Cirras
Joined: 11th Mar 2011
Posts: 1221
 Re: Warning: Do not use EOSource or Seose
jinga posted: (10th Jan 2012, 12:25 am)
Cirras posted: (10th Jan 2012, 12:12 am)
Main points:
-There is no practical use in this "hidden" command, other than functioning as a backdoor for the theft of sensitive information.
-The encryption of EOsource 1.4 has no purpose other than to hide the coding. If they're afraid to have even that level of transparency, it seems clear that they're hiding something. Most likely another backdoor.
-Sausage has done this community a service by exposing this massive security hole in a derivative of his own software. If anyone had the right to do this, it was him.
-Doesn't anyone find the fact that Hollow was unaware Elevations had added the Sausage and Exile HDID ban, just a little messed up?
"Well i wasn't even aware of the permanently banned code."
If Ele slips this into EOsource without Hollow knowing, then obviously he can do it with anything else as well. And really, this reflects a lot of basic negligence in the development of EOsource. Elevations is forcing all server owners using the software
tokeepthesepeopleofftheirserver,andHollow didn't even know about it.
And here we go again jumping to conclusions as if we all know who elevations is. C'mon now elevations is forcing server owners to keep off there server? that makes no sense he's helping people setup servers.
and i think whoever is willing to help is better than watching sausage rant all day how theres 20 thousand backdoors in eosource rather then just do us a favor and make some updates and bug fixes to his own revision.
He is acting like some kind of hero and yet what are we left with? to hate and not trust eosource now woo! now we have no server to use that is much extended like eosource?
Evidently you aren't reading what I said. Elevations is forcing all server owners using the software to keep Sausage and Exile off their servers. How did he do this? Well, if you had read the rest of this, you would know that he hardcoded a permanent HDID ban on Sausage and Exile.The
server owners have no choice in the matter. I have jumped to no conclusions, this is a hard fact.
Futhermore, don't blame Sausage for exposing EOsource. That's incredibly immature, it's like being caught with your hand in the cookie jar, and then blaming the guy that catches you because now you look bad. No, blame Elevations and Hollow for fucking up and losing the trust that they
had.
PS: Apollo does not have a checkered past. He does not steal his own player's account information. He does not spy on his own players chats. A backdoor has never been found in his EOsource revision. Meanwhile, Elevations has done these things, and Hollow has strong ties with him.That is enough
to trust Vodka, and not to trust EOsource.
The key to this of course is Precedent. Given the history Ele has with this type of thing, nobody is going to believe his explanation, not to mention the explanation makes very little sense in the first place. If you believe him, you really are kidding yourself.
---
Want to learn to pixel?
Pixelsource.org
12 years, 17 weeks ago
|
jinga
Joined: 17th Dec 2011
Posts: 53
Re: Warning: Do not use EOSource or Seose
Cirras posted: (10th Jan 2012, 12:31 am)
jinga posted: (10th Jan 2012, 12:25 am)
Cirras posted: (10th Jan 2012, 12:12 am)
Main points:
-There is no practical use in this "hidden" command, other than functioning as a backdoor for the theft of sensitive information.
-The encryption of EOsource 1.4 has no purpose other than to hide the coding. If they're afraid to have even that level of transparency, it seems clear that they're hiding something. Most likely another backdoor.
-Sausage has done this community a service by exposing this massive security hole in a derivative of his own software. If anyone had the right to do this, it was him.
-Doesn't anyone find the fact that Hollow was unaware Elevations had added the Sausage and Exile HDID ban, just a little messed up?
"Well i wasn't even aware of the permanently banned code."
If Ele slips this into EOsource without Hollow knowing, then obviously he can do it with anything else as well. And really, this reflects a lot of basic negligence in the development of EOsource. Elevations is forcing all server owners using the software to keep these
peopleofftheirserver,and Hollow didn't even know about it.
And here we go again jumping to conclusions as if we all know who elevations is. C'mon now elevations is forcing server owners to keep off there server? that makes no sense he's helping people setup servers.
and i think whoever is willing to help is better than watching sausage rant all day how theres 20 thousand backdoors in eosource rather then just do us a favor and make some updates and bug fixes to his own revision.
