EVE Search - Warning! BACON contains keylogger

All Channels

EVE General Discussion

Warning! BACON contains keylogger

» Click here to find additional results for this topic using Google

Monitor this thread via RSS [?]

Pages: [1] 2 3 4 5 :: one page
Author	Thread Statistics \| Show CCP posts - 1 post(s)
Schani Kratnorr x13	Posted - 2008.04.23 10:19:00 - [1] I had a friend (software engineer) look at the source for giggles, and today he e-mailed me back: Translated from my native tongue: Quote: hi I just finished the project and have had a few hours to look at the code you sent. At first glance, there doesn't seem to be anything fishy about it, a fresh install (TQ client and 'bacon') throws up all kinds of warnings. In many ways, the LogServer.exe supplied by CCP resembles the test suite we used a couple of years ago. I did find a a few non-critical security issues before running into the worst. Long story short, I would not execute the code unlesss I wanted to give away my username-password combination. The source and binaries you linked contain a kind of proxy. Once installed, it hides as a service. It acts much like the userhelp-app we used a while back in that it simply listens for events. Instead of crashes and connection problems, it appears to collect the login credentials. I will have a look at the proxy next week if I have the time, but to answer your question; DO NOT run this! Cheers, David L. I have known David for a long time and used to work with him with software quality assurance. He knows his stuff and when he says something about a peice of software, I listen. The community can make up it's own mind, but I am not gonna run this code anywhere near a computer running eve.
Eternal Hatred Amarr Pantsu Garu Limited Technologies	Posted - 2008.04.23 10:22:00 - [2] Edited by: Eternal Hatred on 23/04/2008 10:28:36 "Drama drums.. they echo in the distant!" THIS SPACE FOR SALE: CONTACT MY MAIN INGAME TO RESERVE THIS SPOT FOR AD'S OR SO ON! _________________ It's great being an Amarr, isn't it??? :(
eeevans Four Rings Phalanx Alliance	Posted - 2008.04.23 10:23:00 - [3] obvious troll is obvious
Barzam School of Applied Knowledge	Posted - 2008.04.23 10:24:00 - [4] Dumdum-duuum!!! Honestly though, would they be THAT stupid? Fine, if it was a clandestine Goon program run by a few inner-circle people that are not prone to disassembling it, but an open-source released program, containing the actual spyware code in it? Lol?
Liang Nuren Black Sea Industries Insurgency	Posted - 2008.04.23 10:25:00 - [5] Can you ask him which file / line(s) he suspects? -Liang -- Naturally, I do not in any way speak for my corp or alliance.
CyberCommunist	Posted - 2008.04.23 10:25:00 - [6] I've lost 350mil because of this keylogger! Don't download this!
Lorna Loot Caldari Nox Eternus	Posted - 2008.04.23 10:27:00 - [7] Originally by: Barzam Dumdum-duuum!!! Honestly though, would they be THAT stupid? Fine, if it was a clandestine Goon program run by a few inner-circle people that are not prone to disassembling it, but an open-source released program, containing the actual spyware code in it? Lol? It is hydra, never underestimate the stupidity available. --------------------- Nox Eternus is Recruiting, contact me or Sgt Shazz ingame for info.
Nicholas Barker MASS Ministry Of Amarrian Secret Service	Posted - 2008.04.23 10:30:00 - [8] Edited by: Nicholas Barker on 23/04/2008 10:31:33 Originally by: CyberCommunist I've lost 350mil because of this keylogger! Don't download this! was that not hammerfall industries? ---
Sleepkevert Amarr Rionnag Alba Triumvirate.	Posted - 2008.04.23 10:31:00 - [9] Succesfull troll is successfull... _ Sign my sig!
CyberCommunist	Posted - 2008.04.23 10:31:00 - [10] Originally by: Nicholas Barker Originally by: CyberCommunist I've lost 350mil because of this keylogger! Don't download this! was that not hammerfall enterprises? Yea they were! Login data goes right to the Hammerfall Industries
