Jump to content

Login Pin + Screenshot Logger Protection -New RSOF Thread-

Crimsoncow42

By Crimsoncow42
in RuneScape Suggestions

 Share

Recommended Posts

D. V. Devnull

D. V. Devnull

Posted
Posted
maybe keep the bank pin to be sure its completely safe?

 

 

 

:?

Don't worry, this idea IS NOT meant to do away with the bank pin. In fact, quite the opposite! It is meant to assist the Bank PIN!!! 8-)

 

 

 

 

 

 

 

~Mr. D. V. "It ain't gonna kill that!" Devnull

tifuserbar-dsavi_x4.jpg and normally with a cool mind.

(Warning: This user can be VERY confusing to some people... And talks in 3rd person for the timebeing due to how insane they are... Sometimes even to themself.)

Link to comment
Share on other sites
  • Replies 426
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

Cheefoo
Cheefoo

Old thread, but definitely worth a support.   Also, it would be awesome if you could put in your pin on login, and not have to re-input it when you switch worlds via lobby.   All in all, I think these

Crimsoncow42
Crimsoncow42

I just nostalgia'd all over my keyboard. I then proceeded to read over the entire thread. A tear was shed :,)   By the way, this is still a good idea.

Triquos

Triquos

Posted
Posted

WOW I was thinking about the idea of putting your mouse on the number and making all the numbers then disappear so that they couldn't tell what number it is when it does a screenshot - but then I saw the exact suggestion on the thread!

 

 

 

You really have thought this out well, full support from me :thumbup:

2vuhgcn.png
Link to comment
Share on other sites
Crimsoncow42

Crimsoncow42

Posted
  • Author
Posted
maybe keep the bank pin to be sure its completely safe?

 

:?

Don't worry, this idea IS NOT meant to do away with the bank pin. In fact, quite the opposite! It is meant to assist the Bank PIN!!! 8-)

 

 

 

~Mr. D. V. "It ain't gonna kill that!" Devnull

 

 

 

Although I would use both the login pin and the bank pin if they were available, maybe you could explain the point of having two pins?

f203f1850c.png
Link to comment
Share on other sites
Levon_

Levon_

Posted
Posted

Full support from me. Personaly I would just make my bank pin the log-in pin, and get rid of my bank pin entirely.

Levon.png Bladewing.png

 

It's great you know what you're talking about rustiod. Everything you've said is 100% accurate a true.

 

That being said...your a [bleep]ing [bleep] douchebag, and none of your advice will ever (or should ever) be taken seriously because of it.

disregard good advice because the giver is a douche

 

THAT MAKES YOU A BETTER PERSON

Link to comment
Share on other sites
jonavolaii

jonavolaii

Posted
Posted

Login pin: yes

 

Turn off numbers on mouse-over: Yes

 

 

 

May I make a notice?

 

 

 

Seeing as lag happens on many computers, this could still prove fatal...

 

The screenshot could be taken before the client even thinks about removing the numbers...

 

 

 

Saying, for example, the user can't click until all the numbers are gone is not very effective because, although the game may not allow it to be considered a click, the system will, and the keylogger could take a screenie, and record where the mouse coordinates are, and then find out which one you wanted to press...

 

 

 

Also, remember that, especially in the pre-logon state of the client, there is very little memory usage... Anyone with a vengance and 3 months training could write a mem-logger that would wait for runescape to start up, and scan a certain object ("pincode" object if you will) for changes every tenth second, record the changes, and have an exact record of the numbers, which, quite frankly would be more effective than screenshots, although probably not for noob programmers (like me, this is all hypothetical, please don't call me a hacker...)

 

 

 

Probably a lot simpler but equally deadly would be a single form that "Overlaps" the pincode form...

 

 

 

It waits for you to open the pincode form, then records (in video or this method) the clicks... what it does is follow a predetermined path, and then scans the real buttons underneath it and also inputs the data in there... this means you are clicking on the logger, which "Clicks" on runescape and sends the data to the hacker as well...

 

 

 

Basically, screenies arent the only way, even though they *could* foil full removal of numbers... you would have to scan for mem-loggers, which can read it invisibly, without even doing noticeably more work... it could take months to find one of those... Invisible forms or visible forms mimicking the pin-form should also be held in consideration... In other ways, you will never get your account secure...

 

 

 

Runescape itself is hacked daily, although the hackers are then banned... then they do it again... then they get banned again, and so forth... no-one knows how to, because the hackers either keep it to themselves, or their methods have already been discovered...

 

 

 

I'm all for beter protection, but if someone *really* wants to get your password or pin? all they have to do is look up the same backdoor they always use...

