• entries
32
50
• views
45927

# Down with the FastCall22 reign!

1814 views

So FastCall22 has figured out how to kick himself in the gdchat. Well, he hath prowess over us no more!

Here's how to go about it:

Step 1:
Pull up the developer tools that show you incoming and outgoing packets. On Chrome, you hit F12 and click Network, and Firefox has a similar thingy.

Step 2:
Post a single thing.The object of this is to see the session's unique id and verification key for you. This changes every time you enter the room. I'm pretty sure that you can get that value off of your entrance, but oh well.

Anyways, do that, and you'll send a POST packet, followed by a GET packet with your exact message in it. The GET one is the one you want. You can quickly filter through the packets to find the right one by looking in the Preview tab under Network on Chrome.

Step 3:
Scroll down to the bottom of the packet header where it talks about the Query String Parameters. Those are the things in the url with all the &'s after the .php. Yeah, you need those.

Step 4:
You need something that will send arbitrary packets to places. Postman for Chrome is a good choice. I'm sure there's something similar for Firefox. And maybe for Opera. Maybe AOL too, if you're thusly inclined.

Step 5:
Fill in the packet data.
You want to paste this into the field that says "Enter request URL here"

http://server05.ips-chat-service.com/moderate.php?room=FILL_ME_IN&user=FILL_ME_IN&access_key=FILL_ME_IN

The URL params that say "FILL_ME_IN" need to be filled in with the info from step 3.

Down under form-data, there's 2 fields that need to be made.
against: YOUR_USER_VALUE
_: [leave this value blank. i dont know why its here, or if it's even necessary, but do it anyways]

Step 6:
Send. You should get a response that looks like:
1
If you get something different, you did something wrong.

Step [font=arial]

[/font]

## Profit.

Let the GDchatting commence!

Man.

I wonder how else the chat's security systems can be subverted. Does this work for plain members (no privileges) as well or is there some server-side checking?

Welcome to the hollow grounds of the GDnet Chat.

my baby :(

@Bact, I just tested it and it doesn't work. The only thing that you can do is post normally.

so over complicated, just use javascript injection to do it:
javascript:void(ipb.chat.sendMessageToChild("action=kick&server="+serverHost+"&path="+serverPath+"&user="+userId+"&access_key="+accessKey+"&against="+11055+"&room="+roomId));

all you have to do is find the target user's id, and put it in there!

The chat is broken as hell (lots of bugs), so I'm sure it can be exploited in other ways.  An embedded and exclusive IRC based chat would likely be more sufficient, but staff told me that it will never happen.

I'll have to try this later.

All the old school GDNet members have been chatting on #gamedev (irc.afternet.org) for going fifteen YEARS now. Not sure why they felt the need to embed a crappy broken webchat thing.

Actually, yeah, I've been on there a few times. Everyone there is super chill, unlike all the childish kicking that happens on the official gdchat. You have to go wayyyy out of the way to find it though. It's almost like they've hidden it from the rest of us

## Create an account

Register a new account