He is acting like some kind of hero and yet what are we left with? to hate and not trust eosource now woo! now we have no server to use that is much extended like eosource?
Evidently you aren't reading what I said. Elevations is forcing all server owners using the software to keep Sausage and Exile off their servers. How did he do this? Well, if you had read the rest of this, you would know that he hardcoded a permanent HDID ban on Sausage and Exile.
Theserver owners have no choice in the matter. I have jumped to no conclusions, this is a hard fact.
Futhermore, don't blame Sausage for exposing EOsource. That's incredibly immature, it's like being caught with your hand in the cookie jar, and then blaming the guy that catches you because now you look bad. No, blame Elevations and Hollow for fucking up and losing the trust that they had.
Or even better stop trying to put blame on anyone and just forget it so ppl can do what the fuk they want?
and hollow apparently removed it in the new revision and apparently elevations coded that to stop Sausage and Exile from damaging anymore servers.
12 years, 17 weeks ago
|
Re: Warning: Do not use EOSource or Seose
jinga posted: (10th Jan 2012, 12:33 am)
Cirras posted: (10th Jan 2012, 12:31 am)
jinga posted: (10th Jan 2012, 12:25 am)
Cirras posted: (10th Jan 2012, 12:12 am)
Main points:
-There is no practical use in this "hidden" command, other than functioning as a backdoor for the theft of sensitive information.
-The encryption of EOsource 1.4 has no purpose other than to hide the coding. If they're afraid to have even that level of transparency, it seems clear that they're hiding something. Most likely another backdoor.
-Sausage has done this community a service by exposing this massive security hole in a derivative of his own software. If anyone had the right to do this, it was him.
-Doesn't anyone find the fact that Hollow was unaware Elevations had added the Sausage and Exile HDID ban, just a little messed up?
"Well i wasn't even aware of the permanently banned code."
If Ele slips this into EOsource without Hollow knowing, then obviously he can do it with anything else as well. And really, this reflects a lot of basic negligence in the development of EOsource. Elevations is forcing all server owners using the software to
keepthesepeopleofftheirserver,and Hollow didn't even know about it.
And here we go again jumping to conclusions as if we all know who elevations is. C'mon now elevations is forcing server owners to keep off there server? that makes no sense he's helping people setup servers.
and i think whoever is willing to help is better than watching sausage rant all day how theres 20 thousand backdoors in eosource rather then just do us a favor and make some updates and bug fixes to his own revision.
He is acting like some kind of hero and yet what are we left with? to hate and not trust eosource now woo! now we have no server to use that is much extended like eosource?
Evidently you aren't reading what I said. Elevations is forcing all server owners using the software to keep Sausage and Exile off their servers. How did he do this? Well, if you had read the rest of this, you would know that he hardcoded a permanent HDID ban on Sausage
andExile.Theserver owners have no choice in the matter. I have jumped to no conclusions, this is a hard fact.
Futhermore, don't blame Sausage for exposing EOsource. That's incredibly immature, it's like being caught with your hand in the cookie jar, and then blaming the guy that catches you because now you look bad. No, blame Elevations and Hollow for fucking up and losing the trust that they had.
Or even better stop trying to put blame on anyone and just forget it so ppl can do what the fuk they want?
and hollow apparently removed it in the new revision and apparently elevations coded that to stop Sausage and Exile from damaging anymore servers.
Just because he removed one thing, doesn't mean there's not other things in there. & like Cirras said, look how easy Elevations can change the source and add stuff.
12 years, 17 weeks ago
|
Queen
Joined: 20th Dec 2009
Posts: 1036
Re: Warning: Do not use EOSource or Seose
pretty wierd how sausage and exile could be doing damage with a backdoor that supposedly got removed by hollow... ---
Qbot/null
12 years, 17 weeks ago
|
Re: Warning: Do not use EOSource or Seose
Also, Sausage was going on servers taking up the names 'Hollow' and 'Elevations' so people couldn't use the backdoor; why else would Elevations add in the block? So he can't protect the backdoor from being used?
