Page 1 of 1
put an end to brute forcing
Posted: Sun Dec 03, 2006 4:15 pm
by Ice771x
idk if this is actually how it works. but doesnt a brute force program just use a login and try tons of different passwords till one works?
if thats true, why doesnt jm make it so like. if your password is entered wrong say...8 times, it doesnt let you log in until you go to the website and put in your login name and a code they send you thru email?
Re: put an end to brute forcing
Posted: Sun Dec 03, 2006 4:18 pm
by Chaby
Ice771x wrote:idk if this is actually how it works. but doesnt a brute force program just use a login and try tons of different passwords till one works?
if thats true, why doesnt jm make it so like. if your password is entered wrong say...8 times, it doesnt let you log in until you go to the website and put in your login name and a code they send you thru email?
After you enter wrong pw 5 times you get DC'ed. Email thing wouldnt work, someone could make you change your pw every day.
Posted: Sun Dec 03, 2006 4:22 pm
by Chaud
But that would require work...
It cannot be that hard, any p2p game has no problem with that.
Posted: Sun Dec 03, 2006 4:29 pm
by Fusion
Yes yes, There are hacks and cheats and Crap for silkroad everywhere...
Example: Gamerzplanet.net
http://www.elitepvpers.de
Thats the site ive seen at least. Check them out but dont use the crap there...
Botting is Stupid.. Do your own work.. I dont do my own work but i dont bot..
STAY LEGIT
Posted: Sun Dec 03, 2006 4:59 pm
by Blackchocob0
Even Runescape has a system that prevents a wrong password so many times.
Posted: Sun Dec 03, 2006 5:01 pm
by Fusion
LOL now thats saying something.. Runescape in my opinion is a Horrible Game.. Click on an enemy once and pray you hit good numbers.. LMAO
Anyway Point well made... Ill stop flaming Runescape
Re: put an end to brute forcing
Posted: Sun Dec 03, 2006 5:14 pm
by Megalomaniac
Ice771x wrote:if thats true, why doesnt jm make it so like. if your password is entered wrong say...8 times, it doesnt let you log in until you go to the website and put in your login name and a code they send you thru email?
Silly...Since when monkies can do such things? O_o
Posted: Sun Dec 03, 2006 6:16 pm
by Penguin13
Or, if they had what MapleStory has. A second secret password that you click little keys on a keyboard onscreen to enter. No typing.
Posted: Sun Dec 03, 2006 6:53 pm
by BOSCOpwns
Now I am not experienced in hacking or anything, but there are countermeasures a server can take to prevent brute force attacks.. a simple google search would show, with a little bit of router maintenence, you could prevent this seemingly barbaric attack.
However, one way a hacker could do it I believe is using a gui hacking attack somehow in which they would bruteforce on that and not on JM's online server. BUT, Jm doesnt have a log in timeout/login tries limit on their website, so if they don't even have that, they probably didn't go through the countermeasures with their servers and network to prevent bruteforce.
Posted: Sun Dec 03, 2006 7:08 pm
by ArgentEyez
A well build bruteforcer will change ips on every attack, it will be clientless meaning its not gonna open silkroad.exe to attack - this making it faster to bypass the 5 pass wrong dc event.
Posted: Sun Dec 03, 2006 7:22 pm
by iGod
When i was a wannabe hacker lol I tried bruteforcing myself, dictionary attack, done in 2 minutes... yep they should really do something about that