the bloxcity predicament - gamefandan's & darkhawk accounts compromised??

[Kyuande]

Me and Gy did a couple of tests, I was able to get into his account by getting his cookie data, someone can hijack your account by using your session, this can be easily achieved by cookies.

[Ad Bot]

[Gytyyhgfffff]

ok so visolator and i just tested something and you can hijack session ids and steal accounts with them. if this guy is stealing session ids, i suggest you all log off and log back in every 5 minutes or so that they won't have a chance to do a lot of damage to your account if they somehow get your session ids

[e-maxx]

This is the most harmless hijack I've ever seen
I mean all that happens is they post stuff for like 5 minutes and don't change anything on the profile

[Gytyyhgfffff]

also disable every single userscript you have

[Doughboy]

can we just clear cookies and not go on the forums for a bit

[Otis Da HousKat]

[Kyuande]

I read it, you're hijacked

[}]Crazy[{]

hey im safe

[Kyuande]

hey im safe

I said I was safe and then I got hijacked within 20 minutes.

[SimpleFish]

I just got back from riding my bike and I was logged out, nothing bad has happened so far though.

[Trymos]

ok so visolator and i just tested something and you can hijack session ids and steal accounts with them. if this guy is stealing session ids, i suggest you all log off and log back in every 5 minutes or so that they won't have a chance to do a lot of damage to your account if they somehow get your session ids

how would this work if they do not have your ip address and they never visited the bloxcity website aka migas case?

i feel like theyre doing a man in the middle on the forum itself or actually compromised the forum itself

[Trymos]

im also kind of surprised that the forgeter doesnt know about the autoban links yet.

[mod-man]

and don't change anything on the profile

migas profile is giving a big thumbs up for bloxcity.com

[Trymos]

forget i got session stole gonna log out now

[Brickmaster]

im safe so far