Back to Epicmafia

Oracle is potential spyware

deletedabout 7 years

So I just downloaded Oracle and I performed a login on EM and looked under Chrome's network activity tab and this is what Oracle is doing.

https://imgur.com/a/z1JnL

If you look at the part that is boxed in red, you can see that EVERY time you log in, Oracle is automatically sending a GET request to the following ip address: http://45.63.17.67/

Included with that request are a few suspicious parameters. I believe the p parameter (circled in red) is a hashed version of your password.

So whats probably going on is...every time you log in...Oracle takes a copy of your password, sends it to 45.63.17.67 (a server that is "epicmafia.net" and saves it somewhere. So the extension is just building a database of usernames and passwords.

For reference..here is what a log on looks like without Oracle.

https://imgur.com/a/9K1ov

Notice how without Oracle there is just a simple login POST to epicmafia.

You can try this yourself with the following steps.

Install Oracle on the chrome web store

Log out of your account

Right click on your screen and click inspect element

Go to the Network tab

Perform a login

Then you'll see in the network tab that your browser is making a get request to an ip address owned by lailai and its sending a few hashed parameters

There is no reason why Oracle needs to make this request. Nothing about oracle's functionality requires it. It's very likely that it is just logging your password and saving it

deletedabout 7 years
Haha, with my new Oracle software, Epicmafia injustice will not go unpunished! Beware, evil-doers, for I am a moderator!
Shwartz99
about 7 years
This is why Epicmafia Enhancement Suite is better. Thanks, croned!
The
about 7 years

xxerox says

Why would he get arested for this... People hack sites all the time and don't get punished.


Because they don't get caught/are anonymous
xxerox
about 7 years
If he hacked it for paypal or etc etc, then yeah, thats bad, but if he hacked it just for epicmafia...
Jeff
about 7 years
I wonder how many people use their Epicmafia passwords for their bank accounts.
deletedabout 7 years
holy sht lmfaooooo
xxerox
about 7 years
Why would he get arested for this... People hack sites all the time and don't get punished.
somethingwhatever
about 7 years
god if this flows into IRL im gonna laugh so much
one side i think what he did is awesome and so he should go unpunished
on the other side if he gets arrested for this, it will be hilarious
deletedabout 7 years

Dalypso says


Anacletus says

i think that anyone who cares enough about epicmafia to install an epicmafia browser addon deserves their paypal to be broken into and also put to death


in what order?


the admins then the people who still play competitive then the pedophiles then the weebs
deletedabout 7 years
Think about it: Mod team spends all this time trying to catch cheaters at epicmafia, has spyware installed to do it


It's funny on so many levels. Like an onion.
Jeff
about 7 years
PUT HIM IN JAIL LMAOOOO.
deletedabout 7 years

Anacletus says

i think that anyone who cares enough about epicmafia to install an epicmafia browser addon deserves their paypal to be broken into and also put to death


in what order?
shaGuar
about 7 years
Registrar Abuse Contact Email: abuse @ namecheap.com
Registrar Abuse Contact Phone: +1.6613102107

If you want to shut his s­hit down here's the domain contact info
deletedabout 7 years
i mean it made sense. i dont really follow the current mod team

but from an outsider's perspective, it looks like the mods treated him like dirt so i get why he did it

not that its okay though
somethingwhatever
about 7 years
lailai rules now honestly
deletedabout 7 years
i think that anyone who cares enough about epicmafia to install an epicmafia browser addon deserves their paypal to be broken into and also should be put to death
xxerox
about 7 years
Yo, bell, add me in lol . I want to see what is happening :3
deletedabout 7 years

Jeff says

LMFAOOOOO. The dude literally became admin, set up a way to hack everyone, then left on claims of mental illness while leaving his script running and collected everyone’s passwords.


Brilliant, honestly
The
about 7 years

shaGuar says

What do you guys think.. did he throw that code in at the last second, or was it his plan all along when writing the thing


He added the code in when he went on that trip to the US with other EM users. I thought it was odd he'd be updating his extension during that time
xxerox
about 7 years

Miki says


xxerox says


The says

Lailai currently has the password of everyone who is using the script. Uninstall immediately and change your password.


Who would even install Oracle.. -.- Your lazyness to do things the "easy way" got you here.

Any reasonable person did not install it.


scripts can be pretty useful for mods


I urged the mods to not install it.
jess
about 7 years
i got drunk w lailai lmfao
somethingwhatever
about 7 years
its too bad lucid doenst log in enough to know and have used oracle
Jeff
about 7 years
LMFAOOOOO. The dude literally became admin, set up a way to hack everyone, then left on claims of mental illness while leaving his script running and collected everyone’s passwords.
deletedabout 7 years
This is why you never logout and use saved passwords. They can't keylog you if you don't type your password.
Miki
about 7 years

xxerox says


The says

Lailai currently has the password of everyone who is using the script. Uninstall immediately and change your password.


Who would even install Oracle.. -.- Your lazyness to do things the "easy way" got you here.

Any reasonable person did not install it.


scripts can be pretty useful for mods