Xbox Live Vulnerability Exposed! Microsoft Ignored The Truth

most viewed right now
 43
Image(s) inside Uncle Murda Comments On Chinx's Killer Who Is Linked To Him!
86 comments
@hiphop
most viewed right now
 37
Image(s) inside 50 cent Ex likes photo of his shooter Hommo on IG
69 comments
@hiphop
most viewed right now
 26
Nicki Minaj speaks up against White rappers taking over the charts
166 comments
@hiphop
most viewed right now
 26
NBA New NBA logo? 👑🔥🔥🔥
46 comments
@sports

section   (0 bx goons and 1 bystanders) Share this on Twitter   Share this on Facebook
 

Props Slaps
 6 years ago '11        #21
dom 30 heat pts30
space
space
space
$8,349 | Props total: 204 204
 Jesszman said:
Son, the second level of the demo was amazing.
No Jezzsman it wasnt amazing. It was amazing when I seen it in God of War then it was amazing again when I seen it in Devil May Cry, And he is corney a.ss fu*k because CAPCOM know Akuma dont have 6 fu*kin Arms
 01-13-2012, 01:23 AM         #22
One Gud Cide 
space
space
space
$n/a | Props total:  
 DominationCM said:
So once again Microsoft could have prevented some really bad sh*t from happening and didnt. Microsoft makes money off this sh*t. I cant wait to read what DJ, flawless image and the rest of Xbox's cronies say about this sh*t.

Hey wait they havent responded yet. Lets really pay attention to the first thing they mention. I bet yall they gonna do 1 or 2 things- Attack Jezzsman for posting this thread or bring up issues with Sony. There's NOTHING IN THIS ARTICLE ABOUT SONY. THIS HAS NOTHING TO DO WITH SONY. There going to be the one's to bring Sony into this. Watch and see. There going to defend Microsoft for having bush league a.ss security. peep game
You don't see a slight difference between a company's server being directly hacked, thousands of account info stolen due to their sh*tty security vs. someone finding random email addresses and then guessing the password?

k.
 6 years ago '04        #23
Liquid-Science 28 heat pts28
space
space
space
$17,502 | Props total: 793 793
that's how anyone or anything gets hacked...this is not news

you find an email and use something like access diver to try a bunch of passwords on it
 6 years ago '07        #24
I bleed GREEN 34 heat pts34
space
avatar space
space
$22,692 | Props total: 17952 17952
 DominationCM said:
I knew I was going to get your attention not by mentioning your name but by capitalizing SONY. But on a real note it dont matter if its SONY or Microsoft getting your sh*t jacked by a bi*ch a.ss hacker isnt funny at all
yeah im sure that was it,youre more delusional than i thought
 6 years ago '11        #25
Jesszman 2209 heat pts2209 OP
space
space
space
$29,855 | Props total: 208 208
 Flawless Image said:
yeah im sure that was it,youre more delusional than i thought
He did exactly what he said he was going to do bro. He mentioned your name and you fell for it, your post first post even responded to him rather than address the article.
 6 years ago '07        #26
I bleed GREEN 34 heat pts34
space
avatar space
space
$22,692 | Props total: 17952 17952
 Jesszman said:
He did exactly what he said he was going to do bro. He mentioned your name and you fell for it, your post first post even responded to him rather than address the article.
only cause he mentioned my name not "SONY",i read through all posts in a thread before posting you dont think i would respond to someone mentioning my name lol.

