Hi,
While drafting application , I was wonder-stuck with this , Its possible to forge arbitary score-player info by sending asynchronus ajax request to
leaderboard.cgi . To demonstrate , I have forged a player " Gene Guru " with a Score of 10000. Chrome developer Tool (JS console) was used to carry out the attack.
Follwing was the snippet that was executed :
hreq = new XMLHttpRequest();
url = "leaderboard.cgi?player=GeneGure&points=10000";
hreq.open("GET",url);
hreq.send();
Malicious ones can run scripts that can corrupt the score list .
A solution to prevent such attempts will be to add a authentication to dizeez. leaderboard.cgi should check for a valid cookie before accepting the payload.I have been working on implementing authentication to Dizeez ,
https://bitbucket.org/vijeenroshpw/dizeez/commits/4acf1e0939149b10ababbb7b4a7d6293290e01dd,.