Announcement

Collapse
No announcement yet.

Question about the hack

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • replied
    Originally posted by RattleSN4K3 View Post
    Will the forum be available one day? It is still in maintenance mode.
    http://forums.epicgames.com/forums/2...l-Tournament-3
    They are all being moved to forums with the universal login. Closing this so people don't get confused.

    Leave a comment:


  • replied
    Originally posted by EvilGrins View Post
    Braaaaiiiiinnnnnnsssss?
    What are you trying to say?

    Leave a comment:


  • replied
    Braaaaiiiiinnnnnnsssss?

    Leave a comment:


  • replied
    Will the forum be available one day? It is still in maintenance mode.
    http://forums.epicgames.com/forums/2...l-Tournament-3


    Originally posted by Flak View Post
    It hasn't, nor any of the other forums you access with your Unreal Engine id. We did have the security firm we're working with check and they were all unaffected.
    Interesting. Maybe that security firm didn't know better.

    Leave a comment:


  • replied
    Thank you Rattle, I've passed this along.

    Leave a comment:


  • replied
    Whenever you reply/post something, you get this:
    By pressing the [Submit Reply] and [Submit New Thread] buttons, you agree to the submission terms.
    The submission terms reference is invalid (so is the right for the content one is posting).

    Leave a comment:


  • replied
    Another issue with opening pages on forums.epicgames.com.
    Bad Request

    Your browser sent a request that this server could not understand.
    Size of a request header field exceeds server limit.

    Cookie
    /n
    The thing is. There are several vBulletin cookies which are sent on each browsing. This includes cookies like bb_thread_lastview and bb_forum_view. These are by far the longest which are combined about 3500 bytes. This isn't the problem itself but recently the cookies also got created for ".epicgames.com" and not only "forum.epicgames.com". All the forum related cookies are sent twice which results the accpepted header length being exceeded and closing the connection. You can't visit this site anymore.

    Clearing/removing the cookies from ".epicgames.com" solves this issue clientsided.

    Leave a comment:


  • replied
    Enlarging embedded images (from attachments) is causing errors and being stuck in a uncloseable state.
    Reload (or hack the web content) required
    Bug also ajax related. Console entry (vbulletin_lightbox.js@11:1280):
    Code:
    "vB_Lightbox :: Set status = 0 (handle_ajax_response - error)"
    This Image Was Automatically Resized by using the Screenshot Tag.  Click to view the full version


    Deleting post is not working (even if its allowed)
    Console log throws warning about wrong coding. Also the response sends the http code 303 Http code of 303 is sent as the default response as well. Looks like the request isn't handled anymore. The browser only redirects back to the original thread (due to 303 http code). Nothing is deleted.
    Edit:
    Turning off javascript works. With Javascript on and selecting the option "Delete this post in the following manner:" would force the post to deleted though. This wasn't required before IIRC. Without that option, it just redirects.



    Using the quick-reply method, will strip/convert newline entries
    Code:
    First line
    
    Paragraph
    
    End. Total: 3 paragraphs.
    ... becomes
    Code:
    First line Paragraph End. Total: 3 paragraphs.


    PS:
    Bug/issue on this forum:
    Uploading the gif file (referenced above) is not working. Probably timeout related (so big files is a problem with slow upload) as the http respone is stripped:
    (data field stripped at the end for posting purpose, replaced with "...", no enclosing XML tags, file sending aborted)
    Code:
    <?xml version="1.0" encoding="UTF-8"?>
    <errors>
    	<error><![CDATA[<p>Database Error</p>]]></error>
    	<error_html><![CDATA[<p>Database error in vBulletin 4.2.2</p>
    <p>Invalid SQL:
    INSERT INTO filedata
    	(dateline, thumbnail_dateline, userid, extension, thumbnail_filesize, width, height, thumbnail_width, thumbnail_height, filehash, filesize, filedata, thumbnail)
    VALUES
    	(1439223301, 1439223301, 192, 'gif', 3648, 1208, 673, 100, 56, '4b19b89030c745763e7fc0cbdc64d812', 2031048, 'GIF89a...
    Attached Files
    Last edited by RattleSN4K3; 08-10-2015, 02:55 PM.

    Leave a comment:


  • replied
    There are also some other issues with login:
    https://forums.epicgames.com/threads...6-Forum-issues

    Leave a comment:


  • replied
    Some additional issues:

    Missing WYSIWYG editor for Quick Reply
    Click image for larger version

Name:	EpicForumMissingEditor.png
Views:	1
Size:	17.6 KB
ID:	339115

    Directly clicking on "Reply with Quote" of any post is not working
    Click image for larger version

Name:	EpicForumReplyQuote.png
Views:	1
Size:	4.0 KB
ID:	339117
    The ajax method of that button is calling an invalid path (not existing anymore) of:
    Code:
    forums.epicgames.com/threads/ajax.php?do=getquotes&p=31931158
    The correct one for the new forum engine would be (tested; works):
    Code:
    forums.epicgames.com/ajax.php?do=getquotes&p=31931158

    Directly clicking on "Reply" is bugging
    Click image for larger version

Name:	EpicForumReply.png
Views:	1
Size:	12.3 KB
ID:	339118
    vbulletin_textedit.js throws an TypeError@11:4381: this.editor is null
    Code:
    vB_Text_Editor.prototype.is_wysiwyg_mode=function(){return(this.editor.mode=="wysiwyg"?1:0)}


    Missing images for "Screenshot" and "UDN" button for the Full WYSIWYG editor
    Click image for larger version

Name:	EpicForumMissingButtonImages.png
Views:	1
Size:	37.6 KB
ID:	339119
    URLs:
    http://forums.epicgames.com/images/buttons/ss.gif
    http://forums.epicgames.com/images/buttons/udn.gif

    Minor note about that:
    Both are integrated from an absolute url with the protocol http (and not https). This would result into resources being loaded from insecure location. Many modern browsers will change the security info about that specific page to be insecure.



    No badges (like MVP, Helper etc.)
    Example url: https://forums.epicgames.com/images/ranks/helper.jpg
    (they are still set, but the assets are not copied; screenshot has the alt-attribute, of the html img tag, modifed pointing to the image path for demo purposes)
    Click image for larger version

Name:	EpicForumMissingRanks.png
Views:	1
Size:	5.9 KB
ID:	339116


    Missing avatars
    Example path: images/avatars/gears3memberschoice/EpicAvi2.png
    Click image for larger version

Name:	EpicForumFlakAvatar.png
Views:	1
Size:	17.7 KB
ID:	339112


    Missing thread icons
    Example path: images/icons/ut/icon1.gif
    Click image for larger version

Name:	EpicForumMissingThreadIcons.png
Views:	1
Size:	37.4 KB
ID:	339113


    Missing Tapatalk integration?
    The tapatalk detection script isn't available:
    https://forums.epicgames.com/mobiquo/tapatalkdetect.js


    Old but still an issue: Advertising Gears of War
    Click image for larger version

Name:	EpicForumGoWAd.png
Views:	1
Size:	88.5 KB
ID:	339114
    Last edited by RattleSN4K3; 08-10-2015, 12:42 PM. Reason: Typos

    Leave a comment:


  • replied
    Can actually someone summarize of what actually happened to EpicGames's forum back then? I mean I visited the forum on a daily basis and never ever got a popup or anything which was reported:
    https://forums.epicgames.com/threads...Hijacked-Links

    The forum engine was outdated but was it really a server-based "hack" or just a conincedence of people having the same "malware" installed and noticed something wrong on their side. An external link can be "hijacked" quite differently. And most of these things are client sided.

    This is either big trolling or false alarm IMHO (unless there is a real security hole; which I don't see being reported or announced anywhere).

    Leave a comment:


  • replied
    Still only getting a https://forums.epicgames.com/".php" response not a main domain: https://forums.epicgames.com/ although this shouldn't be an issue (should it?i.e. it's back to normal behaviour)

    Apparently the UT3 forums do not exist according to search engines, it doesn't show for me

    There is something very wrong. We need to figure out what it is, and contact an admin.
    https://forums.epicgames.com/threads...1#post31931078
    • Keep an eye on the Infinity blade forums, that is the most active/ up to date for user responses
    • I assume it will take some time before users realize they may need to reset PW's on all device's. I only use my PC so...


    No crazy redirect happening so that's good news as long as there is no backdoor to the new email things should be good


    Edit:

    P.s Thank's Epic ...
    update was delivered just in time
    Last edited by TKBS; 07-31-2015, 11:10 AM.

    Leave a comment:


  • replied
    Password unset? Not being able to login. Forced to "reset" password via mail?

    Minor issues:
    • Thread prefix images are gone
    • Non-unicode characters are not properly shown (probably converted in a backup process)
      https://forums.epicgames.com/members...itor_messaging
      "Grüße" became "Grüße"
    • Missing forum section (the one with threads in a different language)
    • No favicon



    Thanks for re-opening the old forum though.
    Last edited by RattleSN4K3; 08-10-2015, 12:40 PM.

    Leave a comment:


  • replied
    Back up, let me know if you see any issues. You can email me too at flak at you know where dot com.

    Leave a comment:


  • replied
    Let me know if you see that again TKBS (or anyone else)

    Leave a comment:

Working...
X