Re: Quinn

From: Price Hall (phall@DUFUS.CC.WESTGA.EDU)
Date: 04/29/98

Next message: George: "Re: [OFFTOPIC] Harrassment"
Previous message: Angus Mezick: "Re: bitvector question"
Maybe in reply to: Ghost Shaidan: "Quinn"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Do you filter out ~ in player descs?
Unless you do, this can be used to hack ascii pfiles...

-maxx

On Tue, 28 Apr 1998, Ghost Shaidan wrote:

> I am not a frequent poster to the list, but I do follow it regularly, and
> this entire Quinn thing needs to stop.  If he did something bad and you
> feel the need to do something about it -- go for it.  It isn't (this post
> included) neccessary for everyone to read.
>
> Also, I don't think Quinn could have done all of these things attributed
> to him, I am almost sure of it, actually.
>
> I say this because a character named TerrorQuinn Logged on to my mud on
> saturday night, managed to get in and edit his pfile (under windows from
> the strange control characters involved) and set his level to 255 (our max
> is 211).
>
> He proceded to cause many problems for 20 or 30 minutes until an imp
> logged on (set to level one) saw what had happened and took action to
> shutdown the mud, edit the pfiles correctly etc etc.
>
> I have since put some code in to make sure this won't happen again,
> QS is hosted on mudservices, and they can't find any logs of illegal
> access, nor do I show anything in last of a bad FTP connection or
> anything.
>
> Noone I don't know in real life has access to our shell. The password is
> set to a random string, changed monthly, etc.
>
> Anyone have an idea of how this could happen?  We have ascii pfiles, and
> do bounds checking on everything the player has control over.  Only the
> name is above the level in the list of the writing to the file.
>
> The addy the address came in from was:
>
> 145.philadelphia-06.pa.dial-ac
> (that is all circle grabbed)
>
> ObCircle:
> Has anyone modified obuild to automatically set the experience of the mob
> being built based on the chosen stats?  Thinking of doing this to make
> sure that mobs of equal toughness are worth the same exp across the mud.
> Any thoughts?
>
> Ghost Shaidan
> Questionable Sanity
> qs.mudservices.com 4000
>
>
>      +------------------------------------------------------------+
>      | Ensure that you have read the CircleMUD Mailing List FAQ:  |
>      | http://democracy.queensu.ca/~fletcher/Circle/list-faq.html |
>      +------------------------------------------------------------+
>


     +------------------------------------------------------------+
     | Ensure that you have read the CircleMUD Mailing List FAQ:  |
     | http://democracy.queensu.ca/~fletcher/Circle/list-faq.html |
     +------------------------------------------------------------+

Next message: George: "Re: [OFFTOPIC] Harrassment"
Previous message: Angus Mezick: "Re: bitvector question"
Maybe in reply to: Ghost Shaidan: "Quinn"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : 12/15/00 PST