and i addressed the article in the end of my post
 6 years ago '05        #27
Krazie 134 heat pts134
space
avatar space
space
$45,910 | Props total: 21067 21067
There still isn't proof that this is THE major security flaw. It still points 100x more towards users being unaware of their own account security.
 6 years ago '04        #28
DJKromeX 39 heat pts39
space
avatar space
space
$1,303 | Props total: 0 0
 DJ Krayzie said:
There still isn't proof that this is THE major security flaw. It still points 100x more towards users being unaware of their own account security.
Its a security flaw because on any other site when you try login more then 4 or 5 times with the incorrect password , you get locked out. Even boxden has this feature lol. I entered over 80 login attempts and didn't get one email informing me. You don't see in a flaw that?
 01-13-2012, 07:18 AM         #29
SOCIALITE 
space
space
space
$n/a | Props total:  
...why does it always have to be people singling out companies like 99% of all major companies are making millions and billions of dollars and lack in caring about the customers. It's life. All you can really do is take your loss in situations like this. Going from Xbox to ps3 or Wii or whatever you still can be hacked and those companies don't care of your existence either. Why feel betrayed by the inevitable.
 6 years ago '10        #30
Bass G 16 heat pts16
space
avatar space
space
$17,321 | Props total: 547 547
 One Gud Cide said:
You don't see a slight difference between a company's server being directly hacked, thousands of account info stolen due to their sh*tty security vs. someone finding random email addresses and then guessing the password?

k.
What company?

You know you wanna say it.


Last edited by Bass G; 01-13-2012 at 07:53 AM..
 6 years ago '04        #31
emfan 
space
space
space
$265 | Props total: 0 0
where are all the PSN bashers?
 01-13-2012, 07:52 AM         #32
One Gud Cide 
space
space
space
$n/a | Props total:  
 DJKromeX said:
Its a security flaw because on any other site when you try login more then 4 or 5 times with the incorrect password , you get locked out. Even boxden has this feature lol. I entered over 80 login attempts and didn't get one email informing me. You don't see in a flaw that?
no because if people were smart....not even smart, just had a semblance of intelligence than it would be near impossible to guess their password. you can try 80,000 times and I guarantee you that you will never get mine, because I'm not an idiot.


again, if you get your password randomly guessed than you deserve it
 6 years ago '04        #33
DJKromeX 39 heat pts39
space
avatar space
space
$1,303 | Props total: 0 0
 One Gud Cide said:
no because if people were smart....not even smart, just had a semblance of intelligence than it would be near impossible to guess their password. you can try 80,000 times and I guarantee you that you will never get mine, because I'm not an idiot.


again, if you get your password randomly guessed than you deserve it
The point is
1) Normally, a login-system does not (and should not provide) whether an incorrect login-attempt contained a valid username.
2) Secondly, after X failed attempts, further tries to log-in are usually prevented (especially to avoid brute-forcing).
According to the article, neither of these steps were taken for (or were circumventable with) Xbox.com. Both of these exist EXACTLY to make brute-forcing password less feasible.

So if somebody wanted to get into your account, it might take the software 100,00 times to get in but they WILL get in with time.


Shout outs to Jesszman saving the world one xbox at a time
 6 years ago '05        #34
P-Hill|M 26 heat pts26
space
avatar space
space
$37,093 | Props total: 10785 10785
Definitely a flaw in how Microsoft (and whoever else) programmed the error handling on the website.

When I make apps that require user authentication, regardless of what's right and/or wrong, they get prompted with a message that says "Invalid username or password. Try again." No hints detailing whether the username even exists. Then you get locked out. Forgot your password? Sure, you can reset by providing your e-mail, but I won't let you know whether or not the e-mail is valid. You'll just get the "reset link has been emailed" message.

sh*t like this is what prompts brute force attacks in the first place and I'm honestly quite tempted to create some kind of hash of what I would usually use as a password and set that for all my accounts.

This sh*t could easily be fixable in less than 3 lines of code LOL


Last edited by P-Hill; 01-13-2012 at 09:38 AM..
 6 years ago '06        #35
Soraci7 34 heat pts34
space
avatar space
space
$14,081 | Props total: 39 39
 One Gud Cide said:
This isn't Microsofts problem at all. You can do this on literally every single site/form/etc that has a username and pass. All they're doing is trying to guess your password.



If you're still stupid enough to use passwords like "12345" "password" etc, then basically you deserve to have your account stolen.

