If you want an account, contact Ziggy via Discord: @ziggymoncher_. Read BonziPEDIA:Requesting accounts for more details.
Kingword Leaks: Difference between revisions
BlockOfShize (talk | contribs) m I've always thought this fits better with this |
BlockOfShize (talk | contribs) Fuck no then Tag: Undo |
||
Line 5: | Line 5: | ||
'''Godword:''' Gdansk240409 | '''Godword:''' Gdansk240409 | ||
'''Description''' - Due to a hasty FTP transfer, the settings file was accidentally placed in the frontend folder [ | '''Description''' - Due to a hasty FTP transfer, the settings file was accidentally placed in the frontend folder [https://archive.ph/8KWYp which granted everyone access to all server settings]. The godword and the now obsolete kingword (read below) were both stored in plaintext. This was the most severe leak thanks to all the IP leaks made possible by the [[IP mute]] feature. | ||
'''Action taken''' - Godword changed and administrative passwords will be hashed from BonziWORLD 7.0.0 and onwards. Entirely new systems of authentication are open to consideration. | '''Action taken''' - Godword changed and administrative passwords will be hashed from BonziWORLD 7.0.0 and onwards. Entirely new systems of authentication are open to consideration. |
Revision as of 08:52, 15 June 2024
This article provides descriptions of the times the administrative passwords (called "kingword" and "godword") were revealed to the public, or notable false positives, and the action taken to correct them. The list will be ordered from newest to oldest.
Leaks
Godmode leak (March 6, 2024)
Godword: Gdansk240409
Description - Due to a hasty FTP transfer, the settings file was accidentally placed in the frontend folder which granted everyone access to all server settings. The godword and the now obsolete kingword (read below) were both stored in plaintext. This was the most severe leak thanks to all the IP leaks made possible by the IP mute feature.
Action taken - Godword changed and administrative passwords will be hashed from BonziWORLD 7.0.0 and onwards. Entirely new systems of authentication are open to consideration.
HogFear leak (February 21, 2024)
Kingword: HogFear2024
Description - The kingword was leaked due to unknown causes, it's suspected that a moderator did it but it could be due to the above data breach, as the date of the FTP transfer that caused it was unknown.
Action taken - Kingwords were made unique for every moderator. The new unique kingwords are not stored in the server settings file.
"MR JEW" fake leak (February 13, 2024)
Kingword: URGHABUJISTAN782
Description - False positive caused by a trial-king who also requested the demotion of a different king.
Action taken - MR JEW demoted.
"GOTH" leak (January 22, 2024)
Kingword: JabbaGod27
Description - GOTH was likely Moon Man, a BonziWORLD king, under a fake identity to leak the kingword. This has not been fully confirmed.
Action taken - Moon Man demoted (potential re-promotion is possible). Kingword changed.
"Rapefuck" word (2023?)
Not much is known with this kingword, however it was from the Bonzi.ga days and might have been leaked somewhere in 2023 by Jabba. This was found by donutscout (or BlockofShize).
Unless there is proper proof, this is unconfirmed.