that's what all the random threads are about

If you find the person that posted the very first one, and then see what thread they clicked on before it was posted, you can find who made the auto posting code.

There's only a handful of people that could do it though.

[Edited on July 28, 2007 at 12:43 AM. Reason : ]

7/28/2007 12:43:04 AM

Sorostitute

7/28/2007 12:45:58 AM

terminate him and everyone who uses the name

7/28/2007 12:48:20 AM

turn off javascript in your browser, or just set browser security settings to high.

7/28/2007 12:51:34 AM

im too drunk for this

someone eliminate that penis lover

7/28/2007 12:52:57 AM

message_topic.aspx?topic=297214&page=1685#10588921

lol

he still f-ed it up though. undefined wtf? if you're gonna start shit, better come right son.

[Edited on July 28, 2007 at 1:04 AM. Reason : kna mean]

7/28/2007 1:00:58 AM

yeah, if Jere doesn't get suspended for this too, I'll be upset. What's the point of suspending the account if the actual person responsible goes unpunished?

7/28/2007 1:12:11 AM

ZIP.

[Edited on July 28, 2007 at 1:27 AM. Reason : .]

7/28/2007 1:18:45 AM

wtf...el nacho is retarded...this is not jere doing this...

7/28/2007 1:20:56 AM

^^I'm not sure what point you're trying to make, but mine is pretty clear and it still stands.
^whatever.

7/28/2007 1:21:45 AM

wtf...u have no proof...how do you know its jere

7/28/2007 1:22:58 AM

ZIP!

[Edited on July 28, 2007 at 1:26 AM. Reason : .]

7/28/2007 1:24:05 AM

^what i dont get is that i made a feedback forum thread on terminating sorostitute and only sorostitue has posted in it...i think thats fucking sad...

7/28/2007 1:27:38 AM

livingproofruckenheadncsu46n2

7/28/2007 1:35:05 AM

.

7/28/2007 1:37:16 AM

I jsut got pwnt.

7/28/2007 5:04:32 AM

im guessing this doesnt affect safari

7/28/2007 5:11:17 AM

only premium users i think

7/28/2007 6:14:11 AM

whoever is behind this is gonna get our html privileges taken away

7/28/2007 8:09:57 AM

this is crazy

7/28/2007 9:47:22 AM

http://noscript.net/getit and add tww as a not trusted site

7/28/2007 10:52:19 AM

i don't see why they don't just go through and delete all those threads

7/28/2007 11:12:22 AM

http://home.nc.rr.com/jackleg/exploit.txt

2nd line there is decoded from base64

i know who this looks like the work of, and its about time you drop the IP ban hammer, and tag him with a tracking device to kill future IPs. i can help with that part.... i cant believe someone KEEPS beating tww with gay stuff like that, hahaha


and i dont know why i put tww back in my whitelist but it was. not anymore. i didnt realize the holes were still there

7/28/2007 12:06:17 PM

damnit, the second i turn java encr. back on for another site, i get owned

7/28/2007 1:41:55 PM

if you use firefox you should use one of the scriptless extensions. i think even ie7 offers plugins liek that too

its like an adblocker where you can ban certain sites, or allow them. that way you dont have to de-featureize (SQUIDBILLIES WOO) your browsing cause of one lamer faggot

7/28/2007 1:48:07 PM

jackleg, it got you in Classifieds

7/28/2007 3:04:00 PM

jeeze louise...someone's gone and done what nc state has dreamed hoped would happen to this site for 7 years

7/28/2007 3:07:36 PM

hahahahaha

7/28/2007 3:08:11 PM

They can never take our FREEDOM.

7/28/2007 4:33:24 PM

GIMME BACK MY SON

7/28/2007 4:36:11 PM

my wiener will go on

7/28/2007 4:46:23 PM

so what needs to be done if we were drunk and opened a shitload of those threads?

7/28/2007 7:08:43 PM

Quote :

"jackleg, it got you in Classifieds"

no shit, read my post.

and now i remember why i whitelisted the site back, i thought jake closed the hole up and i wanted to use the quoteclickys!!!1

[Edited on July 28, 2007 at 8:15 PM. Reason : ^nothing, the mods will erase them. youre not like infected or anything]

7/28/2007 8:14:31 PM

the first posting of that code was in EMCE's thread, "I still wear my hat askew", posted by Sorostitute.