 

 

 

To sum it all up, in the words of Dr. Demento:

 

 

 

Give up

All good newbies go to Lumbridge, I respawn in Camelot
Link to comment
Share on other sites
Crimsoncow42

Crimsoncow42

Posted
  • Author
Posted
Login pin: yes

 

Turn off numbers on mouse-over: Yes

 

 

 

May I make a notice?

 

 

 

Seeing as lag happens on many computers, this could still prove fatal...

 

The screenshot could be taken before the client even thinks about removing the numbers...

 

 

 

Saying, for example, the user can't click until all the numbers are gone is not very effective because, although the game may not allow it to be considered a click, the system will, and the keylogger could take a screenie, and record where the mouse coordinates are, and then find out which one you wanted to press...

 

 

 

Also, remember that, especially in the pre-logon state of the client, there is very little memory usage... Anyone with a vengance and 3 months training could write a mem-logger that would wait for runescape to start up, and scan a certain object ("pincode" object if you will) for changes every tenth second, record the changes, and have an exact record of the numbers, which, quite frankly would be more effective than screenshots, although probably not for noob programmers (like me, this is all hypothetical, please don't call me a hacker...)

 

 

 

Probably a lot simpler but equally deadly would be a single form that "Overlaps" the pincode form...

 

 

 

It waits for you to open the pincode form, then records (in video or this method) the clicks... what it does is follow a predetermined path, and then scans the real buttons underneath it and also inputs the data in there... this means you are clicking on the logger, which "Clicks" on runescape and sends the data to the hacker as well...

 

 

 

Basically, screenies arent the only way, even though they *could* foil full removal of numbers... you would have to scan for mem-loggers, which can read it invisibly, without even doing noticeably more work... it could take months to find one of those... Invisible forms or visible forms mimicking the pin-form should also be held in consideration... In other ways, you will never get your account secure...

 

 

 

Runescape itself is hacked daily, although the hackers are then banned... then they do it again... then they get banned again, and so forth... no-one knows how to, because the hackers either keep it to themselves, or their methods have already been discovered...

 

 

 

I'm all for beter protection, but if someone *really* wants to get your password or pin? all they have to do is look up the same backdoor they always use...

 

 

 

To sum it all up, in the words of Dr. Demento:

 

 

 

Give up

 

 

 

I guess there's nothing we can do about hackers that actually hack Jagex itself, but how many people can actually do that and who would waste 3 months of their time on one account?

 

 

 

why am i not on support list :(

 

 

 

put meeh on there :D

 

You are :) You're number 163.

f203f1850c.png
Link to comment
Share on other sites
jonavolaii

jonavolaii

Posted
Posted
I guess there's nothing we can do about hackers that actually hack Jagex itself, but how many people can actually do that and who would waste 3 months of their time on one account?

 

Actually, 3 months is the time it would take to learn how, after that its easy street...

 

 

 

As for hacking Jagex, thats only one of the suggestions, they could write mem-loggers (think of them as the opposite of a trainer) and lots of other stuff to get to your account itsself... but once they get into jagex database, they could delete everyone and give themselves 200mil xp in everything in under a minute...

 

 

 

nice little thing that could work with a little modification...

 

 

 

DELETE FROM users WHERE name != "Hackersname";

UPDATE users SET "XPPrayer", "XPAttack", ect = 200000000 WHERE name = "Hackersname";



// Or they could just do:



DROP DATABASE logindata;

 

 

 

I'm sure you can imagine what anyone with access and a will for destruction could do in 10 seconds... scary stuff... imagine if they also found the backups :ohnoes:

 

 

 

(little note, anyone saying they hack jagex and edit their levels are liars, there are no "Levels" only XP, although there are temporary boosts, these are like 1, 2, 3, -1, -2, -3)

All good newbies go to Lumbridge, I respawn in Camelot
Link to comment
Share on other sites
  • 2 weeks later...
Crimsoncow42

Crimsoncow42

Posted
  • Author
Posted
If you really want to be safe use the on screen keyboard

 

Start>All Programmes>Accessories>Accessibility

 

 

 

But yes, an optional pin would be easy to implement and save a lot of hassle.

 

 

 

 

 

2 words: On screen keyboard

 

The on screen keyboard triggers the exact same responses as a regular keyboard. In other words, it's just as vulnerable.

 

 

 

A keyboard sends signals to your system when a key is pressed. The on screen keyboard simply reads a click of a button in it, and replecates the signal. Keyloggers look for this signal and copy it.

f203f1850c.png
Link to comment
Share on other sites
  • 2 weeks later...
Serpent Eye

Serpent Eye

Posted
Posted

Maybe Jagex could impliment some sort of CAPCHA system.