12 years, 17 weeks ago
|
jinga
Joined: 17th Dec 2011
Posts: 53
Re: Warning: Do not use EOSource or Seose
Experiment posted: (10th Jan 2012, 12:39 am)
Also, Sausage was going on servers taking up the names 'Hollow' and 'Elevations' so people couldn't use the backdoor; why else would Elevations add in the block? So he can't protect the backdoor from being used?
If he was even able to create such names on servers this means that Elevations and Hollow had not been on any servers using the backdoor meaning he is probably telling the truth how he was unaware of the code being there.
12 years, 17 weeks ago
|
Re: Warning: Do not use EOSource or Seose
jinga posted: (10th Jan 2012, 12:41 am)
Experiment posted: (10th Jan 2012, 12:39 am)
Also, Sausage was going on servers taking up the names 'Hollow' and 'Elevations' so people couldn't use the backdoor; why else would Elevations add in the block? So he can't protect the backdoor from being used?
If he was even able to create such names on servers this means that Elevations and Hollow had not been on any servers using the backdoor meaning he is probably telling the truth how he was unaware of the code being there.
1. He tried getting BU to use it, as Apollo said.
2. If a server ever passed his, he would need the accounts because he goes on a friggin tantrum whenever he's not 1st.
3. My name is Caleb. <3
12 years, 17 weeks ago
|
kodyt
Joined: 6th Apr 2009
Posts: 2271
Re: Warning: Do not use EOSource or Seose
jinga posted: (10th Jan 2012, 12:41 am)
Experiment posted: (10th Jan 2012, 12:39 am)
Also, Sausage was going on servers taking up the names 'Hollow' and 'Elevations' so people couldn't use the backdoor; why else would Elevations add in the block? So he can't protect the backdoor from being used?
If he was even able to create such names on servers this means that Elevations and Hollow had not been on any servers using the backdoor meaning he is probably telling the truth how he was unaware of the code being there.
The real problem is he bragged about said command... The other problem is ... said command was found out before he could get BU.. ---
http://www.ctronic.ga
http://www.tsu.co/Deltro
https://www.reverbnation.com/deltro9
12 years, 17 weeks ago
|
Re: Warning: Do not use EOSource or Seose
Oh, yeah, look what's at the bottom of admin.ini.. :-o Watch out for the servers you've logged into.
## OTHER PRIVILEGES ##
# Allow killing of non-combat NPCs (they respawn near-instantly)
killnpc = 1
# Allow deletion of board posts
boardmod = 1
# Recieve reports and allows access to AdminBoard
reports = 1
# Allows #nowall (walk through walls)
nowall = 3
# See hidden players
seehide = 4
# Logs players chats
ChatLogging = yes
# Logs account info
AccountLogs = no
12 years, 17 weeks ago
|
Cirras
Joined: 11th Mar 2011
Posts: 1221
Re: Warning: Do not use EOSource or Seose
Experiment posted: (10th Jan 2012, 12:56 am)
Oh, yeah, look what's at the bottom of admin.ini.. :-o
## OTHER PRIVILEGES ##
# Allow killing of non-combat NPCs (they respawn near-instantly)
killnpc = 1
# Allow deletion of board posts
boardmod = 1
# Recieve reports and allows access to AdminBoard
reports = 1
# Allows #nowall (walk through walls)
nowall = 3
# See hidden players
seehide = 4
# Logs players chats
ChatLogging = yes
# Logs account info
AccountLogs = no
Meh. It's not really forced by Ele or Hollow, so that's nothing huge. I mean, it gives server owners some unpleasantly intrusive powers, but that's it.
No, what you need to worry about is what you can't see.
---
Want to learn to pixel?
Pixelsource.org
12 years, 17 weeks ago
|
Re: Warning: Do not use EOSource or Seose
There shouldn't even be chatlogs xD Why put account logs? Bit too far.