People think "oh it says mix upper/lowercase letters, mix in numbers, and don't use words" it's just written there for no reason.
What do you mean it's not M$'s problem.

A) It's a paid service, not free.

B) Guessing your password takes numerous attempts and failures before one variation works, the program apparently will let as many failed attempts happen without any sort of ramification.

Stop excusing something thats apparently flawed. You're either biased or dumb.
 6 years ago '06        #36
Soraci7 34 heat pts34
space
avatar space
space
$14,081 | Props total: 39 39
 DJ Krayzie said:
There still isn't proof that this is THE major security flaw. It still points 100x more towards users being unaware of their own account security.
Not at all, it's the security program on the site. It's not the user's fault that M$ lets X amount of attempts without locking up. You're speaking as if it's some amateur free service bruh.

I've noticed you excuse everything M$ does. Honestly, it's a company not a friend or family member.


Last edited by Soraci7; 01-13-2012 at 10:38 AM..
 6 years ago '05        #37
Y.G. 27 heat pts27
space
space
space
$41,657 | Props total: 13768 13768
Why are phaggots in here acting like this is an Xbox exploit? This is a Windows Live exploit. On top of that, Microsoft can correct this in 5 minutes.

Gay n*ggas still mad they couldn't log on PSN for 2 months.
 6 years ago '04        #38
Da Ill One|M 4602 heat pts4602
space
avatar space
space
$45,509 | Props total: 4992 4992
 Y.G. said:
Why are phaggots in here acting like this is an Xbox exploit? This is a Windows Live exploit. On top of that, Microsoft can correct this in 5 minutes.

Gay n*ggas still mad they couldn't log on PSN for 2 months.
I mean it's both really...yeah they are getting in through Windows Live BUT they are buying stuff on People's Xbox Live accounts...so it's really affecting both...and I'm pretty sure the main point of the article is that MS HASN'T fixed it yet even though it takes about 5 minutes and 3 lines of code... the point is it isn't fixed....

This still isn't really a hack...just proves that both Sony and MS are fu*king idiots
 6 years ago '04        #39
DJKromeX 39 heat pts39
space
avatar space
space
$1,303 | Props total: 0 0
Since posting the article late last night I've been able to hack 3 accounts (with permission alphabet boys) The fastest was 2 hours and a few minutes to hack one account. The information that you have access to after you in is also a gold mine.
 6 years ago '08        #40
el bundy 27 heat pts27
space
avatar space
space
$6,524 | Props total: 120 120
 Y.G. said:
Why are phaggots in here acting like this is an Xbox exploit? This is a Windows Live exploit. On top of that, Microsoft can correct this in 5 minutes.

Gay n*ggas still mad they couldn't log on PSN for 2 months.
i never realized 3 weeks=2 months. someone here cant count.
Home      
  
 

 






most viewed right now
 15
What's the best punchline you heard this year?
100 comments
23 hours ago
@hiphop
most viewed right now
 14
Erykah badu shows that fur burger
91 comments
1 day ago
@thotsdimesetc
most viewed right now
 11
Image(s) inside Dec 15 - China is raising the next generation of African elites by tra..
44 comments
1 day ago
@news
most viewed right now
 8
Image(s) inside Might let her meet the parents
81 comments
1 day ago
@thotsdimesetc
most viewed right now
 7
Image(s) inside XXXTentacles facing 77 years in jail :niggaomg:
185 comments
1 day ago
@hiphop
most viewed right now
 6
Image(s) inside Who are these washed up niggas next to Drake?
60 comments
1 day ago
@hiphop
most viewed right now
 5
50 cent did something to Comedienne Aarona Lopez. She has her friends worried!!!
110 comments
1 day ago
@hiphop
most viewed right now
 4
Article inside NBA2K18 Is Removing User Made Content From The Game
45 comments
1 day ago
@games
back to top
register contact Follow BX @ Twitter Follow BX @ Facebook search BX privacy