login secruity issue

Locked
User avatar
renegadze
Forum Elite
Posts: 1885
Joined: Sat Jun 03, 2006 12:42 am
ID: 0

login secruity issue

Not sure if it's a bug.....but definately a potential security problem.

I can login to quantum, save cookies, completely close down my browser, re-open browser, go to quantum and I am automatically logged in. I only have to relog if I wait more then 30 mins to re-open browser.

surely this would make breaches via script possible?
Spoiler
ImageImageImage
Image
Image
Image
Image
Top
Neimenljivi
Forum Zombie
Posts: 6140
Joined: Sat Jun 17, 2006 12:23 am
Alliance: Lone wolf
Race: Slovenian
ID: 82089
Location: Slovenia

Re: login secruity issue

Which browser do you use?
I use mozilla firefox and opera and neither allow me to stay logged in (even if I use both at the same time) after I close and reopen it.

~Jack
Image
Haz wrote:It took a bit of time, but the investigation has now been completed.
S1eepy will be banned for scripting, for the remainder of this era.
Name: S1eepy [ TheCheekyChickens ]
{Banned}
2012 Awards awarded to me:
Spoiler
Image
Image
Top
User avatar
[BoT] Jason
Forum History
Posts: 10120
Joined: Mon Sep 29, 2008 12:37 am
Alliance: TA
Race: DIEDAYDIEDAY
ID: 13003152
Alternate name(s): Pimp,Slenderman
Location: Right behind you

Re: login secruity issue

Can only be exploited by those living with you as a script gets kicked after 3 hours?
Pimping

Feb 06, 06:16 Field Marshall Attack defended 15 88,977,968 0 x,x62,635,278,400 900,114 details

| | Hero of the Year | |

Winner: BMMJ13
Top
User avatar
renegadze
Forum Elite
Posts: 1885
Joined: Sat Jun 03, 2006 12:42 am
ID: 0

Re: login secruity issue

Jason... wrote:Can only be exploited by those living with you as a script gets kicked after 3 hours?


and what stops someone logging in every 3 hours to reset the script?

@ Jack - I use Mozilla Firefox, and I just tested again, and can confirm I can still remain logged in after closing the window down.

Also I can also open multiple instances of Quantum without having to re-login. Now I don't mean I can right click and "open in new window". But if say I login to quantum, then open a blank tab, I can go direct to a quantum page from that blank tab without relogging.....(I could be wrogn but don't believe main allows this).
Spoiler
ImageImageImage
Image
Image
Image
Image
Top
Neimenljivi
Forum Zombie
Posts: 6140
Joined: Sat Jun 17, 2006 12:23 am
Alliance: Lone wolf
Race: Slovenian
ID: 82089
Location: Slovenia

Re: login secruity issue

It might be your browser settings then as if I remember correctly from comps in school, it doesn't work there either ;) Try choosing your cookies to be deleted every time you shut down the browser.

~Jack
Image
Haz wrote:It took a bit of time, but the investigation has now been completed.
S1eepy will be banned for scripting, for the remainder of this era.
Name: S1eepy [ TheCheekyChickens ]
{Banned}
2012 Awards awarded to me:
Spoiler
Image
Image
Top
User avatar
[BoT] Jason
Forum History
Posts: 10120
Joined: Mon Sep 29, 2008 12:37 am
Alliance: TA
Race: DIEDAYDIEDAY
ID: 13003152
Alternate name(s): Pimp,Slenderman
Location: Right behind you

Re: login secruity issue

You can only loggin on multiple accounts with different browsers?

And Logging in three hours with a bank script is highly unprofitable in Q as your chances of neg naq are so high.
Pimping

Feb 06, 06:16 Field Marshall Attack defended 15 88,977,968 0 x,x62,635,278,400 900,114 details

| | Hero of the Year | |

Winner: BMMJ13
Top
User avatar
renegadze
Forum Elite
Posts: 1885
Joined: Sat Jun 03, 2006 12:42 am
ID: 0

Re: login secruity issue

Jason... wrote:You can only loggin on multiple accounts with different browsers?

And Logging in three hours with a bank script is highly unprofitable in Q as your chances of neg naq are so high.


Well I'm not saying anyone is cheating....just that it is possible......and it is highly profitable if you have a decent def, as a lot may not farm for 1 turns income
Spoiler
ImageImageImage
Image
Image
Image
Image
Top
Locked

Return to “For Admin -Bugs”