de vanzare la piata le furi si le bagi in contul tau ( contul de la sid care are legatura cu jocul) intrebarea mea la voi este daca stie cineva ceva de informatia asta sau un altfel de prog ? ( se plateste bine informatia, prog etc) nu este pentru mine vreau pentru cineva care vrea pentru contu lui si mai ales daca se gaseste ceva mai bun sa ii futa sau sa ii dea peste cap.Ps: am sa pun cateva poze cu un cont de test(i-am zis sa imi arate, nu cred pana nu vad) care o persoana stie combinatia dar nu vrea sa o dea mai departe. Va multumesc si sper ca nu v-am deranjat Imageshack - 55030907.jpgImageshack - 64301089.jpgImageshack - 21355164.jpgPs 2:Thx Bro !~ Quote Link to comment Share on other sites More sharing options...
Guest Nemessis Posted September 30, 2010 Report Share Posted September 30, 2010 Nu recurgeti la injuraturi. E o cunostinta de a mea Daca nu il puteti ajuta ignorati topicul. Merci. Quote Link to comment Share on other sites More sharing options...
enigmas Posted October 1, 2010 Report Share Posted October 1, 2010 javascript:alert(document.cookie) - get current cookie present on your computer, or on the computer where the link was launchedall __utmx keys are part of Google Analytics tracking__utmb* Hashcode* Changes to identify each unique session* Non-persistent cookie* Works with __utmc to determine when a session ends* Dies when a browser is closed* If it disappears a new visitor session is started__utmc* Session based cookie* Destroyed after 30 minutes of inactivity* Can be set higher* Works with __utmb to determine when session ends* If it disappears, a new visitor session starts* Visitor timeout set in __utm.js. Default is 1800 seconds* 30 minutes is appropriate. Some websites and their visitor traffic may require a different timeout value__utma = domainhash.unique.ftime.ltime.stime.sessioncount;* domainhash = hash of the domain name of the website* unique = a randomly generated 31 bit integer* ftime = UTC timestamp of first visitor session* ltime = UTC timestamp of last visitor session* stime = UTC timestamp of current visitor session* sessioncount = number of sessions; always incremented for each new session__utmz* keeps track of where the visitor came from, what search engine you used, what link you clicked on, what keyword you used, and where they were in the world when you accessed a website__utmv* gets set on the person’s computer, so that Google Analytics knows how to classify that visitorSID = session id of the user connected to that page.Unless you are able to force someone to launch javascript command and send you the returning info is useless.The only think vulnerable is SID but depends how this SessionID is treated. Quote Link to comment Share on other sites More sharing options...
unqfester Posted October 1, 2010 Author Report Share Posted October 1, 2010 destul de bine, acum depinde si ce face acest progamel si daca isi merita $, trimite-mi te rog un pm cu ce suma ai dori si imediat am sa iti trimit un rasp. thx !~ Quote Link to comment Share on other sites More sharing options...
