oeed, on 10 March 2015 - 06:58 AM, said:
doublequestionmark, on 10 March 2015 - 02:39 AM, said:
I found a Huge Security Bug in OneOs.
although the password is encrypted and stored in a file, the password can be viewed in plain text in the OneOS log
Umm, what? Are you sure. If so that's quite the stuff on my behalf.
Actually, it's hashed... I think. So that's impossible isn't it?
Anyway, I won't be having passwords in future.
--snip--
sorry for responding so late, ive taken a bit of a break.
the password is 'qwerty' and the first character of the password, q, is on the 45th line of the log file.
[3.95 Info] Event: char, q, <--
[4.0 Info] Event: timer, 1771,
[4.15 Info] Event: key, 17,
[4.15 Info] Event: char, w, <--
[4.2 Info] Event: timer, 1772,
[4.35 Info] Event: key, 18,
[4.35 Info] Event: char, e, <--
[4.4 Info] Event: timer, 1773,
[4.55 Info] Event: key, 19,
[4.55 Info] Event: char, r, <--
[4.6 Info] Event: timer, 1774,
[4.9 Info] Event: key, 20,
[4.9 Info] Event: char, t, <--
[4.95 Info] Event: timer, 1775,
[5.15 Info] Event: key, 21,
[5.15 Info] Event: char, y, <--
Edited by doublequestionmark, 14 June 2015 - 01:42 AM.