The Rickrolling: Why I did what I did
Just letting you know I'm undoing the changes I did earlier, I had no intention of leaving it up for any prolonged length of time. Yes, I was the guy who "hacked" some of the older posts. I just really wanted to show people how old and vulnerable the site really is.
I'm well aware that the admins know about the issues in the site, even within the past couple of months they added Cloudflare WAF to the post search page to protect users and even slayerduck has said the site needs replacing. But the lack of urgency to fix the problems, especially when users are at risk isn't tolerable. In doing this in such a public manner I hope they'll be more urgent in addressing the problems. Sorry if I caused you admins any stress; don't worry, I'm not out to hurt you.
I care about this site, I really do. I just want to feel safe when using it. Maybe there was a better way to do this, if there was I don't know how, but it is what it is. I'm not gonna disappear, I'll send in bug reports, I hope it'll get better from here.
Note to Users:
None of your data was compromised, if you viewed the posts.
Although, if someone was malicious they could have stolen your account easily.
The script just that changes the post's image to a rickroll and creates that popup box.
Here's the script that was loaded:
setTimeout(() => { image.src = `rr.noordstar.me/static/rick.gif`}, 2000); setTimeout(() => {alert(`Inform the site owner, that they should use a more secure booru: pastebin.com/66KaEV1x`)}, 6000);
I'm well aware that the admins know about the issues in the site, even within the past couple of months they added Cloudflare WAF to the post search page to protect users and even slayerduck has said the site needs replacing. But the lack of urgency to fix the problems, especially when users are at risk isn't tolerable. In doing this in such a public manner I hope they'll be more urgent in addressing the problems. Sorry if I caused you admins any stress; don't worry, I'm not out to hurt you.
I care about this site, I really do. I just want to feel safe when using it. Maybe there was a better way to do this, if there was I don't know how, but it is what it is. I'm not gonna disappear, I'll send in bug reports, I hope it'll get better from here.
Note to Users:
None of your data was compromised, if you viewed the posts.
Although, if someone was malicious they could have stolen your account easily.
The script just that changes the post's image to a rickroll and creates that popup box.
Here's the script that was loaded:
setTimeout(() => { image.src = `rr.noordstar.me/static/rick.gif`}, 2000); setTimeout(() => {alert(`Inform the site owner, that they should use a more secure booru: pastebin.com/66KaEV1x`)}, 6000);