SSO Ticket Exploit

Status
Not open for further replies.
Altercationz

Altercationz

:)
May 1, 2015
470
154
Hello,
Jonteh decided to come onto my hotel and take advantage of the SSO exploit
for some reason, neither of the fixes want to work (Sledmore's or damien's)

I get disconnected straight away sometimes, and then other times it'll just stay loading at 76% and show 1 user online.

I need this fixed, thanks.
@Sledmore @Damiens
 
Sort by date Sort by votes
Damien

Damien

Don't need glasses if you can C#
Feb 26, 2012
434
647
Issue has been solved. I helped this user out privately implementing one of the fixes found bellow:

Sledmore's
Code: 
https://devbest.com/threads/plusemu-support-thread.78541/page-7#post-373919

Mine
Code: 
https://devbest.com/threads/revcms-plusemu-extra-security.78678/
 
Upvote 0 Downvote
M

Melancholy

Member
Jan 10, 2015
39
13
Damiens said:
Issue has been solved. I helped this user out privately implementing one of the fixes found bellow:

Sledmore's
Code: 
https://devbest.com/threads/plusemu-support-thread.78541/page-7#post-373919

Mine
Code: 
https://devbest.com/threads/revcms-plusemu-extra-security.78678/
Click to expand...

Hello! I'm gonna borrow this thread to ask you a question, because you seem to know wtf you're talking about.

How do I know if the SSO-Fix works? I'm using BrainCMS as base and edited all the SSO-insert shit, and it gives SSO successfully. (Insert into DB, reads in the client.php etc). The only thing I'm not so sure about, is it supposed to drop the SSO-ticket as soon as the user enters the hotel? Or is it supposed to be the same SSO-Ticket until a new request comes a long?

If you cant understand my question I'll try and elaborate. Thank you.
 
Upvote 0 Downvote
J

Joe

Well-Known Member
Jun 10, 2012
4,172
1,955
Melancholy said:
Hello! I'm gonna borrow this thread to ask you a question, because you seem to know wtf you're talking about.

How do I know if the SSO-Fix works? I'm using BrainCMS as base and edited all the SSO-insert shit, and it gives SSO successfully. (Insert into DB, reads in the client.php etc). The only thing I'm not so sure about, is it supposed to drop the SSO-ticket as soon as the user enters the hotel? Or is it supposed to be the same SSO-Ticket until a new request comes a long?

If you cant understand my question I'll try and elaborate. Thank you.
Click to expand...
I would use Sledmore's it's a lot easier to implement. It can be found in this thread. If you're asking how to do the SSO exploit to check, I personally wouldn't know. Since the problem has been dealt with then I'm closing this thread, if you've got anymore problems PM or start a new thread.
 
Upvote 0 Downvote
Status
Not open for further replies.

Users who are viewing this thread

Total: 2 (members: 0, guests: 2)
☀️  Switch to Light Theme

Latest posts

Top