-
Posts
2 -
Joined
-
Last visited
-
Days Won
1
Zigara last won the day on February 14 2017
Zigara had the most liked content!
Profile Information
-
Gender
Not Telling
Recent Profile Visitors
1029 profile views
Zigara's Achievements
Poring (1/15)
7
Reputation
-
I did a bit more digging around, and I can confirm; ringsec.net stores all passwords in plain text. If you signed up at ringsec.net using a password you've used for other services; change all your passwords NOW!
-
I would recommend staying away from this "shield". The only server change is a custom login packet that includes your hardware id + mac + a static key. There is no packet encryption or server-side logging. They are distributing a pirated copy of exe/dll packing software (Molebox) https://github.com/AsiaGenius/ring-0/tree/master/Tools/MoleBox (portable)/INSTALL LICENSE The client dll connects to their web server to verify everything, if their web server is down; you won't be able to use your client. Their website / report server is vulnerable to SQL injection, there is 0 input validation. ... etc If they can't do basic input validation on their web server, I really doubt they're capable of doing advanced cheat detection, or delivering many of the features they claim to support. Here is a snippet from the report server (http://guard.ringsec.net/) after passing a bit of invalid data. You could compromise all of their accounts / data / etc, and based on the register form showing the password in plaintext; I highly doubt they actually hash your account passwords. Please stay far away from this software until they resolve all of these issues. Do not use it in production.