Just found an XSS in Habbo, what to do?

Printable View

Show 40 post(s) from this thread on one page

19-03-2012, 09:05 PM
Breeze

Quote:

Originally Posted by noobdoob

They've never treated me well. I'm not being an attention *****, I'm just asking what to do. They banned me for the following reason "Intention of scamming" Do you think that's a good enough reason to permanently ban someone? I'm not threatening to hack anyone, if they really were such a good company, they'd fix there ticket system first. I'm not encouraging hacking, I found an glitch/bug/exploit in there system.

Please do not come in here making accusations, I'm not disrespecting Habbo, I'm just showing them how bad there service is. I've worked hard to find that bug, I'm not just giving it away without being accredited for it.

*Removed*

Edited by Martin (Forum Moderator): Please do not post to cause arguments
19-03-2012, 11:32 PM
GoldenMerc

I wouldn't be suprised right now if wasn't even a exploit at all...
20-03-2012, 01:22 AM
RealClifford

I just read this, and I haven't laughed quite hard in a while..

The childish nature of some 'Adult' or'mature' people is incredibly entertaining.
After reading it all, I am unsure he even has found a legit exploit since he is so hell bent onr eceiving a 'reward' or some recognition, if he was doing it purely for Sulake then the reward would be unnessecary would it not?

Greedy, Childish, Immature, Attention Seeking at its finest right here.
20-03-2012, 10:06 PM
vito201-:D

I don't personally think there are any code allowing XSS exploits inside the Habbo website... I know of a couple that allow simple HTML script such as images/fontchanges etc... but after using a few robotic XSS exploit detectors and coming back empty handed... I'd say it's rather unlikely.

*REMOVED*
- Alex (Shenk).

Edited by Zuth (Forum Moderator): Please do not break the Habbo Way!
21-03-2012, 06:26 PM
vito201-:D

Quote:

Originally Posted by vito201-:D

Edited by Zuth (Forum Moderator): Please do not break the Habbo Way!

1.) I only need a webbrowser to use an XSS exploit - hardly 3rd party software,
2.) I haven't been given the exploit - thus haven't even done anything...
3.) It's not really disruption of the hotel to inject code into the main site? (Aka not the cleint)...

=/
- Alex (Shenk).
22-03-2012, 08:41 PM
noobdoob

Ah, well I've patched one, found another one straight away.
23-03-2012, 03:54 PM
iFlame

What....

Use twitter to report it or use the contact tool, remember it takes them about a month to look at it because there client services are so bad ;)
23-03-2012, 04:30 PM
beth

settlement? 10 ducks and a hc plasto table do you?

Edited by xxMATTGxx (General Manager): Please do not post pointlessly.
23-03-2012, 08:14 PM
triston220

It's really not out of the question to ask for a settlement for a persistent XSS 'bug', when it could, in theory, cause some real damage.

@OP, Don't sell it. Use your skills for good, don't damage the site.
23-03-2012, 08:43 PM
Homosexual

You didn't "find this", it's on Shenk's site. Why lie to make friends?

Show 40 post(s) from this thread on one page