nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: IPv4 Games

From: Dan Mahoney via NANOG <nanog () lists nanog org>
Date: Sat, 16 Aug 2025 14:31:23 -0700



On Aug 16, 2025, at 14:29, Dan Mahoney <danm () prime gushi org> wrote:

*sigh*

Short answer: OP did not put a game on the internet, they put a poorly coded CTF sandbox that does no input 
verification (doesn’t check referrers, doesn’t look at the http user-agent, doesn’t require login, doesn’t check 
cookies, doesn’t have a nonce in the form that’s checked) and invites people to gamify it, and even now seems not to 
understand the problem and why this is an issue.  A few bored developers who understand HTTP and HTML forms way 
better than OP found it, and OP is inviting more people to do the same things rather than fixing his “game”.


One important edit to this: I did not mean to misgender or mispronoun, I meant to use more neutral terms and missed the 
possesive at the end.  If I did, I apologize.

-Dan
_______________________________________________
NANOG mailing list 
https://lists.nanog.org/archives/list/nanog () lists nanog org/message/B532GJYR3FPMC3CNWG4Z7JJR6G5YIFVE/
Previous By Date Next
Previous By Thread Next

Current thread: