Zaruq
|
  |
| Joined: 24 Sep 2013 |
| Total Posts: 7627 |
|
|
| 21 Oct 2013 06:23 PM |
Do you know if it downloads?
This question/thread is relevant to fireboy902's thread. |
|
|
| Report Abuse |
|
|
Zaruq
|
  |
| Joined: 24 Sep 2013 |
| Total Posts: 7627 |
|
| |
|
NatAdd
|
  |
| Joined: 07 Jun 2010 |
| Total Posts: 7129 |
|
|
| 21 Oct 2013 06:25 PM |
Can be either.
Guy tried to KL me, it showed, just deleted him |
|
|
| Report Abuse |
|
|
Revising
|
  |
| Joined: 01 Oct 2012 |
| Total Posts: 353 |
|
|
| 21 Oct 2013 06:25 PM |
Let me handle this.
What the hell do you mean?
It isn't just a "link".
It's a file.
You usually have to run it to be infected though. |
|
|
| Report Abuse |
|
|
Zaraki
|
  |
| Joined: 15 Jun 2008 |
| Total Posts: 1909 |
|
| |
|
|
| 21 Oct 2013 06:26 PM |
it depends like usually in roblox's case people dont use automatic download links because it can get them into legal trouble but if you sign your info over to a website willingly they tend to get away with it |
|
|
| Report Abuse |
|
|
Revising
|
  |
| Joined: 01 Oct 2012 |
| Total Posts: 353 |
|
|
| 21 Oct 2013 06:27 PM |
master
you took univix down before i injected it with SQL
y |
|
|
| Report Abuse |
|
|
Zaruq
|
  |
| Joined: 24 Sep 2013 |
| Total Posts: 7627 |
|
| |
|
halo83
|
  |
| Joined: 13 Aug 2008 |
| Total Posts: 5101 |
|
|
| 21 Oct 2013 06:28 PM |
link 2 thread
unless it was deleted |
|
|
| Report Abuse |
|
|
Revising
|
  |
| Joined: 01 Oct 2012 |
| Total Posts: 353 |
|
|
| 21 Oct 2013 06:31 PM |
@halo http://www.roblox.com/Forum/ShowPost.aspx?PostID=116146755 |
|
|
| Report Abuse |
|
|
| |
|
|
| 21 Oct 2013 06:33 PM |
"master
you took univix down before i injected it with SQL
y"
there were only two places you could have exploited that and that was on forum signatures and profiles statuses which i patched |
|
|
| Report Abuse |
|
|
Revising
|
  |
| Joined: 01 Oct 2012 |
| Total Posts: 353 |
|
|
| 21 Oct 2013 06:34 PM |
*that you know of
i also was going to try some basic XSS
too lazy but yeah im 90% sure your site was vulnerable to that
not sure if it was to LFI or RFI
|
|
|
| Report Abuse |
|
|