FlytrapCare Carnivorous Plant Forums

Sponsored by FlytrapStore.com

Talk about anything you want in this forum.

Moderator: Matt

User avatar
By sanguinearocks101
Location: 
Posts:  1657
Joined:  Mon Jan 06, 2020 1:56 am
#378694
Hello,
I’m testing some things for a much more complex than average giveaway, can someone see if they can find a way to bypass the username and password requirement on this website? I want to make sure this is secure so come time for the giveaway it isn’t ruined by someone who can bypass it somehow. http://sanguinearocks101.pythonanywhere.com/
User avatar
By sanguinearocks101
Location: 
Posts:  1657
Joined:  Mon Jan 06, 2020 1:56 am
#378704
I meant somehow bypassing the need to enter a username and password at all, it’s a free website hosting service so I don’t expect it to be top quality and I have no experience hacking. I think there are some people on the forums who might have some experience with stuff like this and may be able to help out.
User avatar
By ChefDean
Location: 
Posts:  3304
Joined:  Tue Sep 18, 2018 12:44 am
#378706
Gotcha.
I tried a few things and couldn't get in, but I'm far from the computer expert.
Heck, up until a few years ago, I thought turning on a computer meant rubbing up against it gently. :lol:
sanguinearocks101 liked this
User avatar
By Panman
Location: 
Posts:  1662
Joined:  Wed Mar 04, 2020 8:41 pm
#378716
I am pretty sure the everything is available for viewing so someone could game the system is they see something they want by creating multiple accounts.
User avatar
By sanguinearocks101
Location: 
Posts:  1657
Joined:  Mon Jan 06, 2020 1:56 am
#378726
Panman wrote: Mon Apr 19, 2021 4:59 pm I am pretty sure the everything is available for viewing so someone could game the system is they see something they want by creating multiple accounts.
I am confused what you are saying. The majority of the code is open sourced though I edited the html of the page that displays once you get the correct password.
User avatar
By Panman
Location: 
Posts:  1662
Joined:  Wed Mar 04, 2020 8:41 pm
#378730
Sorry, I didn't see your link and thought you were talking about this forum.
User avatar
By elaineo
Posts:  165
Joined:  Tue Jul 24, 2012 4:07 am
#378732
I did a port scan and found nothing open. Also tried some basic injection attacks, and I don't think I managed to break anything. It doesn't look like you do any IP limiting or DDoS protection so in theory someone could spam your site, entering different user/pw combos and get in through brute force, but I don't think anyone will go to the effort for a plant giveaway.

hope that helps :)
Hi from NC

Hi Chris and welcome to the forums!

My nepenthes pitchers came out wierd

You telling me the pitchers can get bigger?

Hello from NJ

Glad to be here. I have been growing VFTs, drosera[…]

When is the next intervention? Never heard of[…]

eBay sellers

Here are a few more reputable sellers for your lis[…]

Carnivorous uhaul

In a similar vein: I'm hoping that the NC DOT rele[…]

Hang94's Grow List

Attachment limit reached

Drosera seeds giveaway!

Yay! Thank you! Something to go in my new pot. Sen[…]

Support the community - Shop at FlytrapStore.com!