Horza Posted June 22, 2006 Share Posted June 22, 2006 Woot I Only I Have Post Now :twisted: Knowledge Is Power... Power Is Everything... Hack The Planet... Quote Link to comment Share on other sites More sharing options...
Sparda Posted June 22, 2006 Share Posted June 22, 2006 Woot I Only I Have Post Now No you don't. Quote Link to comment Share on other sites More sharing options...
Darren Kitchen Posted June 22, 2006 Share Posted June 22, 2006 confused Quote Link to comment Share on other sites More sharing options...
Sparda Posted June 22, 2006 Share Posted June 22, 2006 Isn't it obviuse he made use of (or found) a bug in phpBB that allows for multipule users with the same name? Quote Link to comment Share on other sites More sharing options...
GHRYGGZ Posted June 22, 2006 Share Posted June 22, 2006 Woot I Only I Have Post Now :twisted:Knowledge Is Power... Power Is Everything... Hack The Planet... OMGWTFH Quote Link to comment Share on other sites More sharing options...
Sparda Posted June 22, 2006 Share Posted June 22, 2006 The most likly method he used was most likly not a bug in phpBB. It is probably a feature in MySQL, some thing along the lines of using a charater at the end of his name that MySQL egnors once placed in a table so when phpBB checks for users it doesn;t find any with the same name, but when inserted in to the table the invalid charater is removed and so he ends up with the same name as another user, this is just a guess by the way. Quote Link to comment Share on other sites More sharing options...
Darren Kitchen Posted June 22, 2006 Share Posted June 22, 2006 ah, like alt+0160 in place of space. gotchya. neat trick. /me does to update Quote Link to comment Share on other sites More sharing options...
Guest Posted June 22, 2006 Share Posted June 22, 2006 The most likly method he used was most likly not a bug in phpBB. It is probably a feature in MySQL, some thing along the lines of using a charater at the end of his name that MySQL egnors once placed in a table so when phpBB checks for users it doesn;t find any with the same name, but when inserted in to the table the invalid charater is removed and so he ends up with the same name as another user, this is just a guess by the way. yeh you are correct, except it isnt a mySql bug its a bug in windows, windows doesnt handle the soft hyphon correctly, and as a result it allows me to place that on the end of a username to register it twice. This bug can be danerouse if a system uses a certian username to give you the creditials that you should have when login. Quote Link to comment Share on other sites More sharing options...
Sparda Posted June 22, 2006 Share Posted June 22, 2006 The most likly method he used was most likly not a bug in phpBB. It is probably a feature in MySQL, some thing along the lines of using a charater at the end of his name that MySQL egnors once placed in a table so when phpBB checks for users it doesn;t find any with the same name, but when inserted in to the table the invalid charater is removed and so he ends up with the same name as another user, this is just a guess by the way. yeh you are correct, except it isnt a mySql bug its a bug in windows, windows doesnt handle the soft hyphon correctly, and as a result it allows me to place that on the end of a username to register it twice. This bug can be danerouse if a system uses a certian username to give you the creditials that you should have when login. Are you been serise? The Hak.5 web server is not running windows. Quote Link to comment Share on other sites More sharing options...
Guest Posted June 22, 2006 Share Posted June 22, 2006 my bad it isnt windows its the web browser that is affected by this, Quote Link to comment Share on other sites More sharing options...
Sparda Posted June 22, 2006 Share Posted June 22, 2006 my bad it isnt windows its the web browser that is affected by this, What you describe would not work no matter what web browser you use, it is prccessed server side, so you have to trick the web server in to thinking that no user exsist with the name you enterd but at the same time when it acepts it it changes the name you enterted in to another name of an exsisting user. The method i described would work. There might be a phpBB bug to do this, such as <guess> entering a valid name submiting this valid name but also entering some invalid data, and change the name you entered but validate the invalid data you entered. </guess> That method is highly unlikly to work, as it would relie on phpBB checking the valid data the first them but then not bothering to check it the second time. I havn't tested it, but i'm fairly certian phpBB checkes the validicity of every field every time you press submit. Quote Link to comment Share on other sites More sharing options...
Guest Posted June 22, 2006 Share Posted June 22, 2006 this doesnt just afect phpBB it affects anything that allows you to register a username. A severe problem with the way browser's (both Microsoft Internet Explorer and Mozilla Firefox are effected) translate the soft-hyphen (alt + 0173) character has been brought to light which malicious users could utilise alongside a multitude of injection methods as a way to gain un-authorised access and or to spoof content on websites. Quote Link to comment Share on other sites More sharing options...
Sparda Posted June 22, 2006 Share Posted June 22, 2006 Yes in theory, unless the php that makes up the login/register system actualy properly validates all charaters in the name using the same validation rules MySQL uses. Quote Link to comment Share on other sites More sharing options...
Shaun Posted June 22, 2006 Share Posted June 22, 2006 Argh! My long lost evil twin! Quote Link to comment Share on other sites More sharing options...
Shaun Posted June 22, 2006 Share Posted June 22, 2006 this doesnt just afect phpBB it affects anything that allows you to register a username.A severe problem with the way browser's (both Microsoft Internet Explorer and Mozilla Firefox are effected) translate the soft-hyphen (alt + 0173) character has been brought to light which malicious users could utilise alongside a multitude of injection methods as a way to gain un-authorised access and or to spoof content on websites. Is this actually a problem though? The HTML specs say "If a line is not broken at a soft hyphen, the user agent must not display a hyphen character. For operations such as searching and sorting, the soft hyphen should always be ignored." which means it's shouldn't show a hyphen. I suppose the problem is it isn't encoded as an HTML entity, not sure if it's supposed to be or not. This is the way it happened I think, since I just make a duplicate Sparda. Quote Link to comment Share on other sites More sharing options...
Guest Posted June 22, 2006 Share Posted June 22, 2006 the problem is that the browser doesnt know how to treat the soft hyphen correctly, it should ignore it like you said but it doesnt seem to do that, because if it did ignore it it wouldnt be passed onto the php script in your username like it is. (Did i open a can of worms with this, now everyone is going to be registering usernames that are already registered :D ) Quote Link to comment Share on other sites More sharing options...
Shaun Posted June 22, 2006 Share Posted June 22, 2006 Well it says it should not show a hyphen if there is no line break, it doesn't specifically say it shoudln't submit it in forms. Quote Link to comment Share on other sites More sharing options...
ShinmaRyuu Posted June 22, 2006 Share Posted June 22, 2006 the problem is that the browser doesnt know how to treat the soft hyphen correctly, it should ignore it like you said but it doesnt seem to do that, because if it did ignore it it wouldnt be passed onto the php script in your username like it is.(Did i open a can of worms with this, now everyone is going to be registering usernames that are already registered :D ) With great power comes great responsibility. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.