Well I contacted BYOND the other day with regards to what I believed to be a dangerous file and abuse thereof. Their response was little more than a "brush off" without even taking the time to check the validity of my claim. That pissed me off. I even got a copy of the program to offer to them so that they could further protect themselves from any security loopholes they might have, and they told me: "It's impossible to 'hack' the DM file of a game. Period. More than likely, you've been sent a trojan or virus... We would advise that you scan the file and promptly delete it. Next time, be more skeptical of such claims"
Well ok, I've scanned the file and it's NOT a virus. And since BYOND is telling me to be skeptical of the claim that it is actually capable of exploiting games I'm going to go ahead and host the file on my little member space. After all, BYOND and my virus scanner just verified that it is completely harmless, and so it's perfectly allowed for me to host this file on my site. Btw BYOND, I'm keeping your little email, just in case for some IMPOSSIBLE reason the file IS an illegal file and you DO have users on BYOND abusing it. But since you have assured me that it's safe or at least not capable of harming any BYOND programs, I'm going to go ahead and put it up, and if anyone wants to test it they can just go ahead and do so.
Let's hope you're right, hey?
Oh and airport security was perfectly safe a few years back too. The Titanic was never going to sink. Bill Clinton did NOT have sexual affairs with that woman. Sheesh.
EDIT: Well there you have it... seems it's a hex editor which is capable of spoofing keys and IP addresses (amongst other things) within a game... though apparently mainly only works on host side. Since I now know this I'm taking the file down... on a side note I passworded the rar file so nobody could get in anyway (this was mainly to prove my point, I'm not spreading an exploit all over BYOND). Still, Nova recognised it and well, now we know. Thanks BYOND, I feel so much safer now that you're here. As an added note this only confirms that there WAS an abuse which led to a defamation of a player, though we caught it out and righted things before it got away.
I hope I've at least made a statement here... I was right and I got ignored, had I been of malicious intent I could have screwed BYOND over good. Listen to me next time.
ID:26945
 Feb 6 2007, 6:07 pm (Edited on Feb 6 2007, 6:54 pm)
|
|
|
Feb 6 2007, 6:09 pm
|
|
Squeegy
 |
Yes, I'm going to go and download that perfectly safe file which is surely not a trojan.
|
Strange. BYOND usually listens to complaints about security.
I like the flame background you have on this Comment box, looks... cool o_o | |
This was a moronic move on your part, I hope BYOND staff removes your membership and bans you.
| |
Brendan S wrote:
This was a moronic move on your part, I hope BYOND staff removes your membership and bans you. I'm sure they probably will, anything to avoid dealing with the REAL problem. Then again, if enough people get the file maybe they'll HAVE to do their job. | |
I'd have to say, that was a dumb move really :\
How'd you come across that file anyhoo? | |
Mechana2412 wrote:
I'd have to say, that was a dumb move really :\ YOU of all people should know the answer to that one | |
Mech sent it to you?
| |
Perpetr8r the Perpetu8r wrote:
Mechana2412 wrote: So you got it while messing around with the BYOND code trying to find a way to find out how Kitty was impersonated? | |
Squeegy wrote:
Mech sent it to you? Nah, look at my recent post. | |
you're an idiot. just because some random scanner doesn't pick it up doesn't mean it is perfectly safe. BYOND Staff, according to you, never said it was perfectly safe, only that, in your words, it was impossible to hack.
While I doubt its impossible, its highly improbable and its probably just a virus that just isn't being detected. Remove the file from your blog please, and stop being an idiot | |
Jeffrey S wrote:
you're an idiot. just because some random scanner doesn't pick it up doesn't mean it is perfectly safe. BYOND Staff, according to you, never said it was perfectly safe, only that, in your words, it was impossible to hack. He meant "Perfectly harmless" as sarcasm I believe. | |
Mechana2412 wrote:
Jeffrey S wrote: even so, he could be potentially be hosting a virus/trojan on his blog. | |
Jeffrey S wrote:
Mechana2412 wrote: Yep. Smart move Sirus, smart move.. | |
Jeffrey S wrote:
Mechana2412 wrote: I scanned it with Norton, Prevx and PC-Cillin. If it's a virus it's the best damn virus ever. Plus it's a little big to be a virus, they are typically small files. | |
Perpetr8r the Perpetu8r wrote:
Jeffrey S wrote: once again, i'm requesting you remove this POS post and file from your page. if BYOND doesn't want your help with some dangerous exploit in their system that maybe does exist, then that is there problem. pulling stupid BS like this is going to do nothing but cause trouble. i recommend you try a few more virus scanners like Trend Micro or some other free scanner before you dub it safe. | |
Jeffrey S wrote:
Perpetr8r the Perpetu8r wrote: Trend Micro's product is called PC-Cillin. And here, happy now? AntiVir Found nothing ArcaVir Found nothing Avast Found nothing AVG Antivirus Found nothing BitDefender Found nothing ClamAV Found nothing Dr.Web Found nothing F-Prot Antivirus Found nothing F-Secure Anti-Virus Found nothing Fortinet Found nothing Kaspersky Anti-Virus Found nothing NOD32 Found nothing Norman Virus Control Found nothing VirusBuster Found nothing VBA32 Found nothing | |
Meh... Well I scanned it for a virus.
AntiVir Found nothing ArcaVir Found nothing Avast Found nothing AVG Antivirus Found nothing BitDefender Found nothing ClamAV Found nothing Dr.Web Found nothing F-Prot Antivirus Found nothing F-Secure Anti-Virus Found nothing Fortinet Found nothing Kaspersky Anti-Virus Found nothing NOD32 Found nothing Norman Virus Control Found nothing VirusBuster Found nothing VBA32 Found nothing Also it does work but only host side. o.O It might work from a client side but the odds are rather low anyway... o.o | |
if BYOND doesn't want your help with some dangerous exploit in their system that maybe does exist, then that is there problem. pulling stupid BS like this is going to do nothing but cause trouble. | |
So Jeffrey, know your facts before you accuse anyone ok?
For all we know YOU could be the maker of this, thing. | |