Sorry your browser is not supported!

You are using an outdated browser that does not support modern web technologies, in order to use this site please update to a new browser.

Browsers supported include Chrome, FireFox, Safari, Opera, Internet Explorer 10+ or Microsoft Edge.

AppGameKit/AppGameKit Studio Showcase / Need some people to test login system

Author
Message
Kobaltic
12
Years of Service
User Offline
Joined: 24th Jan 2012
Location: PA, USA
Posted: 6th Apr 2013 20:14
I created a basic log in system. Right now it just enters your information and sends back a message. There is no check so you can repeat many times. There is security installed though so if you hackers know what you are doing test it out.

Get the file. Enter your name or handle or whatever hit enter. Enter a password again use anything you like. Hit enter. click on the fireball image. You should get back a message that your information has been accepted. Feel free to try and break it and spam and crash the server and what not. The more feedback I get the better. Thanks.

http://www.kobaltic.com/agk/card%20game.7z
easter bunny
11
Years of Service
User Offline
Joined: 20th Nov 2012
Playing: Dota 2
Posted: 10th Apr 2013 11:56
I used a sniffer (WPE pro, the standard Network-game hacking software) on it, you might want to use some basic encryption on it, ie. include a checksum using a unique algorithm to make sure that the packet isn't modified. Like this> send packet= abc:cba:12 (user=abc password=cba checksum= [a=1]+[b=2]+[c=3]) don't use such a simple encryption algorithm as this, but you get the idea.
Also, I detected (using WPE Pro again) that the IP it sends the packet to is 209.54.62.175, I typed that into the URL bar and I comes up with Access Forbidden! but if I go to 209.54.62.175/agk/ it has the directory listing, very bad. Create a file (index.htm) in [serverfiles]/agk/ and put something like "AGK Content Place Holder" in it (the file)

Phaelax
DBPro Master
20
Years of Service
User Offline
Joined: 16th Apr 2003
Location: Metropia
Posted: 12th Apr 2013 18:34
Quote: " but if I go to 209.54.62.175/agk/ it has the directory listing"


uh oh! Like Jojo said, put a default file into every directory, or disable directory listing on the server. On my server, I just redirect to the homepage.

Is your login packet sent using ssl or anything?

"You're all wrong. You're all idiots." ~Fluffy Rabbit

Login to post a reply

Server time is: 2024-03-28 16:01:26
Your offset time is: 2024-03-28 16:01:26