Adblock breaks this site

Runescape Applet - Insecure?

Discussion in 'Programming General' started by Pixelated, Oct 23, 2009.

  1. Pixelated

    Pixelated Newcomer

    Joined:
    Nov 1, 2007
    Posts:
    2
    Referrals:
    0
    Sythe Gold:
    0
    Runescape Applet - Insecure?

    Hey there,

    I stumbled across something interesting; is it known that the Runescape applet stores the last password-attempt, without any encryption, in plain String format? Seems odd to me - but it's there.

    Not that it opens up any major security issues, but it's the sort of thing that one expects to not be present in a pretty well-developed game. Any ideas?
     
  2. super_

    super_ Member

    Joined:
    Dec 20, 2008
    Posts:
    91
    Referrals:
    0
    Sythe Gold:
    0
    Runescape Applet - Insecure?

    ... did you know microsoft office stores last serial attempt, without any encryption, in plain text format?
     
  3. Pixelated

    Pixelated Newcomer

    Joined:
    Nov 1, 2007
    Posts:
    2
    Referrals:
    0
    Sythe Gold:
    0
    Runescape Applet - Insecure?

    Indeed. Perhaps I should have known to expect such irrational posting from the people here, Runescape's (cheating) community is full of it.

    Enjoy.
     
  4. super_

    super_ Member

    Joined:
    Dec 20, 2008
    Posts:
    91
    Referrals:
    0
    Sythe Gold:
    0
    Runescape Applet - Insecure?

    i don't think you understand... the password would HAVE to be stored somewhere in plaintext within the java heap.
     
  5. Zank

    Zank Newcomer

    Joined:
    Oct 26, 2009
    Posts:
    14
    Referrals:
    0
    Sythe Gold:
    0
    Runescape Applet - Insecure?

    I don't see how this could be exploited at all. Haha. However, I agree that it is somewhat strange that Jagex would do this.
     
< Java Conventions + Basics | [Moperscape] Webclient. >


 
 
Adblock breaks this site