Skilly Realms v2 Source Warning

[Riigged]

Anyone registering on a server using SR2 Source, don't use real email/password that you use on other stuff such as prod, because Skilly made it so passwords show like "riigged" instead of like "Q897PB349H8WG98W9W8V4G89VV8" (hashed) so I think the thread where he links his source should be deleted, forcing Skilly to edit it back to show as hashed passwords or else he shouldn't be able to keep the thread linking his source on MPGH since the nubs who do happen to use their real email/password will get hacked and complain about it to staff on MPGH since they approved the source+server they registered on.

[DimitriSavage]

Remove it till further notice....

GOD FUCKING DAMMIT I just linked like 10 people to skilly fucking shit

[Riigged]

If a minion wants, I can show them how to make passwords show hashed again, and they can do it themselves and reupload the source themselves.

[sgrawsreghawrhgwrhgr]

this is cute, there is a warning thread about not registering on pservers with prod info, so if you do get hacked, its only your fault, the reason I removed the Sha1 from it is I can help people with lost passwords easier.

[Riigged]

this is cute, there is a warning thread about not registering on pservers with prod info, so if you do get hacked, its only your fault, the reason I removed the Sha1 from it is I can help people with lost passwords easier.

I'm not implying you did it purposely so people can hack others, just saying that's what most people will notice it can be used for.

[sgrawsreghawrhgwrhgr]

If a minion wants, I can show them how to make passwords show hashed again, and they can do it themselves and reupload the source themselves.

fuck do you mean, the source is on my ******, its not uploaded on mpgh

- - - Updated - - -

I'm not implying you did it purposely so people can hack others, just saying that's what most people will notice it can be used for.

and im implying the fact that it doesnt matter if the server uses SHA1 or not because its a matter of 6 clicks to decrypt it and 7 clicks to remove it

[Riigged]

fuck do you mean, the source is on my ******, its not uploaded on mpgh

- - - Updated - - -



and im implying the fact that it doesnt matter if the server uses SHA1 or not because its a matter of 6 clicks to decrypt it and 7 clicks to remove it

Well since you made passwords show like that, its a problem being released on MPGH via thread.. the thread can be removed, but obviously your ****** repo cant so all I am saying is that a minion should delete your thread and either you deal with it or you make passwords show how they are supposed to, hashed, and apply the change to your repo then make a new thread, or even make the change right now before the thread possibly gets deleted, then if you make the change, it 100% won't get deleted.

[Kithio]

It's really easy to add in the password encryption. If you're not smart enough to figure it out yourself. maybe you shouldn't be doing pserver shit in the first place?

And even if it is there. people can EASILY remove it again without any users seeing anything differently? so yeah... this is pointless

[sgrawsreghawrhgwrhgr]

Well since you made passwords show like that, its a problem being released on MPGH via thread.. the thread can be removed, but obviously your ****** repo cant so all I am saying is that a minion should delete your thread and either you deal with it or you make passwords show how they are supposed to, hashed, and apply the change to your repo then make a new thread, or even make the change right now before the thread possibly gets deleted, then if you make the change, it 100% won't get deleted.

what Kithio said^

in that case I would rather have the thread deleted because im not bothered to add them back in xD

[Riigged]

You guys are getting the wrong fucking point, I am saying that MOST PEOPLE WHO USE THE SOURCE AND RUN A SERVER DO NOT
1) Know how to remove the encryption
2) Add it back, after it is removed
AKA they will USE THE SOURCE, and WHEN PEOPLE REGISTER, they will TEST THEIR EMAIL AND PASSWORD USED FOR THE SERVER ON PROD and HACK THEIR ACCOUNTS.
So are the minions just gonna fucking let accounts get hacked? If so, I wouldn't mind tagging the Global Moderators and hearing what they have to say about it.
@ Kithio, nobody would WANT to re-add it I doubt even if they knew how, they would say "oh hey, passwords arent encrypted, I wonder if they used their prod details, haha lets test"


Im not going to publicly say how to re-add the encryption because then its self explanatory how to remove it as well for other sources people may want to use.

[bog624]

If a minion wants, I can show them how to make passwords show hashed again, and they can do it themselves and reupload the source themselves.

@Raple please pay attention

[Riigged]

@Raple please pay attention

Hes away for 2 weeks, and shank is busy with college, unfortunately the only active minions at the moment are the new ones.

[bog624]

Hes away for 2 weeks, and shank is busy with college, unfortunately the only active minions at the moment are the new ones.

fucking shit... T_T

[DimitriSavage]

It's really easy to add in the password encryption. If you're not smart enough to figure it out yourself. maybe you shouldn't be doing pserver shit in the first place?

And even if it is there. people can EASILY remove it again without any users seeing anything differently? so yeah... this is pointless

Yes, but at least it would provide a basic level of protection, it may the simplest thing to modify but without a clue you would't be interested or bothered in changing it...and due to possibly liability it would be in the best interest of the website and the original modifiers to change it back or place a warning describing the possible password stealing to remove any possible liabilities concerning the possible password stealing....

I would suggest you simply change it back, you say it is simple to change so it shouldn't be a problem or you can just add a simple warning to it.

@Luis @Joe @Nobody77 @YouAreTheLeecher @Raple @krazyshank

This is a major problem and actions should be taken if the website and the modifiers doesn't want to deal with users that fail to read the rules.

You must also remember that people outside MPGH can use your source at free will and may/will lead to a problem if this is abused.

This shouldn't have been removed in the first place it was placed there for the protection of the players, if the original creator added that he obviously knew what he was doing before had given the fact that he built it himself and thought about the player experience through the development time as an actual normal developer should.

[sgrawsreghawrhgwrhgr]

You guys are getting the wrong fucking point, I am saying that MOST PEOPLE WHO USE THE SOURCE AND RUN A SERVER DO NOT
1) Know how to remove the encryption
2) Add it back, after it is removed
AKA they will USE THE SOURCE, and WHEN PEOPLE REGISTER, they will TEST THEIR EMAIL AND PASSWORD USED FOR THE SERVER ON PROD and HACK THEIR ACCOUNTS.
So are the minions just gonna fucking let accounts get hacked? If so, I wouldn't mind tagging the Global Moderators and hearing what they have to say about it.
@ Kithio, nobody would WANT to re-add it I doubt even if they knew how, they would say "oh hey, passwords arent encrypted, I wonder if they used their prod details, haha lets test"


Im not going to publicly say how to re-add the encryption because then its self explanatory how to remove it as well for other sources people may want to use.

oh well, too bad :3