Register - Login
Views: 99862536
 Main - Memberlist - Active users - Calendar - Wiki - IRC Chat - Online users
Ranks - Rules/FAQ - Stats - Latest Posts - Color Chart - Smilies 		05-04-22 02:56:03 PM
Jul - Meta - Strange Auto-Ban New poll - New thread - New reply
Next newer thread | Next older thread
Q
風のノータム
Level: 105


Posts: 2635/2986
EXP: 11977615
For next: 284645

Since: 08-03-07

Pronouns: she/her
From: Nowhere

Since last post: 51 days
Last activity: 1 day
Posted on 08-11-14 09:05:35 AM Link | Quote
A friend of mine got a cookie-based ban from Jul by visiting from this Kotaku article. I've successfully recreated it myself in a couple of browsers. Here are the steps:


1. Clear all Jul cookies. (It doesn't work if you already have Jul cookies.)

2. Go to this TCRF article. (It doesn't seem to work on the main page, but I haven't checked any other pages.)

3. Click the "Jul (Forum)" link on the left sidebar.

4. Click any Jul link on the page, and you'll be taken to the Robotnik ban page.


At that point, you have to clear your Jul cookies again to get rid of it. I don't have any guesses for the technical reason why this ban happens, but it only seems to happen if these exact steps are followed.

____________________
layout by Sofi.
Joe
Common spammer
🍬
Level: 111


Posts: 3151/3392
EXP: 14502947
For next: 365413

Since: 08-02-07

From: Pororoca

Since last post: 13 days
Last activity: 34 min.
Posted on 08-11-14 10:50:41 AM Link | Quote
The offending cookie seems to be "_pk_ref.4.508c" for containing the string "exec".

____________________
ふにゃあ。
Kak

...
Level: 80


Posts: 1283/1928
EXP: 4762772
For next: 20197

Since: 09-03-13

From: ???

Since last post: 71 days
Last activity: 67 days
Posted on 08-11-14 11:10:54 AM Link | Quote
KLayout v3.0c M
This is most likely due to the cookie hack detection in Jul's firewall (aka Xkeeper's secret firewall.php).
My best guess is that it detects "exec" as an hack attempt (considering how exec can be used in PHP, there's a good reason for that) and bans the offending cookie.

I guess that's unfortunate string naming.

____________________
Xkeeper

Level: 263


Posts: 21340/25353
EXP: 297177456
For next: 1782997

Since: 07-03-07

Pronouns: they/them/????????

Since last post: 4 days
Last activity: 3 hours
Posted on 09-09-14 07:27:52 AM Link | Quote
only a month late but this is the case, kind of an unfortunate happening

the filter for that isn't meant to actually block any exploits (cookies are not used here for anything but login data after all) but to immediately end any malicious bot sessions

I think I checked at one point and there had been about 3 or 4 people who got hit with it (maybe 5) so it isn't very widespread, and with the interest in that returning to normal it shouldn't happen again

____________________
Next newer thread | Next older thread
Jul - Meta - Strange Auto-Ban New poll - New thread - New reply


Rusted Logic

Acmlmboard - commit 47be4dc [2021-08-23]
©2000-2022 Acmlm, Xkeeper, Kaito Sinclaire, et al.

29 database queries.
Query execution time: 0.110129 seconds
Script execution time: 0.027568 seconds
Total render time: 0.137697 seconds