Ethaet Gallente Aliastra	Posted - 2008.04.23 10:32:00 - [11] lol, if people actually used BACON then they almost deserve this Seriously, we need some kind of separation between the post and signature.
Asuka Smith Gallente StarHunt Fallout Project	Posted - 2008.04.23 10:32:00 - [12] Edited by: Asuka Smith on 23/04/2008 10:33:51 Just what all the meta-gamers deserve! edit: But yeah tell me which lines I need to look at to see this key-logger/service?
Riho Gallente Mercenary Forces	Posted - 2008.04.23 10:33:00 - [13] Edited by: Riho on 23/04/2008 10:34:01 Originally by: Barzam Dumdum-duuum!!! Honestly though, would they be THAT stupid? Fine, if it was a clandestine Goon program run by a few inner-circle people that are not prone to disassembling it, but an open-source released program, containing the actual spyware code in it? Lol? because most ppl think its open source and dont acctually check it... because they think: if its open source then it must be clean of ****. if i have time tonight ill have look also at the code :) EDIT: if someone looses stuff ingame because they pws where stolen... id laugh my ass off :P serves you right :D ---------------------------------- Yes... this is my main. Extreme Troll Slayer...
Nguyen VanPhuoc Minmatar The Halibuts	Posted - 2008.04.23 10:36:00 - [14] Originally by: CyberCommunist Originally by: Nicholas Barker Originally by: CyberCommunist I've lost 350mil because of this keylogger! Don't download this! was that not hammerfall enterprises? Yea they were! Login data goes right to the Hammerfall Industries \o/ _o_ \o_ _o/ STOP! ___________________ What was that word young man!?!
Ki An Gallente Filiolus Of Bellum	Posted - 2008.04.23 10:38:00 - [15] As someone else said, anyone getting their pw stolen when using Bacon deserves nothing but scorn. CCP won't help them either \o/ Filiolus of Bellum is recruiting
FreakmasterMcFreakington	Posted - 2008.04.23 10:40:00 - [16] Ive found the program also contains a 'code vampire' that steals your internets.
Barzam School of Applied Knowledge	Posted - 2008.04.23 10:44:00 - [17] I checked through the code myself quickly and I've found no evidence of any "hidden service" or reporting to an unknown source. Feel free to dig further than I did however. All the code I found was setting up of file watches on the logfiles that the LogServer creates and tie-ins with the EVE API libraries using EVE API codes. No secret keystroke listeners or uploading of strange data to somewhere.
Asuka Smith Gallente StarHunt Fallout Project	Posted - 2008.04.23 10:46:00 - [18] Originally by: Barzam I checked through the code myself quickly and I've found no evidence of any "hidden service" or reporting to an unknown source. Feel free to dig further than I did however. All the code I found was setting up of file watches on the logfiles that the LogServer creates and tie-ins with the EVE API libraries using EVE API codes. No secret keystroke listeners or uploading of strange data to somewhere. Kidna wish it did though huh.
Soran Diag	Posted - 2008.04.23 10:47:00 - [19] Is this "service" not just the log server?
Lin Haraka Legio Conquistus Sylph Alliance	Posted - 2008.04.23 10:47:00 - [20] Serves BACON-eers right
Altaree Red Frog Investments Blue Sky Consortium	Posted - 2008.04.23 10:47:00 - [21] Proof or STFU troll! Blue Sky
Garia666 Amarr T.H.U.G L.I.F.E White Core	Posted - 2008.04.23 10:49:00 - [22] wtf is bacon? Quote: CCP Chronotis Amarr boost is coming in a future dev blog, lets keep this on topic
FreakmasterMcFreakington	Posted - 2008.04.23 10:49:00 - [23] Thats not true. My good friend Bartholemew who is a genius, told me that Bacon can use the matrix to burgle my flat and interfere with my cats in a way which the forums will not let me type. Ive already lost a Flatscreen TV and some socks!