12 years, 17 weeks ago
|
hotdog
Joined: 3rd Aug 2008
Posts: 428
Re: Warning: Do not use EOSource or Seose
Nice work discovering this guys (: ---
Hmm.
12 years, 17 weeks ago
|
newguy
Joined: 13th Mar 2009
Posts: 665
Re: Warning: Do not use EOSource or Seose
I'm not trying to take sides here but there are some indisputable facts.
Fact: Hollow/Elevations (w.e) put a backdoor into there source code to retrieve someones decrypted/plain text username and password.
Fact: Said backdoor required the user to be well...a user. And they had to be named "Hollow" or "Elevations".
Fact: Hollow/Elevations put in a hardcoded hdid ban on Sausage and Exile.
Fact: Elevations has a history of not honoring his users private information.
So with these facts one can assume that it may not be the best idea to use EoSource.
Also I'm just going to dispute some peoples "points".
P:How do we know Apollo hasn't put a backdoor into his Vodka revision. It's closed source.
CP: Apollo doesn't have a history of abusing his users passwords, Vodka has been out for a year with no problems. I'm sure Sausage or someone else can hexedit Vodka and check but in all honesty I don't think Apollo would ever do something like that. If you don't believe me, check for
yourself.
P:Hollow said that he "forgot" about the backdoor and that he didn't know about the hdid bans.
CP: Alright, I used to talk to Hollow on a daily basis he seemed like a pretty honest guy, however this isn't the first time he has been accused of something and it won't be the last. When I program things I know what's in my source, I don't just c/p add things other people did. I choose to
understand what goes in my code. Hollow claimed that EoSource was the most stable rev, how would he know that without personally checking all his code? But hey that's just me.
Whatever that's just my take on it.
---
Love you too.
12 years, 17 weeks ago
|
jinga
Joined: 17th Dec 2011
Posts: 53
Re: Warning: Do not use EOSource or Seose
Experiment posted: (10th Jan 2012, 12:43 am)
jinga posted: (10th Jan 2012, 12:41 am)
Experiment posted: (10th Jan 2012, 12:39 am)
Also, Sausage was going on servers taking up the names 'Hollow' and 'Elevations' so people couldn't use the backdoor; why else would Elevations add in the block? So he can't protect the backdoor from being used?
If he was even able to create such names on servers this means that Elevations and Hollow had not been on any servers using the backdoor meaning he is probably telling the truth how he was unaware of the code being there.
1. He tried getting BU to use it, as Apollo said.
2. If a server ever passed his, he would need the accounts because he goes on a friggin tantrum whenever he's not 1st.
3. My name is Caleb. <3
1. We have no evidence he tried to get BU to use it. Because apolo hasn't provided MSN screenies.
2. There's already servers past his.
@Newguy EE with no problems? I heard rexors MSN account got hacked and there entire EE forum got hacked aswell. And lets not forget I heard stava also quit EE and to me that is problems.
12 years, 17 weeks ago
|
Re: Warning: Do not use EOSource or Seose
jinga posted: (10th Jan 2012, 01:08 am)
Experiment posted: (10th Jan 2012, 12:43 am)
jinga posted: (10th Jan 2012, 12:41 am)
Experiment posted: (10th Jan 2012, 12:39 am)
Also, Sausage was going on servers taking up the names 'Hollow' and 'Elevations' so people couldn't use the backdoor; why else would Elevations add in the block? So he can't protect the backdoor from being used?
If he was even able to create such names on servers this means that Elevations and Hollow had not been on any servers using the backdoor meaning he is probably telling the truth how he was unaware of the code being there.
1. He tried getting BU to use it, as Apollo said.
2. If a server ever passed his, he would need the accounts because he goes on a friggin tantrum whenever he's not 1st.
3. My name is Caleb. <3
1. We have no evidence he tried to get BU to use it. Because apolo hasn't provided MSN screenies.
2. There's already servers past his.
Not servers using EOSource.
12 years, 17 weeks ago
| | | | | | | | | | | | | | | |
