Fires of Heaven Guild Message Board - View Single Post - Swoopo

Tenks · 02-18-2009, 05:59 AM

I remember when the site first came out they were using largely opened up .js and AJAX to handle most requests and I was certain anyone with a bit of time and knowledge of how to slip into the various holes AJAX has could open the site wide open.

I didn't really feel like doing that at work. I am not sure if they closed up their source or not but I had access to the Javascript source that was handling bid placement and it appeared if I could inject my own requests I could smurf myself as another user to play the system for a bit until I would then use my own bids. Haven't been to swoopo in months so I'm not sure if they filled the holes or not.

02-18-2009, 05:59 AM	#44 (permalink)
Tenks Registered User Join Date: Nov 2003 Posts: 1,938	I remember when the site first came out they were using largely opened up .js and AJAX to handle most requests and I was certain anyone with a bit of time and knowledge of how to slip into the various holes AJAX has could open the site wide open. I didn't really feel like doing that at work. I am not sure if they closed up their source or not but I had access to the Javascript source that was handling bid placement and it appeared if I could inject my own requests I could smurf myself as another user to play the system for a bit until I would then use my own bids. Haven't been to swoopo in months so I'm not sure if they filled the holes or not.