Jump to content

Halo 3 Saved Film HD Recording Service - Testers Needed

HaLo2FrEeEk
 Share

Recommended Posts

  • Replies 61
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

darkfreaks Advanced Member

darkfreaks

Posted
Posted

rmw_jslib.js: reference to undefined property ActiveXObject,  reference to undefined property ShowModelessDialog, reference to undefined property onunload, undeclared variable rmw_pop, undeclared variable __apipath, undeclared variable rmw_old_onunload, undefined property window.opera, undefined variable rmw_over, rmw_count, rmv_popfeatures, rmw_wait_for_width

HaLo2FrEeEk Advanced Member

HaLo2FrEeEk

Posted
  • Author
Posted

highlight and unhighlight functions never return a value, they perform a...FUNCTION?  Wow.

 

rmw_jslib.js is only used on the forum, therefore isn't even in the source code for the capture.php page, therefore plays absolutely no part here.

 

array() loop is vulnerable!?!  What the hell, where do I have an array() loop?

Daniel0 Advanced Member

Daniel0

Posted
Posted

sorry maybe i should be more clear your POST array() is vunerable to cross site scripting.

 

Yeah, maybe you should:

 

Use of exploit scanners can be an effective way to discover exploits on a website, so we have no intention of banning posting scanner results. But these scanners can also return bogus results.

 

Secondly: Give a man a fish and you feed him for a day. Teach a man to fish and you feed him for a lifetime.

 

As of now, posting scanner results is only allowed under the following conditions:

 

1) You must share the name and how to get the scanner

2) You absolutely MUST explain every item in the result (why is this a risk, not just because the scanner says so)

darkfreaks Advanced Member

darkfreaks

Posted
Posted

I do understand scanners have a possibility of returning bogus results so i will not argue if i am indeed wrong.

 

However if he wishes to scan for himself and test it i will leave the link to the scanners. i will leave an example of what i mean. and maybe he can prove me wrong who knows.

 

XSS Me Add-ON for Firefox

Example:

Array ( [gamertag] => [film] => # [res] => 720 [format] => wmv [comment] => => ) 

1.) why do you have your results in an array?

2.) why is it not filtered where anyone could enter anything into it?

 

 

HaLo2FrEeEk Advanced Member

HaLo2FrEeEk

Posted
  • Author
Posted

Isn't it much cheaper to use the Bungie Grab Feature? I mean really. 1 Bungie minute = any film clip under 10 minutes not depending on the time.

 

Uhm...idk how you work out that 1 bungie MINUTE is 10 minutes...last I heard 1 bungie minutes is, you know...1 MINUTE!

 

And the Bungie Render to Video feature is only available to players who have Bungie Pro, which costs like, 800 MS points.  Some people don't want/need Pro, they only want to record a few clips here and there.  That's what my service is for.  And also, I started the idea for my service before Bungie introduced or even announced Render to Video, so yeah, there's that too.

 

And yes, darkfreaks, like daniel said, only the frontend is done.  When it's completed submit.php will not do anything unless a POST array is passed to it with the proper values.  If the proper values are not submitted, it will not get saved.  I needed an output for debugging, so testers could post that returned array and I could see if there were any issues.  It worked perfectly for what I needed and helped me fix a lot of problems.  Course I haven't worked on this for some time, and don't know when I will again, I have to be in the mood to work on it, really.

 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.