Quote:
Originally Posted by **********
I don't think this is possible.
GFY uses vbulletin ( www.vbulletin.com). The passswords of its users are not visible in the administrator program. Administrators can change the passwords of users, but cannot see the actual passwords. Password attemps are also not stored.
I think you are safe. If VBulletin had this kind of vulnerability they wouldn't be so popular. |
I thought you had a bit of coding background Mark?
Seriously, stealing the passwords is a total fucking doddle.
#1 - They're probably not running a copy of VB - simple passing the login / password onto gfy.com - and saving a copy as it goes
#2 - Even if they were - VB is clear source. Nothing stopping you making it save passes in an open format.
#3 - Even if it WASN'T clear source, you could probably acheive the same with db triggers.
'I think you are safe'.. lol