Dear god above I hope this is a troll. The guy in the picture sure looks like one. HEY OH!
Edited by Slidell, 24 April 2010 - 01:10 PM.
Posted 24 April 2010 - 01:06 PM
Edited by Slidell, 24 April 2010 - 01:10 PM.
Posted 24 April 2010 - 01:13 PM
Posted 24 April 2010 - 04:47 PM
Posted 24 April 2010 - 05:24 PM
I...I think I just threw up.
Posted 24 April 2010 - 09:51 PM
I...I think I just threw up.
Posted 24 April 2010 - 10:46 PM
Posted 25 April 2010 - 03:52 AM
Edited by swampy666, 25 April 2010 - 03:52 AM.
Posted 25 April 2010 - 03:57 PM
Posted 25 April 2010 - 05:20 PM
I...I think I just threw up.
Posted 25 April 2010 - 08:44 PM
Posted 25 April 2010 - 08:50 PM
A mod or Admin. IS my IP in this post different form the one just above it? Trying to see something.
Posted 25 April 2010 - 09:17 PM
A mod or Admin. IS my IP in this post different form the one just above it? Trying to see something.
Posted 26 April 2010 - 01:00 AM
Yes it was.
Posted 26 April 2010 - 01:07 PM
Actually, I was looking for that info. If you look at the other IP, it's Slip. But Slip wasn't on my account...lol
It seems we discovered a flaw in IPB security. I sent him a link to this topic. It clicked on the topic, and he posted, but it posted under my account. It appears that if you let the authorization on the session time out, then send someone a link, it also gives them the authorization to your account. I only managed to replicate this twice. You'll know if it happens, as the link will look normal in the nav bar, and when you paste, but after it's sent it adds =?s(some random hash).
So basically, it authorized him as me...he posted as me, and it was my account that he was logged into. And yes, this has been brought up to Invision already.
So...I gave him access to my account simply by sending a link.