Garia666 Amarr T.H.U.G L.I.F.E White Core	Posted - 2008.04.23 10:51:00 - [24] i found this! http://www.massively.com/2008/04/21/proximity-alerts-controversial-in-eve-online/ Quote: CCP Chronotis Amarr boost is coming in a future dev blog, lets keep this on topic
Barzam School of Applied Knowledge	Posted - 2008.04.23 10:57:00 - [25] I'd like to amend my previous analysis. The code in question that this guy is talking about is probably the "HighTower" modules, which contain references to submitting data to: "http://gunfleet.org/hightower" (bacon\UI\Web References\hightower\Reference.cs) As far as I understand, this is the old functionality existing in BACON to report the log-announcements made to a central server (the part that they removed to comply to EULA) The code in this version 1.0.0.2 that references these routines (in SubmitHandler.cs) seem to be commented out in NotifyHandler.cs For more information see files: bacon\UI\Web References\hightower\Reference.cs bacon\UI\SubmitHandler.cs bacon\UI\NotifyHandler.cs So, to Mr. OP - Your friend didn't really bother to read the code carefully obviously, and now you've created drama and suspision for no reason whatsoever. I can't say I spent more than 2 minutes reading the code however, so anyone who actually isn't at work and have time to analyse it further and want to verify what I've said can do so please.
Rashmika Clavain Gallente Aliastra	Posted - 2008.04.23 10:59:00 - [26] Originally by: CyberCommunist Yea they were! Login data goes right to the Hammerfail Industries I've corrected the glaring errors in your statement... now could you please stop trolling for Hammerfail? Kthx!
Segge Bolled Caldari Dirty Sexy Pilots New Age Solutions Amalgamated	Posted - 2008.04.23 11:07:00 - [27] So ... I bought some really nice trousers in Camden.
Tzar'rim Reckless Corsairs	Posted - 2008.04.23 11:18:00 - [28] I'm gonna laugh so hard if this is actually true and we'll see a whole lot of "I quit, bored with the game" kind of posts in the near future :P
Abrazzar	Posted - 2008.04.23 11:20:00 - [29] Geez. Of course if you eat the bacon with your fingers you will leave lard marks all over your keyboard. Use a knife and fork like civilized people! -------- Ideas for: Mining Clouds
Barzam School of Applied Knowledge	Posted - 2008.04.23 11:28:00 - [30] Originally by: My JitaTradeAlt Edited by: My JitaTradeAlt on 23/04/2008 11:27:49 Originally by: "RequestProcessor.cs" sb.Replace("url=", ""); sb.Replace("http://", "h/"); sb.Replace("api.eve-online.com", "ae"); sb.Replace("xml.aspx", "xa"); sb.Replace("characterID", "c"); sb.Replace("char", "ch"); sb.Replace("corp", "cp"); sb.Replace("WalletTransactions", "WT"); sb.Replace("WalletJournal", "WJ"); sb.Replace("userID", "u"); sb.Replace("account", "a"); sb.Replace("before", "b"); That's part of the EVE Online API library API functions to fetch data through an API-key -_- Seriously...

Pages: [1] 2 3 4 5 :: one page
First page \| Previous page \| Next page \| Last page

COPYRIGHT NOTICE
EVE Online, the EVE logo, EVE and all associated logos and designs are the intellectual property of CCP hf. All artwork, screenshots, characters, vehicles, storylines, world facts or other recognizable features of the intellectual property relating to these trademarks are likewise the intellectual property of CCP hf. EVE Online and the EVE logo are the registered trademarks of CCP hf. All rights are reserved worldwide. All other trademarks are the property of their respective owners. CCP hf. has granted permission to EVE-Search.com to use EVE Online and all associated logos and designs for promotional and information purposes on its website but does not endorse, and is not in any way affiliated with, EVE-Search.com. CCP is in no way responsible for the content on or functioning of this website, nor can it be liable for any damage arising from the use of this website.

It's great being an Amarr, isn't it??? :(