If you want an account, contact Ziggy via Discord: @ziggymoncher_. Read BonziPEDIA:Requesting accounts for more details.
Kingword Leaks: Difference between revisions
Created page with "This article provides descriptions of the times the administrative passwords (called "kingword" and "godword") were revealed to the public, or notable false positives, and the action taken to correct them. The list will be ordered from newest to oldest. == Leaks == === Godmode leak === '''Description''' - Due to a hasty FTP transfer, the settings file was accidentally placed in the frontend folder which granted everyone access to all server settings. The godword and th..." |
|||
| Line 2: | Line 2: | ||
== Leaks == | == Leaks == | ||
=== Godmode leak (March 6, 2024) === | |||
'''Godword:''' Gdansk240409 | |||
'''Description''' - Due to a hasty FTP transfer, the settings file was accidentally placed in the frontend folder [https://archive.ph/8KWYp which granted everyone access to all server settings]. The godword and the now obsolete kingword (read below) were both stored in plaintext. This was the most severe leak thanks to all the IP leaks made possible by the [[IP mute]] feature. | |||
'''Description''' - Due to a hasty FTP transfer, the settings file was accidentally placed in the frontend folder which granted everyone access to all server settings. The godword and the now obsolete kingword (read below) were both stored in plaintext. This was the most severe leak. | |||
'''Action taken''' - Godword changed and administrative passwords will be hashed from BonziWORLD 7.0.0 and onwards. Entirely new systems of authentication are open to consideration. | '''Action taken''' - Godword changed and administrative passwords will be hashed from BonziWORLD 7.0.0 and onwards. Entirely new systems of authentication are open to consideration. | ||
=== HogFear leak (February 21, 2024) === | |||
'''Kingword:''' HogFear2024 | |||
'''Description''' - The kingword was leaked due to unknown causes, it's suspected that a moderator did it but it could be due to the above data breach, as the date of the FTP transfer that caused it was unknown. | '''Description''' - The kingword was leaked due to unknown causes, it's suspected that a moderator did it but it could be due to the above data breach, as the date of the FTP transfer that caused it was unknown. | ||
'''Action taken''' - Kingwords were made unique for every moderator. The new unique kingwords are not stored in the server settings file. | '''Action taken''' - Kingwords were made unique for every moderator. The new unique kingwords are not stored in the server settings file. | ||
=== "MR JEW" fake leak === | === "MR JEW" fake leak (February 13, 2024) === | ||
'''Kingword:''' URGHABUJISTAN782 | |||
'''Description''' - False positive caused by a trial-king who also requested the demotion of a different king. | '''Description''' - False positive caused by a trial-king who also requested the demotion of a different king. | ||
'''Action taken''' - MR JEW demoted. | '''Action taken''' - MR JEW demoted. | ||
=== "GOTH" leak === | === "GOTH" leak (January 22, 2024) === | ||
'''Kingword:''' JabbaGod27 | |||
'''Description''' - GOTH was likely Moon Man, a BonziWORLD king, under a fake identity to leak the kingword. This has not been fully confirmed. | '''Description''' - GOTH was likely Moon Man, a BonziWORLD king, under a fake identity to leak the kingword. This has not been fully confirmed. | ||
'''Action taken''' - Moon Man demoted (potential re-promotion is possible). Kingword changed. | '''Action taken''' - Moon Man demoted (potential re-promotion is possible). Kingword changed. | ||
Revision as of 22:15, 11 March 2024
This article provides descriptions of the times the administrative passwords (called "kingword" and "godword") were revealed to the public, or notable false positives, and the action taken to correct them. The list will be ordered from newest to oldest.
Leaks
Godmode leak (March 6, 2024)
Godword: Gdansk240409
Description - Due to a hasty FTP transfer, the settings file was accidentally placed in the frontend folder which granted everyone access to all server settings. The godword and the now obsolete kingword (read below) were both stored in plaintext. This was the most severe leak thanks to all the IP leaks made possible by the IP mute feature.
Action taken - Godword changed and administrative passwords will be hashed from BonziWORLD 7.0.0 and onwards. Entirely new systems of authentication are open to consideration.
HogFear leak (February 21, 2024)
Kingword: HogFear2024
Description - The kingword was leaked due to unknown causes, it's suspected that a moderator did it but it could be due to the above data breach, as the date of the FTP transfer that caused it was unknown.
Action taken - Kingwords were made unique for every moderator. The new unique kingwords are not stored in the server settings file.
"MR JEW" fake leak (February 13, 2024)
Kingword: URGHABUJISTAN782
Description - False positive caused by a trial-king who also requested the demotion of a different king.
Action taken - MR JEW demoted.
"GOTH" leak (January 22, 2024)
Kingword: JabbaGod27
Description - GOTH was likely Moon Man, a BonziWORLD king, under a fake identity to leak the kingword. This has not been fully confirmed.
Action taken - Moon Man demoted (potential re-promotion is possible). Kingword changed.
