Official Everybody Edits Forums

Do you think I could just leave this part blank and it'd be okay? We're just going to replace the whole thing with a header image anyway, right?

You are not logged in.

#1 2019-03-18 21:44:21, last edited by Luka504 (2019-03-18 22:04:18)

Luka504
Member
From: Serbia,probs never heard of it
Joined: 2015-02-19
Posts: 2,934

11/10 game security.

Fr though someone hacked Xeno's account, went into CTM 2, gave people edit and then gave them admin too.
Oh, he disabled the game as well.
EE is an absolute **** mess right now, and from the looks of it, the staff can't do ****.


How long will it take me to get banned again?
Place your bets right here.

Offline

Wooted by: (5)

#2 2019-03-18 21:47:28

Vitalijus
Member
From: Lithuania
Joined: 2015-02-15
Posts: 1,384
Website

Re: 11/10 game security.

I think that it's someone from the staff who disabled the game. For real though why is this game being targeted so much in the past days, **** bots, lobby spams, crashes, game being hacked, the shooter vid bots, I've seen this all coming from a mile away, this is what I meant that this game had bad security and I wanted my account to be gone few months ago


wn7I7Oa.png

Offline

Wooted by:

#3 2019-03-18 21:56:49

Joeyc
Guest

Re: 11/10 game security.

Sqwairle wrote:
Luka504 wrote:

Fr though someone hacked Xeno, went into CTM 2, gave people edit and then gave them admin too.
Oh, he disabled the game as well.
EE is an absolute **** mess right now, and from the looks of it, the staff can't do ****.

Hey, firstable it's unreadable and secondly you are totally making this up.. Everything is working fine for me, and maybe what, i'm the one who's currently hacking the game with my lizard squad members.







Subscribe to Pewdiepie.

also check out my patreon

#4 2019-03-18 22:01:06, last edited by Alesmile (2019-03-18 22:02:43)

Alesmile
Member
From: hell
Joined: 2015-04-23
Posts: 71

Re: 11/10 game security.

CONTENT WARNING

Offline

#5 2019-03-18 22:10:32

Yu
Guest

Re: 11/10 game security.

Honestly i can't tell if xeno is having a mental breakdown at this point or the game's getting hacked. Either way, same thing

Wooted by: (3)

#6 2019-03-18 22:15:54

Zumza
Member
From: root
Joined: 2015-02-17
Posts: 4,656

Re: 11/10 game security.

This is the second day we have seen this exploit.
Patently the attacker is able to edit the database, although I have not seen any official saying on that.

Apart from the the funny-show of impersonations and username color gimmicks, this exploit allows the attacker to discretionally delete anyones account.
Also the EE Staff proved that they do not have any kind of backup of this data. Luckily some community members do have backups, at least for the worlds.

Btw. I want to thank the attacker for providing us with our monthly-dose of drama, without actual intention of destroying EE definitively.

Also, I have 4 simple questions:
1. What will guarantee that the exploit will be fixed, in the case the attacker decides to end the show and keep the exploit for, later, "better times"?
2. What measures were there taken to prevent the exploit that also happened yesterday, today?
3. On what evidence was it established this is not Cercul1's fault, as officially announced by Zoey in EE Community Discord?
4. Has the attacker tried contacting any of the staff members?


Everybody edits, but some edit more than others

Offline

#7 2019-03-18 22:34:35, last edited by LukeM (2019-03-18 22:53:06)

LukeM
Member
From: England
Joined: 2016-06-03
Posts: 3,009
Website

Re: 11/10 game security.

Zumza wrote:

This is the second day we have seen this exploit.
Patently the attacker is able to edit the database, although I have not seen any official saying on that.

Apart from the the funny-show of impersonations and username color gimmicks, this exploit allows the attacker to discretionally delete anyones account.
Also the EE Staff proved that they do not have any kind of backup of this data. Luckily some community members do have backups, at least for the worlds.

We occasionally manually make full database 'backups' (in the form of GDPR 'export your data' requests), we just don't have (and have no way of making) an automated system, and PlayerIO makes it difficult to use those 'backups' for anything //forums.everybodyedits.com/img/smilies/tongue

Zumza wrote:

Btw. I want to thank the attacker for providing us with our monthly-dose of drama, without actual intention of destroying EE definitively.

Also, I have 4 simple questions:
1. What will guarantee that the exploit will be fixed, in the case the attacker decides to end the show and keep the exploit for, later, "better times"?
2. What measures were there taken to prevent the exploit that also happened yesterday, today?
3. On what evidence was it established this is not Cercul1's fault, as officially announced by Zoey in EE Community Discord?
4. Has the attacker tried contacting any of the staff members?

As for 1 and 2, we're doing all we can, but annoyingly, thats not all that much... PlayerIO's security is terrible, and contacting them to address the issues is next to impossible (to the extent that several times they've just ignored us).
We don't really have the ability to do a full audit because of the limited access (and limited contact with PIO) we have, so we just have to change something that we think should work, and hope it does... (the evidence for it working being that the attacks stop at the same time as we make the change) //forums.everybodyedits.com/img/smilies/tongue

Its not great, but at this point its all we can do until we get full control of our servers for EEU (which as you can probably tell, we're all really looking forward to XD).

3. I guess we just don't really have a reason to suspect that it would be him, the attacks Atilla performed a few months ago and the way these attacks were carried out all just don't point to it being someone on the staff team.

4. Nope //forums.everybodyedits.com/img/smilies/tongue

Offline

#8 2019-03-18 23:16:57

Zumza
Member
From: root
Joined: 2015-02-17
Posts: 4,656

Re: 11/10 game security.

So the blame is majorly because of PlayerIO?
What kind of changes are you making that only temporally limits the attacker? Has this change been reverted, recently?
Are this true fix-changes or just gambling changes?

Let's say next time, the attacker just decides to end the show, and use their exploit to it's true potential. What would you do if the attacker decides to wipe the database?


Everybody edits, but some edit more than others

Offline

#9 2019-03-18 23:30:31, last edited by LukeM (2019-03-18 23:30:41)

LukeM
Member
From: England
Joined: 2016-06-03
Posts: 3,009
Website

Re: 11/10 game security.

Zumza wrote:

So the blame is majorly because of PlayerIO?
What kind of changes are you making that only temporally limits the attacker? Has this change been reverted, recently?
Are this true fix-changes or just gambling changes?

Let's say next time, the attacker just decides to end the show, and use their exploit to it's true potential. What would you do if the attacker decides to wipe the database?

With this exploit, the solutions either work or they don't, I guess yesterday they just got bored and stopped.
Every change we've made has been something that realistically could work, depending on how the hacker has access. I guess the good news is that each time it doesn't work we've learned more about how they're doing it, so now we have a pretty good idea of whats happening.

As for the backups, its really annoying to automate the reuploading of the database, but luckily once we've done it once it would just a matter of leaving it running for probably a few days, so although its a huge amount of work to restore a single account (which is what we had to do with Xeno's account after the Atilla attack) its not too much more difficult to restore a million accounts.

Offline

#10 2019-03-19 00:12:49

Lictor666
Guest

Re: 11/10 game security.

funny for these patreon supporters ^^

Wooted by: (3)

#11 2019-03-19 06:56:04

Anatoly
Guest

Re: 11/10 game security.

Images of funny chats

Anatoly1552974964742914

Board footer

Powered by FluxBB

[ Started around 1732225462.6662 - Generated in 0.209 seconds, 10 queries executed - Memory usage: 1.56 MiB (Peak: 1.73 MiB) ]