My Outdated ScriptsEdgeville Log Cutter | Edgeville AIO Jewelry | AIO Pickpocketer | Urn Activator | Slayer Tower | Slaying KuradalMy Working Scripts: Tutorials:Function Pointers and Why You Should Care! | Forms and Saving Settings | The Magic Behind Programming Tutorial | Recursive Recursion![]()
Well then, I concede that point quite instantly. I've already taken that and done some things that should not be able to happen in simba. I think this is a pretty big risk in the fact of what should not be capable and that functionality should be removed shortly. In the meanwhile, it may be for the best to not keep that specific command allowing for that public while we try and see if we can get simba to not do that. Would you be willing to perhaps comment that out and we try to simply not publicize this for any who may do harm?
Edit: could some SSRL or admin comment on why this is even capable and whether or not that should be capable?
@Daniel?
My Outdated ScriptsEdgeville Log Cutter | Edgeville AIO Jewelry | AIO Pickpocketer | Urn Activator | Slayer Tower | Slaying KuradalMy Working Scripts: Tutorials:Function Pointers and Why You Should Care! | Forms and Saving Settings | The Magic Behind Programming Tutorial | Recursive Recursion![]()
Lol
The point of this thread was the point out the numerous security flaws in simba. Tealc also proved a point that besides simply stealing an RS password, it's quite possible to run other things with simba that can cause MUCH more harm. Those who say that all the public scripts posted on here are safe are ignorant. It takes one second for someone to use their auto-updater to download a malicious script; they don't even have to post the "keylogged" version publicly.
If I was keylogged, I'm really surprised that they only targeted my WORST account, and not my other accounts with thousands worth of stuff.
I thought the point was to say that you know for a fact simba hacked you?
Again, go through the script versions on their github or google code and tell me where they put in the malicious code (unless they used another website, let us know which one they us to keep track of versions from).
Ex: https://code.google.com/p/ashamanred...er/source/list
Red & Green Salamander Hunter // Construction // Gilded Altar // Major help w/ Kyles Runespan // VWB Smither // PhoenixFeathers // GemCutter // Bonfire // LRC Miner // Spell Tab Maker // ApeAtollAgility // IvyWC // RoguesCooker // Herblore // AshamanButterfly // AshamanPowerMiner // Fletcher // LividFarm
For now I've removed my mentions to the function name. I don't see why this should be removed, pretty sure the same thing can easily be done from a plugin.
@OP sorry if your thread got derailed. Have you ran any virus scans? Personally I read every script I use and remove auto-updating features . On why it targeted that account. Maybe instead of being keylogged part of the script, containing your login and pin, was sent to the hacker.
Sorry about your loss, I dont really understand how some people are getting hacked, and this kinda of worries me.
player saftey is obviously a prirority for srl community but can we beef up security? auto script scanner that detects malicious activities? and adding approved scripts section only ? i know its open source but can we have it so when some one posts a topic its hidden till a mod approves it?
And add an inscript detector that if it has auto update it cant process disapproved requests (idk how auto update works) so if a scripter goes rogue he cant update his script anymore?
just a thought, player saftey is very important for me, i use simba because am one of the unlucky people that grt keylogged/booted off their acc and then hacked when evet they use other bot clients and this kinda scares me.
Ya i am one of those retards lol, but i noticed it right away and changed my password
There are currently 1 users browsing this thread. (0 members and 1 guests)