Jump to content

Zigara

Members
  • Posts

    2
  • Joined

  • Last visited

  • Days Won

    1

Zigara last won the day on February 14 2017

Zigara had the most liked content!

Profile Information

  • Gender
    Not Telling

Recent Profile Visitors

1029 profile views

Zigara's Achievements

Poring

Poring (1/15)

7

Reputation

  1. I did a bit more digging around, and I can confirm; ringsec.net stores all passwords in plain text. If you signed up at ringsec.net using a password you've used for other services; change all your passwords NOW!
  2. I would recommend staying away from this "shield". The only server change is a custom login packet that includes your hardware id + mac + a static key. There is no packet encryption or server-side logging. They are distributing a pirated copy of exe/dll packing software (Molebox) https://github.com/AsiaGenius/ring-0/tree/master/Tools/MoleBox (portable)/INSTALL LICENSE The client dll connects to their web server to verify everything, if their web server is down; you won't be able to use your client. Their website / report server is vulnerable to SQL injection, there is 0 input validation. ... etc If they can't do basic input validation on their web server, I really doubt they're capable of doing advanced cheat detection, or delivering many of the features they claim to support. Here is a snippet from the report server (http://guard.ringsec.net/) after passing a bit of invalid data. You could compromise all of their accounts / data / etc, and based on the register form showing the password in plaintext; I highly doubt they actually hash your account passwords. Please stay far away from this software until they resolve all of these issues. Do not use it in production.
×
×
  • Create New...