this is a thinly-veiled way to ask how the dupe works
plsgo
From a programming/computer science perspective, how did the mechanics of the duplication glitch work?
From the little of what I understand, it involved submitting multiple processing requests to the central servers, resulting in multiple duplicate responses, resulting in the duplicated items...correct me if I'm wrong?
No need to go into the actual how-to, of course. I'm just curious to know what went wrong between us clicking the button and the request reaching their servers that would result in the duplication.
this is a thinly-veiled way to ask how the dupe works
plsgo
u 'mirin?
Sakuras (10-03-2014)
An application stack that may as well be leveraging UDP because instead of viewing a request with the exact same data as a duplicate, it happily processed it.
| (10-03-2014),2e a p j03 (10-03-2014),visionarix (10-03-2014)
---------- Post added at 08:51 AM ---------- Previous post was at 08:45 AM ----------
So in other words, because the server was lagging so badly, if a user was capable of sending multiple requests, the host would see it as separate requests rather than just an identical, repeated one?
---------- Post added at 08:52 AM ---------- Previous post was at 08:51 AM ----------
Already know how to dupe, since it was posted here earlier this week, but thx for your prejudice. You can go nowOriginally Posted by Miri
Been here longer than you sweetie, you can't tell me anything. Bye
u 'mirin?
Sakuras (10-03-2014)
Nah.
Why is everyone being so rude to each other? :l
If the transactions got to the server quickly enough, whatever tiny bit of sanity checking it was doing on the first POST wasn't completed by the time it saw the second one. It's so incredibly preventable that it's sad. They've been having people put things into shops for 15 years now and somehow still don't have it figured out?
Edit: I just remembered something. Neopets, unlike most sites, uses HTTP 1.0 instead of HTTP 1.1. That means a separate TCP connection for every HTTP Request. With that in mind, their piece of shit site couldn't have simply discarded the second transaction for having duplicate SEQ data because the previous TCP connection would have already been torn down. They'd have to rely on other logic, like not having a freakin user be able to create new objects in their database.
Last edited by Cript; 10-03-2014 at 08:18 AM.
Cabbage (10-03-2014),Daviid(10-03-2014),j03 (10-03-2014),mt5o5bd (10-03-2014),visionarix (10-03-2014)
@(you need an account to see links) fuck off pls. you've literally been here for not even a month. do less. as in don't be a dick to @(you need an account to see links).
well then.
yea cript has it down pretty , gotta ask. With them actually processing the second request, do you think they share ID? or?
I didnt really understand too well until Steven linked me a video about basic hacking. Now if I can find it :s
Posting Permissions
