Half-Life 2 gold hoax: what really happened

[pdog]

its complete ****, someone just made all this up, IPB by default stores all passwords in MD5 hashes, not in cleartext! WHY IN THE HELL WOULD THEY ENABLE CLEARTEXT!!!??? They didn't enable cleartext!!! The ony way that this could happen is if the hacker took the MD5 hashes, and put them into the password field (dont think this would work), but the last time I saw something like that was in phpbb 1.0.6 or somewhere like 6 years ago

[boomn]

They can be spoofed though, cant they?

[CdCViRus]

I hope that ###### burns eternally in hell getting raped by Ron Jeremy.

wow, we have a f*cking saint here :rolleyes:

i am guessing that you would not take advantage of such a hole, right?

the guy who stole the password did what almost any human would do in his place, you retard

[dotRoot]

You don't 'compile' PHP for one. Its an interpreted languange. So unless the database and the username and password to that sql database was in plain text, there is no way someone could have gotten access, but hey guess what? Someone would have to specifically set up permissions for something not specifically on the server to be able to even access the config file with the information in it. So you see, its complete garbage, regardless whether the passwords were encrypted or not.

[LingeringSoul]

the guy who stole the password did what almost any human would do in his place, you retard

Most humans I know wouldn't impersonate somebody with the intention of lying to thousands of people for the sake of humor.

[kairon]

wow, we have a f*cking saint here :rolleyes:

i am guessing that you would not take advantage of such a hole, right?

the guy who stole the password did what almost any human would do in his place, you retard

so you would steal a password from a man who works his ass off on releasing an awesome game for us and pose as him to the public and get everyone's hopes up knowing that when they find out the truth they will be ****ed off? your an ass. i wouldn't dare do such a thing like that.

[grimreaper]

so you would steal a password from a man who works his ass off on releasing an awesome game for us and pose as him to the public and get everyone's hopes up knowing that when they find out the truth they will be ****ed off? your an ass. i wouldn't dare do such a thing like that.

if he really was working his ass off shouldnt the game be out by now? :p

[jerry]

the guy who stole the password did what almost any human would do in his place, you retard

that says a lot about you :whistle: glad I dont know you well :rofl:

[dreamthief]

get over it guys.... even if it was the real Gade, so what?

The real Gabe also promised us a release soon but it was let down a COUPLE of times. As i said, so what?

[Banjo]

If they did get Gabe's password hash, couldn't they just mod their IPB cookie to change the UID to Gabe's and replace their password hash with his?

Edit: Just tried it and it took about 7 seconds to crack the hash.

Edited August 29, 2004 by Banjo

[jasondefaoite]

if he really was working his ass off shouldnt the game be out by now? :p

Have you seen the size of that ass, still plently of work to do :woot:

[jerry]

I dont care if Gabe's password was gaben or something else, in fact I really dont care what just happened yesterday & today as long as Valve gives us a accurate release date.

[csabo2]

Which they wont. gabes sitting around eating twinkies rather than making the devs do work. all the preload did was load graphics and maps.. im really getting annoyed with valve

[kairon]

Which they wont. gabes sitting around eating twinkies rather than making the devs do work. all the preload did was load graphics and maps.. im really getting annoyed with valve

So then don't buy Half-Life 2. Either way, we don't care. You obviously don't know what kind of work it takes to program a whole game engine and game and it shows. :rolleyes:

[mojomonkee]

i heard he's gay and likes to kick puppies. spread this rumor.

[pto]

So what did he say when he supposedly posted from Gabe's account?

I assume we're talking about the forums, sorry if it's not. I haven't paid any attention to stuff for like two weeks.

[Terrigamer]

He said "We're going gold monday..." and then something like "Maybe he shouldn't have had his password as 'gaben'. Come on Gabe, you could've thought of something better than that."

[Chode]

"Will the real Gabe Newell please stand up?"

[FISKER_Q]

I don't know if they changed anything but minimum password length was 3 chars when i registered on HL2Fallout today.

[DoNuTs]

"Will the real Gabe Newell please stand up?"

He can't :rofl:

[Lanky]

He can't :rofl::

ROFL!!!!

:laugh:: :rofl::

[Chode]

He can't :rofl::

lol. Good call.

Tomorrow, the photoshoping shall begin.......

[Fredde87]

If they did get Gabe's password hash, couldn't they just mod their IPB cookie to change the UID to Gabe's and replace their password hash with his?

Edit: Just tried it and it took about 7 seconds to crack the hash.

doh, I was going to say that! You stole my post :p

But what I dont understand is that if the php was down wouldnt they just se the source of the php file? How could the php file get the username and hash password from teh mysql database if php wasnt working?

[Medievil]

wondering same thing...

but ipb has many exploits so you never know, once you got the md5 hash you cant recode it, but you can put it in a cooky...

[pdog]

you COULD have gotten the admin password somehow, and executed sql stuff via the admin cp. Or, the password/uname for sql could have gotten exposed.