|
| 28 May 2013 06:19 PM |
i(dot)imgur(dot)com/0gMAegp(dot)jpg
He also awarded me badges |
|
|
| Report Abuse |
|
|
cntkillme
|
  |
| Joined: 07 Apr 2008 |
| Total Posts: 44956 |
|
|
| 28 May 2013 06:21 PM |
| For one, this is like years ago, where the DLL exploit existed. |
|
|
| Report Abuse |
|
|
|
| 28 May 2013 06:23 PM |
@cntkillme Not done with DLL exploit. And that game was locked.. (only for friends) (modventure) |
|
|
| Report Abuse |
|
|
cntkillme
|
  |
| Joined: 07 Apr 2008 |
| Total Posts: 44956 |
|
|
| 28 May 2013 06:24 PM |
| How do you know? You were barly alive when the DLL was here (as in-in roblox) |
|
|
| Report Abuse |
|
|
|
| 28 May 2013 06:26 PM |
| When was that picture taken? For one, I'm not sure how he joined a friends-only game unless he added himself to your friends list without you noticing - the join.ashx simply returns nothing if you're not allowed to join, at least through all the 'normal' ways. As for badges, as is badges from the place you were in or any? |
|
|
| Report Abuse |
|
|
|
| 28 May 2013 06:27 PM |
@cntkillme I know, because I am dxdpr.
This is a new account because I got permabanned for spamming the scripters forum when I did not know scripting. |
|
|
| Report Abuse |
|
|
|
| 28 May 2013 06:27 PM |
@RenderSettings That was the modventure's team game, locked for the developers..
|
|
|
| Report Abuse |
|
|
booing
|
  |
| Joined: 04 May 2009 |
| Total Posts: 6594 |
|
| |
|
cntkillme
|
  |
| Joined: 07 Apr 2008 |
| Total Posts: 44956 |
|
|
| 28 May 2013 06:28 PM |
| Anyway, it was in the past, where SQL injection was not patched on ROBLOX. |
|
|
| Report Abuse |
|
|
|
| 28 May 2013 06:28 PM |
@cntkillme He didn't use SQL injection. |
|
|
| Report Abuse |
|
|
|
| 28 May 2013 06:30 PM |
| I believe he had some sort of key.. He also got to be a friend of the account ROBLOX. |
|
|
| Report Abuse |
|
|
|
| 28 May 2013 06:35 PM |
| Again I ask, when was this. There were several times when you could force users to become your friends, seeing how I also abused it and made myself and several other users - including, I think, popinman once, friends and awarded badges. If it was around ~7 months ago, then it was the bytecode exploit which was plenty of fun. If it was ~6 months ago, then it was the LoadLibrary exploit running on the server which also could have do it. |
|
|
| Report Abuse |
|
|
cntkillme
|
  |
| Joined: 07 Apr 2008 |
| Total Posts: 44956 |
|
|
| 28 May 2013 06:36 PM |
| adap, I never said he did, I said this was way in the past -.- |
|
|
| Report Abuse |
|
|
| |
|
|
| 28 May 2013 06:44 PM |
| So yea, that's not a big deal or even new news. Heck, back then they probably didn't even nuke join.ashx. |
|
|
| Report Abuse |
|
|
|
| 28 May 2013 06:46 PM |
| He could join any place, award any badge to anyone, do someone friend other without wanting.. not a big deal? He said it had to do with a key |
|
|
| Report Abuse |
|
|
cntkillme
|
  |
| Joined: 07 Apr 2008 |
| Total Posts: 44956 |
|
|
| 28 May 2013 06:46 PM |
| OMG Why do people even want to hack on roblox, it's just a sad excuse for being bullied in real life (NO WONDER) and rage quitting because people killed you in a game (possibly a afk guest?) |
|
|
| Report Abuse |
|
|
|
| 28 May 2013 06:49 PM |
He probably meant the serveraccesskey, which was able to be retrieved with the bytecode exploit - I actually still have one laying around, but they are useless since the request needs some server cookie I think.
And yea, it's not a big deal since 1)I could do it (probably) first 2)When it was leaked EVERYONE could do it |
|
|
| Report Abuse |
|
|
booing
|
  |
| Joined: 04 May 2009 |
| Total Posts: 6594 |
|
|
| 28 May 2013 06:52 PM |
@cnt I'm not bullied and I exploit just for fun. That's what everyone does - I'm assuming that's true about people way better at this than I am(Render, luc and probably popin, too...) |
|
|
| Report Abuse |
|
|
|
| 28 May 2013 06:52 PM |
@RenderSettings I remember the bytecode exploit, but not being able to retrive the key.
I remember it was a 3-6 letter / number key. (probably, was not so long) |
|
|
| Report Abuse |
|
|
|
| 28 May 2013 06:54 PM |
@cnt Umm, yea, that's a *little* bit personal attack-y and not a very nice thing to say - white hat hackers, for example, are paid by Google, Facebook, and several other very big companies to find and report exploits on their websites.
And no. The accesskey was like 12 characters long and could have pretty much any symbol. |
|
|
| Report Abuse |
|
|
|
| 28 May 2013 06:55 PM |
@RenderSettings Probably they updated it, it was not so secure |
|
|
| Report Abuse |
|
|