I... Jus- There are no words. Just look.

**Slidell** · April 24, 2010

http://i984.photobucket.com/albums/ae329/SlidellofOlde/fail.jpg

Dear god above I hope this is a troll. The guy in the picture sure looks like one. HEY OH!

Edited April 24, 2010 by Slidell

**Lockon** · April 24, 2010

As long they are MOE MOE KYUN~~~~!!

**lostmodz26** · April 24, 2010

I...I think I just threw up.

**Quinn** · April 24, 2010

I...I think I just threw up.

**Azraelrs** · April 25, 2010

I...I think I just threw up.

**Azraelrs** · April 25, 2010

A mod or Admin. IS my IP in this post different form the one just above it? Trying to see something.

**swampy666** · April 25, 2010

hes gonna get a lot of asian sex Edited April 25, 2010 by swampy666

**jmdalmighty** · April 25, 2010

If he finds that chick I'm joining that site

**gruntmods** · April 25, 2010

I...I think I just threw up.

**Curtis** · April 26, 2010

Asian Sex for him

**iBotPeaches** · April 26, 2010

A mod or Admin. IS my IP in this post different form the one just above it? Trying to see something.

Yes it was.

**Quinn** · April 26, 2010

A mod or Admin. IS my IP in this post different form the one just above it? Trying to see something.

http://th09.deviantart.net/fs50/300W/f/2009/326/d/c/Dr__Hax_Poster_by_mangandalf.jpg

**Azraelrs** · April 26, 2010

Yes it was.

http://th09.deviantart.net/fs50/300W/f/2009/326/d/c/Dr__Hax_Poster_by_mangandalf.jpg

Actually, I was looking for that info. If you look at the other IP, it's Slip. But Slip wasn't on my account...lol

It seems we discovered a flaw in IPB security. I sent him a link to this topic. It clicked on the topic, and he posted, but it posted under my account. It appears that if you let the authorization on the session time out, then send someone a link, it also gives them the authorization to your account. I only managed to replicate this twice. You'll know if it happens, as the link will look normal in the nav bar, and when you paste, but after it's sent it adds =?s(some random hash).

So basically, it authorized him as me...he posted as me, and it was my account that he was logged into. And yes, this has been brought up to Invision already.

So...I gave him access to my account simply by sending a link.

**Quinn** · April 26, 2010

Actually, I was looking for that info. If you look at the other IP, it's Slip. But Slip wasn't on my account...lol

It seems we discovered a flaw in IPB security. I sent him a link to this topic. It clicked on the topic, and he posted, but it posted under my account. It appears that if you let the authorization on the session time out, then send someone a link, it also gives them the authorization to your account. I only managed to replicate this twice. You'll know if it happens, as the link will look normal in the nav bar, and when you paste, but after it's sent it adds =?s(some random hash).

So basically, it authorized him as me...he posted as me, and it was my account that he was logged into. And yes, this has been brought up to Invision already.

So...I gave him access to my account simply by sending a link.

lol okay, nvm then. I just have a thing with dr. hax.

Sign In

cbox

I... Jus- There are no words. Just look.

Recommended Posts

Slidell

Lockon

lostmodz26

Quinn

Azraelrs

Azraelrs

swampy666

jmdalmighty

gruntmods

Curtis

iBotPeaches

Quinn

Azraelrs

Quinn

Please sign in to comment

Browse

Activity

Pages