TC Bulletin and Policy Change 10/18/09

[hozsnoop]

Do you have a different server to test exploits on like sql injection that might damage or crash it.

[Kyle]

Quote:

Originally Posted by hozsnoop

Do you have a different server to test exploits on like sql injection that might damage or crash it.

Of course we do.

[mijom]

Is this Exploitation Team, Official staff position inside the QA? or more like the Support "helpers", unofficial volunteer position.

[Kyle]

Quote:

Originally Posted by mijom

Is this Exploitation Team, Official staff position inside the QA? or more like the Support "helpers", unofficial volunteer position.

It is more like an unofficial volunteer position.

[mijom]

Quote:

Originally Posted by Kyle

It is more like an unofficial volunteer position.

Thanks for confirming that Kyle.

I hope the select few will be worth the trust and their word.
There is alot of good the team can come up with for future and for SC. And since it's not Official staff position they don't get of the staff privileges and are closely monitored by staff.

I think you all should calm down bit and just see how it goes before making any conclusions.

[hozsnoop]

What kind of setup do you have for ip spoofing / SQL injection really? So if i get kyles ip address and spoof just my packets to the server. And then i use the @commands i could use them right? Or do you have a different client setup yet? That means i could use any GM online to spawn npcs and get things off of right? And also if i do this do i have direct access to the database from the chat/command line to start sql injection and create npcs / edit drop/loot tables on a active database. I mean i could cover my trails by putting it back the way it was. I would think that would cause a dead lock or even a crash if done on a active database. I'm really wondering what kind of protection you guys have. I would love to access that test database/server.