Zappster

Depends on the function.... If I'm making a site, when it's in debug mode I'll display exceptions on the website. If it's going live, I'll log the exceptions to a file. But even then it doesn't help, take this PHP code as an example: <?php $mysqli = mysqli_connect('localhost','username','password','database'); if (mysqli_connect_errno()) { printf("Connect failed: %s\n", mysqli_connect_error()); exit(); } function selectUserByID($id){ global $mysqli; $query = "SELECT * FROM users WHERE id = $id"; if ($result = mysqli_query($mysqli, $query)) { while ($row = mysqli_fetch_assoc($result)) return $row; }else{ //Query failed exception here return null; printf("Error: %s\n", mysqli_error($mysqli)); } } ?> Now, let's say we are gunna send a GET value to selectUserByID() and then output the full results <?php require_once("mysqli.php"); if(isset($_GET['id'])){ $user = selectUserByID($_GET['id']); if($user != null){ $keys = array_keys($user); foreach($keys as $key){ echo $user[$key].'</br>'; } } } ?> Looks fine? Right? Well, wrong. This is open to MySQL injection. Passing a ' to it will trigger the " printf("Error: %s\n", mysqli_error($mysqli)); " in our mysqli page. This let's us know that the page is open to injection. Even if we commented out the stuff that shows the error, it would be obvious (since the output data will be messed). The attack can then inject malicous mysql queries via the GET. The mysqli will execute the query and because it was executed successfuly, the exception is never triggered A fix to the above function would be to add "$id = mysqli_real_escape_string($mysqli,$id);" Or better yet, switch too PDO/Mysqli via Objects. So whilst exceptions can allow us to log/display errors and keep the page running, it doesn't stop this example. If you don't want to get hacked, you need to write good code and to never trust the user.

yeah then lets sit back and watch his app get hacked

oh yeah hes fucked man

I wonder if he'll make a version of OSBot in HolyC. Maybe Jagex won't touch gods accounts

17MB OS lol crazy aint it? like.. seriously who has that much free space on a tape? Don't worry tho, he offers a solution

Omg 6:30

Issue was resolved in CB. Solution: Remove the special chars from osbot password

You can start OSBot in debug mode which will allow you to connect with your IDE. You can then use this to step thru your code and all that jazz.

Wouldn't your previous work solve this issue and allow it to be pulled? http://www.krimsky.net/pixelocr.php

I'm not 100% sure since it's been a while that I had to do anything with interacting outside of inventory, but I think it will left click if the wanted interaction is first.

Just try to avoid making your own interaction events. Don't reinvent the wheel To interact with a cake stand... Objects api It's the same sorta stuff if you want to access items/npcs/entity

Step 1. Find a mule reciever Step 2. Make the same username as the mule but with a space in it Step 3. ??? Step 4. Profit

What's more interesting is why did an account go under the radar with that much wealth for so long?

Weath just makes alts and spawns money on them and then bans them.

I consider myself a motherfucker so I pressed like.

Requesting a title change too delusional monkey. You guys win.

Fuck man you're such a massive troll. Well played 10/10

Kid is retarded Here's what happened. Pain: Zapp, who did tesla scam? Me: Bennifer imateamcape timka nickpure runescapeVM (now banned) dard Lucki: what bennifer is banned? Me: no wtf are you smoking? runescapeVM is banned Lucki: hurr durr wtf is a zappster Me:

I've just tried to replicate but I can't. Weird Try starting osbot with -debug cli and connect with your ide, you'll be able to stop the script from running from there.

I've never once had this issue. What IDE are you using? Are you connecting your IDE to OSBot via the -debug cli?

Looks nice, it reminds me of the MW2 Estate map

smh @Fruity stop making alts on osbot you'll get banned

A lot*

FUCKING LIAR

Naw he lives in the states. Pathetic tho They will continue....