7/29/2007 12:16:16 AM

This particular attack can be thwarted if TWW just stripped the post_topic.aspx text from all input forms.

7/29/2007 2:52:12 AM

yeah but then nobody would be able to make new threads

that's worse than taking away html

7/29/2007 11:02:58 AM

oh man, this is the funniest thing thats ever happened to tww.

7/29/2007 11:52:37 AM

it hasn't gotten me yet!



[Edited on July 29, 2007 at 12:33 PM. Reason : me ]

7/29/2007 12:33:28 PM

so do non-premies need worry about this?

7/29/2007 12:39:07 PM

where the heck is the admins, why isn't this taken care of? it's been days already

7/29/2007 1:57:21 PM

bahahaha, ridiculously funny

7/29/2007 5:54:46 PM

ok, so if I'm not mistaken, a large part of what sets it off is

Quote :

"< img src = " images/logo.gif" style="position: relative; left: -1500px;" onload="

couldn't J just rename "logo.gif" to "logo1.gif" for the time being?

7/29/2007 6:37:03 PM

Quote :

"oh man, this is the funniest thing thats ever happened to tww."

says the guy thats been here a year

7/29/2007 8:21:14 PM

haha

7/29/2007 8:28:46 PM

"luckily, the guy was hot as fuck!"

7/29/2007 9:21:00 PM

Quote :

"yeah but then nobody would be able to make new threads that's worse than taking away html "

Not if it only stripped it from user input forms. It would only defeat this one exploit though.

But, if premies can embed HTML in their status names (how does nerdchick make her timestamp blue?), all the premies could easily add another <div> which should register before the first post, and if they did this, it would mostly break the exploit, allowing people to use javascript and not worry about it. If this would work ( I can't test it not being premie), you could also maybe find a way to force this out if you can embed html in the chatterbox (forcibly change any premie's status text that is viewing chatterbox at that instant).

It would also be possible to write an anti-exploit exploit to delete the offending threads, but it would require admins/mods falling victim (since they only have delete privs).

7/29/2007 11:58:33 PM

Quote :

"its about time you drop the IP ban hammer, and tag him with a tracking device to kill future IPs. i can help with that part.... i cant believe someone KEEPS beating tww with gay stuff like that, hahaha"

yeah, i think the powers that be should enlist your help and do just that


and the mods are trying to keep it under control, but it propagates faster than we can kill it sometimes

plus my computer is fuckered up right now, so i have to use my roommates' most of the time

7/30/2007 1:09:06 AM

487632
487637
487638
487643
487645
487649
487652
487654
487655
487657
487660
487661
487668
487669
487673
487674
487677
487678
487679
487681
487685
487692
487696
487704
487706
487707
487710
487712
487713
487722
487730
487732
487744
487745
487746
487753
487754
487755
487756
487757
487758
487761
487762
487773
487774
487777
487782
487785
487791
487797
487801
487817
487824
487827
487837
487840
487848
487855
487861
487870
487872
487874
487880
487882
487889
487892
487895
487906
487907
487912
487917
487923
487926
487932
487959
487970
487980
488004
488013
488015
488018
488019
488032
488049
488050
488053
488055
488068
488079
488112
488115
488123
488126
488129
488137
488144
488146
488152
488180
488183
488184
488194
488210

FYI

7/30/2007 1:36:34 AM

^not trying to pick on you, just curious how long it took you to make that list

7/30/2007 1:45:03 AM

hold on a second, i'll tell ya.

[Edited on July 30, 2007 at 1:50 AM. Reason : 156 seconds]

although i guess i should be fair and include premium palace too right

487237
487241
487633
487641
487650
487651
487656
487691
487705
487743
487750
487763
487776
487779
487799
487811
487814
487820
487939
487950
487965
488020
488048
488051
488136
488141
488156
488170
488198


[Edited on July 30, 2007 at 2:00 AM. Reason : <3 premies]

7/30/2007 1:46:55 AM