Results 1 to 8 of 8
  1. #1
    Community Member Aliss7's Avatar
    Join Date
    Sep 2009
    Location
    Happy Hunting Grounds
    Posts
    492

    Default Forum Bug: cannot post the word "w g e t"

    You can't post to the forums if your post contains the word "w g e t" without the spaces.

    You get:

    Method Not Implemented

    POST to /newthread.php not supported.
    Apache Server at forums.ddo.com Port 80

  2. #2

  3. #3
    Community Member Quarterling's Avatar
    Join Date
    Jul 2008
    Location
    In your pocket
    Posts
    1,754

    Default

    What? Is this some kind of prank or something?

    Let me try: (types it in only to realize it's true)

    Wow... the bugs are spreading!!
    Have you ever wanted to create your own customized user interface skins for DDO?
    Click this sentence for a tutorial learning how, an easy-to-follow video guide.

  4. #4
    Founder & Hero cdbd3rd's Avatar
    Join Date
    Jan 2006
    Location
    Escaping Mizzery in the Tavern Attic.
    Posts
    22,584

    Default

    http://en.wikipedia.org/wiki/... (add the w+get letters to end of link)
    [...is a computer program that retrieves content from web servers, and is part of the GNU Project. Its name is derived from World Wide Web and get. It supports downloading via HTTP, HTTPS, and FTP protocols.]


    Sometimes one wonders how folks find this kind of stuff.




    Just trying to post the complete link irritated IE.
    Last edited by cdbd3rd; 02-11-2012 at 02:24 PM.
    CEO - Cupcake's Muskateers, Thelanis
    DDO Freebies ____ Monster Manual


  5. #5

  6. #6
    The Hatchery stoerm's Avatar
    Join Date
    Oct 2009
    Posts
    1,565

    Default Not a bug

    It's a security measure designed to stop exploiters from accessing that particular tool. A typical hack is to manipulate the server side application into executing shell commands. If you are a "hacker" (i.e. script kiddy) and able to do that, one of the things you want to do is to download and execute your attack code on the server. The mentioned software is an inoccuous and common general purpose tool, popular with many exploiters for that reason, that does just that (downloads stuff).

    I'm probably not far from the truth if I assume the forum servers have been hardened (actually DDOcast said as much in the wake of the injection issue a short while back) and they used a certain popular and effective product for that. I'm basing this on

    - the fact that it has the tool in its Default rules

    - "Method Not Implemented" is the default response when it blocks a request

    Could of course be any other application firewall, they'd probably do the same thing.

    Move along, nothing to see. Turbine is simply doing their job properly.
    Last edited by stoerm; 02-27-2012 at 08:02 AM.

  7. #7
    Community Member Sarisa's Avatar
    Join Date
    Apr 2010
    Posts
    3,614

    Default

    The only thing I dislike about it is that the name of that tool is being maligned as a "hackers tool". It's not, it's a near-standard command line web download tool. It just happens that crackers can use it just as effectively as legitimate users, similar in ways to netcat and tcpdump.

  8. #8
    The Hatchery stoerm's Avatar
    Join Date
    Oct 2009
    Posts
    1,565

    Default

    Quote Originally Posted by Sarisa View Post
    The only thing I dislike about it is that the name of that tool is being maligned as a "hackers tool". It's not, it's a near-standard command line web download tool. It just happens that crackers can use it just as effectively as legitimate users, similar in ways to netcat and tcpdump.
    Amen to that. Too easy to pass stupid laws and draconian technical restrictions that inconvenicence users. Ideally you harden your Internet-facing servers by not even installing any non-critical stuff like wgët (lol) and compilers, but even so I'd personally keep the strict filtering to discourage automated probes. That's the admin view point ofcourse.
    Praise the Dark Six and pass the heals to pure melees.
    Full feat tree; Cannith; change; merger; evil; win; minmaxing; FotM; deja vu; Kobolds.
    Dungeons and Dragons Online ~ Nude Song and Gnarled Onions

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

This form's session has expired. You need to reload the page.

Reload