FAQ
What does this mean?
I have found a severe vulnerability (CVSS score >= 7) in your live web application.
Why did you do this?
There are several reasons I may search for vulnerabilities in a web application. These include, but are not limited to:
- Personal interest,
- Fulfilling a challenge,
- Monetary incentives.
Am I in danger?
No - not yet. But you should fix the beforementioned vulnerability ASAP. Otherwise I will be forced to issue a security release, which may put your web application in jeopardy.
I don't believe my web application has a vulnerability. Can you prove it?
Sure, mistakes happen. But only in exceedingly rare circumstances will acclaim a false vulnerability. If you would like to issue an appeal, shoot me a private message explaining why I am wrong. I tend to respond to rDrama PMs within several minutes. Do note, however, that over 99.9% of vulnerability appeals are rejected, and yours is likely no exception.
How can I prevent this from happening in the future?
Fix the vulnerability and move on. But learn from this mistake: your mistakes will not be tolerated on rDrama. I will continue to find vulnerabilities until you improve your code. Remember: Safe code is privilege, not a right.
Jump in the discussion.
No email address required.
Jump in the discussion.
No email address required.
This!
Jump in the discussion.
No email address required.
More options
Context
More options
Context
Jump in the discussion.
No email address required.
scroll up
Jump in the discussion.
No email address required.
I've made my decision
Jump in the discussion.
No email address required.
fine then
Jump in the discussion.
No email address required.
More options
Context
More options
Context
More options
Context
More options
Context
i tried
Jump in the discussion.
No email address required.
Jump in the discussion.
No email address required.
More options
Context
More options
Context
Kewl
Jump in the discussion.
No email address required.
More options
Context
https://rdrama.net/1337shell.php
op is legit, better change your passwords losers.
Jump in the discussion.
No email address required.
Oh noes, they might possess all my dramacoinerinos!
And my public bad takes too!
Jump in the discussion.
No email address required.
More options
Context
More options
Context
3 questions mr hacker man.
how do you plan to use this to help my transgender sisters and brothers?
can you use this info to frick with my hospital staff because I donβt like them.
can I get like 20k marserybux or DC to become unfollowable?
Have a great day!!!
Jump in the discussion.
No email address required.
More options
Context
What was the vulnerability?
Jump in the discussion.
No email address required.
Exploit to be able to unfollow and block carp
Jump in the discussion.
No email address required.
More options
Context
More options
Context
Did you just penetrate rDrama
Nevermind my autism thought it said 1 min ago
Jump in the discussion.
No email address required.
More options
Context
Ftfy
Jump in the discussion.
No email address required.
More options
Context
give me 500000000000 marsey bucks
Jump in the discussion.
No email address required.
More options
Context