hunbunn
|
  |
| Joined: 28 Jul 2012 |
| Total Posts: 65 |
|
|
| 21 Nov 2012 08:28 PM |
Karma moment:
1. I can Email roblox, possibly get a rbth.
or
2. Sell it to ellernate/McNoobster.
:/ |
|
|
| Report Abuse |
|
|
Solotaire
|
  |
| Joined: 30 Jul 2009 |
| Total Posts: 30356 |
|
| |
|
|
| 21 Nov 2012 08:33 PM |
if you tell roblox sorcus will love you
trust me kk |
|
|
| Report Abuse |
|
|
hunbunn
|
  |
| Joined: 28 Jul 2012 |
| Total Posts: 65 |
|
|
| 21 Nov 2012 08:36 PM |
Sure hope I don't get banned from posting this, or I might be more inclined to talk to ell.
*cough* sorcus *cough* |
|
|
| Report Abuse |
|
|
Merely
|
  |
| Joined: 07 Dec 2010 |
| Total Posts: 17266 |
|
|
| 21 Nov 2012 08:52 PM |
| Talk to ostrichSized, he's the web team head at ROBLOX. He may set you up with real money if it's legit. |
|
|
| Report Abuse |
|
|
|
| 21 Nov 2012 08:58 PM |
wait what
since when did roblox start paying people to find exploits
le hacking time |
|
|
| Report Abuse |
|
|
Merely
|
  |
| Joined: 07 Dec 2010 |
| Total Posts: 17266 |
|
|
| 21 Nov 2012 09:04 PM |
| @Techboy Don't ask, it's at their discretion. |
|
|
| Report Abuse |
|
|
hunbunn
|
  |
| Joined: 28 Jul 2012 |
| Total Posts: 65 |
|
| |
|
|
| 21 Nov 2012 09:08 PM |
I wouldn't mind having the URL to the page where you found the vulnerability.
|
|
|
| Report Abuse |
|
|
Merely
|
  |
| Joined: 07 Dec 2010 |
| Total Posts: 17266 |
|
|
| 21 Nov 2012 09:10 PM |
If it gets leaked or spread around, the chances of you being rewarded for it go down to 0.
And I didn't get a message, did you mean you sent one to ostrichSized? |
|
|
| Report Abuse |
|
|
|
| 22 Nov 2012 11:02 AM |
<_< >_>
What's up guys? Just wanted to chime in real quick...
| 1. I can Email roblox, possibly get a rbth.
For security vulnerabilities, if it's highly legit, we may offer Boss White Hat - only 3 currently exist.
| since when did roblox start paying people to find exploits
If it's even more legit than that (think things impacting virtual economy or account safety). Well, I'll say it like this. We enjoy our weekends. If you save me or the other devs from spending a weekend or some frantic late nights at the office, we're likely to show our gratitude. |
|
|
| Report Abuse |
|
|
aboy5643
|
  |
| Joined: 08 Oct 2010 |
| Total Posts: 5458 |
|
|
| 22 Nov 2012 11:03 AM |
@ostrich
Time to start hacking your website I suppose... Money is good :D |
|
|
| Report Abuse |
|
|
|
| 22 Nov 2012 11:17 AM |
@ostrich
| "If it's even more legit than that (think things impacting virtual economy or account safety)."
Assuming someone is to find a vulnerability that allows you to do this, what will they exactly be looking at as a reward?
| "we're likely to show our gratitude."
That still leaves me questioning what the reward would be. :L |
|
|
| Report Abuse |
|
|
aboy5643
|
  |
| Joined: 08 Oct 2010 |
| Total Posts: 5458 |
|
|
| 22 Nov 2012 11:18 AM |
@DeformedFool
http://youtu.be/pRMbdU0u0PQ <----- something along these lines |
|
|
| Report Abuse |
|
|
|
| 22 Nov 2012 11:23 AM |
| That's a year's salary for me! Think of all the things I could buy with one dollar! |
|
|
| Report Abuse |
|
|
aboy5643
|
  |
| Joined: 08 Oct 2010 |
| Total Posts: 5458 |
|
|
| 22 Nov 2012 11:23 AM |
I know what you could buy:
ROBUXXXXXXX. Because, IT'S FREEEEEEEEEEEEEEEEEEE |
|
|
| Report Abuse |
|
|
|
| 22 Nov 2012 11:32 AM |
| Thanks for the splendid idea! What about builder's club? Is that too FREEEEEEEEEEEEEEEEEEE? |
|
|
| Report Abuse |
|
|
|
| 22 Nov 2012 02:51 PM |
| I reported an XSS to ROBLOX and they didn't even reply to say thanks or that they had fixed it. :C |
|
|
| Report Abuse |
|
|
|
| 22 Nov 2012 02:52 PM |
I vouch for Nerotic. He showed me this over teamviewer.
He has access to the databases, and had downloaded the member_log files.
That means he knows every pass and username.
[12:09:43 PM] nero: lol. I don't plan to actually do anything with this. pretty sure i'm gonna turn this in. |
|
|
| Report Abuse |
|
|
|
| 22 Nov 2012 02:53 PM |
| ^Bull. ROBLOX doesn't store passes in plain text, derp. |
|
|
| Report Abuse |
|
|
|
| 22 Nov 2012 02:53 PM |
| hunbunn is nero, fyi. Forgot to say that. |
|
|
| Report Abuse |
|
|
|
| 22 Nov 2012 02:54 PM |
@triston
rly? u srs?
I thought we'd all be smart enough to assume that it's all in md5. |
|
|
| Report Abuse |
|
|
Andy6399
|
  |
| Joined: 07 May 2010 |
| Total Posts: 1420 |
|
|
| 22 Nov 2012 02:55 PM |
| Time to dedicate myself to finding Roblox security deficiencies. |
|
|
| Report Abuse |
|
|
|
| 22 Nov 2012 02:55 PM |
md5 is a broken encryption
you might as well use plain text
-= I'm not paranoid. Why? Who's asking!? =- |
|
|
| Report Abuse |
|
|
|
| 22 Nov 2012 02:58 PM |
If that's the case then he doesn't have access to everyone's passes. (Not immediately, anyway.)
@Tech: I'm being pedantic here, but it's not an encryption algorithm. |
|
|
| Report Abuse |
|
|