 

 

 

After you enter your Username and Password, a page displaying a random series of letters and numbers would pop up. You would then have to type in that exact same sequence of letters and numbers to successfully log in.

 

 

 

The sequence itself is completely random image each time, so even if someone did get use a keylogger to find out that you typed in (example) "3984hhA" to log in, by the time then went to log into your account, they would get a different image and required sequence.

 

 

 

It seems to work on several sites.

 

 

 

Just a thought. ^^

glut.gif
2tchvHp.png

Link to comment
Share on other sites
Crimsoncow42

Crimsoncow42

Posted
  • Author
Posted
Maybe Jagex could impliment some sort of CAPCHA system.

 

 

 

After you enter your Username and Password, a page displaying a random series of letters and numbers would pop up. You would then have to type in that exact same sequence of letters and numbers to successfully log in.

 

 

 

The sequence itself is completely random image each time, so even if someone did get use a keylogger to find out that you typed in (example) "3984hhA" to log in, by the time then went to log into your account, they would get a different image and required sequence.

 

 

 

 

Yeah, but that wouldn't stop anyone. They would just type in the random phrase given to them. This would only stop password crackers which the login pin would stop anyways.

f203f1850c.png
Link to comment
Share on other sites
Serpent Eye

Serpent Eye

Posted
Posted
Maybe Jagex could impliment some sort of CAPCHA system.

 

 

 

After you enter your Username and Password, a page displaying a random series of letters and numbers would pop up. You would then have to type in that exact same sequence of letters and numbers to successfully log in.

 

 

 

The sequence itself is completely random image each time, so even if someone did get use a keylogger to find out that you typed in (example) "3984hhA" to log in, by the time then went to log into your account, they would get a different image and required sequence.

 

 

 

 

Yeah, but that wouldn't stop anyone. They would just type in the random phrase given to them. This would only stop password crackers which the login pin would stop anyways.

 

 

 

:wall:

 

 

 

Haha, I feel like a dork know. I don't know why I figured it would solve anything XD. May have had something to do with the fact that I posted that about 10 minutes after I woke up ^____^

 

 

 

My bad!

glut.gif
2tchvHp.png

Link to comment
Share on other sites
Crimsoncow42

Crimsoncow42

Posted
  • Author
Posted
Maybe Jagex could impliment some sort of CAPCHA system.

 

 

 

After you enter your Username and Password, a page displaying a random series of letters and numbers would pop up. You would then have to type in that exact same sequence of letters and numbers to successfully log in.

 

 

 

The sequence itself is completely random image each time, so even if someone did get use a keylogger to find out that you typed in (example) "3984hhA" to log in, by the time then went to log into your account, they would get a different image and required sequence.

 

 

 

 

Yeah, but that wouldn't stop anyone. They would just type in the random phrase given to them. This would only stop password crackers which the login pin would stop anyways.

 

 

 

:wall:

 

 

 

Haha, I feel like a dork know. I don't know why I figured it would solve anything XD. May have had something to do with the fact that I posted that about 10 minutes after I woke up ^____^

 

 

 

My bad!

 

 

 

That's alright, everyone does stuff like that. Thanks for your support.

 

 

 

\' <---Hooray for Santa Smileys!

f203f1850c.png
Link to comment
Share on other sites
  • 2 weeks later...
Crimsoncow42

Crimsoncow42

Posted
  • Author
Posted
I thought that RS could disable taking screenshots while logging in and entering the PIN, but then I realized that it probably isn't possible... And there are many other ways to do that...

 

 

 

Yeah, I don't think Runescape could do that. The screenshots come from the computer itself.

f203f1850c.png
Link to comment
Share on other sites
  • 2 weeks later...
Crimsoncow42

Crimsoncow42

Posted
  • Author
Posted
Omg... O.o didn't know of this thread :P

 

http://[Please use quickfind code].com/c=nRshSc0csPk/[Please use quickfind code]?83,84,762,58207681,goto,19

 

83-84-762-58207681

 

 

 

Support of course :P

 

 

 

I planned on getting membership and posting this. This thread has been going strong for almost 2 years. However, I hope your thread succeeds in getting Jagex's attention. Credit isn't necessary, but it would be nice. Achieving the Login Pin and Screenshot Logger Protection is reward enough for me. Maybe it's already part of their "update Runescape" plan. ::'

 

 

 

And good luck with those nooblets on RSOF. :thumbsup:

f203f1850c.png
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept