[Cheat] Bug found!!!
 

Hi,
somebody i know, Refl3x, has found an exploit.
The exploit works like this: The score is submitted by a HTTP Post. If you create a form like this:
This is a simple way to cheat. All you have to know is the exact name of the game.

Damn... just when I thought I found the only way to manipulate scores.. here's a new one. :(

We need a fix soon.

Really soon!

Have you contcted MrZeropage via PM about this?

PM sent ... will investigate

beside that (still got no PM from him) please notice this :)

Sorry for the late reply, but the PM is sended!

Ok, simple thing I think, will fix that... :)

Okey :)

So the cheat is possible for all 2.5.9 versions :o

Beside this I managed to fix all cross-scoring issues last night, one user already tested and verified that the fixes work.
I am somehow a little sad that nobody else wants to help and test for the cross-scoring-issue, I asked for some testusers two days ago and nobody wants to participate :(

I am now doing some adaptions to guest-play-feature and then v2.6.0+ is ready ... hope somebody else having cross-scoring-issues wants to test a pre-version of 2.6.0 (waiting for PM now)

I have not seen any cross scoring issues on my set up, so I am not sure if I can help, but if you need to test something I am always willing to do so Zero.

Before I even did not know how to cheat using cross-scoring, but after it got explained I verified it on my testsite.

But now this is eliminated, if anybody of those who reported the cross-scoring before could verify this is 100% fixed now. I am wondering as alot of people complained about it, and now that I want somebody to test and verify the fix, I am alone :(

PM sent :D

I beleive it was a bug with V3 games in your arcade.. I'm not positive on this but thats what I gathered from the testing.

Yeah everyone who has knowledge of that cross-scoring issue in 2.5.9+ please contact MrZeropage!

still nobody of those who reported this issue and waiting for a fix contacted me for testing... where is the ibProArcade-community ?! ;)

I did.. and I think he fixed it.. I think it is a different bug he is asking for people to help test. One I am not aware of.

I know one bug but I'm afraid it's impossible to fix it. :( (I've noticed Mr. Zeropage about it.)

That is not a bug but some external tool to manipulate communication between the player and the forum/server/arcade so nothing about the arcade itself...

but anyway, new secure games will somehow be protected against such manipulation :p

Yes I know.. :( It sucks, why do they even create such tools..

I'm glad to hear that. :)

im not sure whats goin on with my board but it looks like i should post here.

I am running vbulletin 3.58 and ibproarcade 2.61+

Some how one of our member is able to manipulate the scores.. he is showing very high scores in just a few seconds of play .. .I read thru this forum but i dont understand if my problem is the same or not.. ( im code illiterate) I see you asking for testers but I would have to understand first how to create the problem.. Is there a fix for this problem or is this even possible to do... Is anyone else having similar issues? thanks in advance for your help

btw... we love this arcade!!!

Some Games have bugs, I don't think he can directly insert scores in the arcade.
Another way would be to directly manipulate the flashcode which is downloaded locally to the computer of the player, but that is much work...

To be sure check if you have new, secured games (in AdminCP -> Game List they display a yellow "!"-icon under the category) which those it should be impossible to cheat/manipulate any result.