Skip to content
View in the app

A better way to browse. Learn more.

Tip.It Forum

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

DI Exposed

Featured Replies

I have no idea what this is but that random user is my forum acc lol what are the odds >.<

  • Author

Did you even watch it? They have been logging user/pass info and stored it away for who knows what reason. Basically if you log in there ever, they can use your password to hack you elsewhere.

Thats why most persons have different passwords for other sites

And now you've hacked/defaced the website, good job?

  • Author

Yeah, alerting people that they have been compromised is bad.

Brian admitted he was storing passwords because of an exploit in the recovery system. He advised everyone to use different passwords aswell. If you need your password back you could just ask.

Edited by Twix

  • Author

In the source code there is clearly a comment stating that Eric did it, and not to tell anyone about it.

Everyone still knew lol

  • Author

I am sure all new members for the last 4 years were made aware.

It's common knowledge really that with IPB2 you can easily find people's login information. This problem was fixed in IPB3. Sure there's ways to go around that, but you'd need access to the database and the salts which make it more complicated.

 

It just goes to show to use different passwords for different sites. Not really a difficult concept to grasp to be honest.

Edited by Killerred005

j0xPu5R.png

So you exposed what exactly? That password & attempted logins were being stored...not exactly a thing that needs "exposing" really :unsure:

Edited by WeeMan1311

A2xdnTr.png

X2LvGU2.png

The odd thing is here that they were stored in plain text.

classic-76561198015681283.png

So you exposed what exactly? That password & attempted logins were being stored...not exactly a thing that needs "exposing" really :unsure:

Login information always has to be stored in the database - but this shows that DI was deliberately storing them in plain text in a way that could make them easily retrieved.

polvCwJ.gif
"It's not a rest for me, it's a rest for the weights." - Dom Mazzetti

Lol I made an account in those forums just for the New Year's hack lulz. Can't remember the user and pass now though. :\

Edited by kuru72

kuru72siggy3.png

 

Retired on: June 30, 2010

It's also best to avoid registering on other clans' forums. :P

65495229.png

With love to one, friendship to many, and good will to all.

So you exposed what exactly? That password & attempted logins were being stored...not exactly a thing that needs "exposing" really :unsure:

 

Passwords are stored in databases but they're encrypted.. meaning that no one, including people who have access to the database, can crack your password. They exploited code to mess around with that.

 

Kinda disappointed here. Luckily I use a different password for everything, but damn, I can't help but think how many accounts were hacked this way. Really uncool.

Edited by Deltaer

[2010] Proud Member of Downfall

[2004-2005] Former Leader of The Unbreakables, Former Member of Corruption, Former Member of 'The' Clan

(...and Anarchy for a few weeks... shhh...)

You were probably the hacker, lol.

phimproved.png

This is what passwords look like in a database in their encrypted form:

 

passwords.png

 

It is possible to unencrypt them, that is, make them legible - but it's difficult.

polvCwJ.gif
"It's not a rest for me, it's a rest for the weights." - Dom Mazzetti

Everyone running 2.X.X did this back when it was relevant. :$

deadforumslol.png

Oh, that's incredible useful.

#Solace | Solace Senior Member |

Solace Forums | Solace Memberlist

ankitm.jpg

I'm making a killing here, I think I should be on top of the world just chilling here.

exposing a dead clan, nice.

100925185951.png

3144j6q.png

3 Years Strong<3

 

PM TheHitman|Will in #downfall at swiftirc if your interested in a fight against Downfall Clan

now I know everything.

lightningcopy.png

I could have easily guessed they've been doing that lol but thanks for letting people know I suppose.

6590ew.jpg

Create an account or sign in to comment

Important Information

By using this site, you agree to our Terms of Use.

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.