Name: Anonymous 2009-09-22 1:17
420chan source: http://pastebin.com/m28c50a2
Hey everyone. Dunno how much you all know about 420chan; but Kirtaner, the admin, has been developing his own imageboard software with perl for a year or so. He kept the source all private and stuff. But due to some major fuckups on his part, I managed to grab a copy right off his own server just yesterday. So yeah, this is the file that deals with admin logons, I assume cookie issuing, and lots of sql. It was put together by a crowd of stoned idiots, so see how long it takes to find all the outstanding security holes. The username and password for the twitter module has already been used to its full extent, but see what else you can find. And just a reminder, this code has most likely been through absolutely no security auditing whatsoever due to its formally closed source nature. So is beyond a doubt, full of obvious holes. And possibly some straight-up access to admin cookies.
Have phun
Hey everyone. Dunno how much you all know about 420chan; but Kirtaner, the admin, has been developing his own imageboard software with perl for a year or so. He kept the source all private and stuff. But due to some major fuckups on his part, I managed to grab a copy right off his own server just yesterday. So yeah, this is the file that deals with admin logons, I assume cookie issuing, and lots of sql. It was put together by a crowd of stoned idiots, so see how long it takes to find all the outstanding security holes. The username and password for the twitter module has already been used to its full extent, but see what else you can find. And just a reminder, this code has most likely been through absolutely no security auditing whatsoever due to its formally closed source nature. So is beyond a doubt, full of obvious holes. And possibly some straight-up access to admin cookies.
Have phun