I remember back in '06 and '07 (Or somewhere around there) there was an exploit in Towns and Rallies (Or maybe it was people using a custom client?) that allowed them to have animated GIFs, or maybe YouTube videos or something, in their chat bubbles. I remember some hilarious videos/GIFs/whatever they were playing in people's chat bubbles, and I just remembered them.
Anyone know how this was done, or if it would be possible again?
Results 1 to 40 of 49
Thread: Pictures in Towns chat?
Hybrid View
- 28 Oct. 2012 02:12am #1
- Join Date
- Apr. 2010
- Location
- When freedom is outlawed only outlaws will be free
- Posts
- 5,113
- Reputation
- 195
- LCash
- 0.00
Pictures in Towns chat?
- 28 Oct. 2012 02:41am #2
- 28 Oct. 2012 02:50am #3
- Join Date
- Apr. 2010
- Location
- When freedom is outlawed only outlaws will be free
- Posts
- 5,113
- Reputation
- 195
- LCash
- 0.00
- 28 Oct. 2012 08:15am #4
nvm .
- 28 Oct. 2012 10:43am #5
Yeah, it was .SWF files. I beta tested clients for a few friends back then. I haven't a clue if it's still possible, it probably is in some weird way, though I haven't a clue on how to make it happen. Fun times though, man, fun times.
Good luck, Flare.
- 28 Oct. 2012 11:54am #6
The 'custom text bubbles' were just horrible, you could resize your text, colour it, etc...But that's long gone, man.
Last edited by Butts; 28 Oct. 2012 at 12:03pm.
- 28 Oct. 2012 04:48pm #7
- 28 Oct. 2012 10:26pm #8
- 28 Oct. 2012 07:02pm #9
- Age
- 28
- Join Date
- Oct. 2011
- Location
- #Yolo
- Posts
- 1,513
- Reputation
- 127
- LCash
- 0.00
- Awards
This ? GAIA HACKED RALLY - YouTube
- 28 Oct. 2012 07:22pm #10
- Join Date
- Apr. 2010
- Location
- When freedom is outlawed only outlaws will be free
- Posts
- 5,113
- Reputation
- 195
- LCash
- 0.00
- 28 Oct. 2012 07:28pm #11
You could basically embed crap in the chat bubbles with html along with other stuff.
- 28 Oct. 2012 10:33pm #12
To the others, it had nothing to do with SWFs. It was an exploit that rendered BBCode (i.e. [b ]Hello[/b] would yield Hello). It was around in '09 and got patched sometime later.
SWFs were done by a simple avatar change, except for an avatar URL you would choose a link to a SWF or image.
- 29 Oct. 2012 03:11am #13
I don't recall BBCode ever working*, but I do recall HTML working in the textfields.
SWFs were done in the through HTML because <img src="http://example.com/flash.swf"> is valid in a textfield.
HTML is still enabled in the chat field, but there's no longer any way (of which I am aware) to alter anything written to the chat field.
* I have my doubts that there was ever an exploit in towns involving BBCode. A (very restricted) subset of HTML has always been allowed in textfields in flash (though, it has to be enabled). That would mean there's little reason for anyone write in a BBCode parser.
- 29 Oct. 2012 04:30am #14
Oh hey, it's Personoid. How funny it is seeing you here. I see you've changed your location from "in SciTE" to "in sublime" which is also funny.
Anyway, what you're addressing is a different issue (or rather what I'm addressing is). Back in Rally there was an exploit that allowed users to alter chat bubbles on-the-fly via BBCode (I'm almost certain of this because it was done on the fly, this means it was something almost anyone could use with ease as opposed to an exploit that's essentially a power user feature. While HTML is almost equally as easy, comparatively it's more long-winded and generally harder to remember).
Granted, this particular exploit was probably not in Towns nor am I sure that it was ever present in Towns. Though I'm pretty positive it worked in Rally at one point (not sure which in particular, all I know that is it appeared in the wild sometime around '09).
Butts has already addressed Towns. So what you're explaining may be the case for Towns. Although I can't really verify what I'm saying nor what you're saying.
As for the SWFs, you addressed something ambiguous. SWFs appearing have thrived through more than one way before. Which happens to be through both avatar altering and markup exploitation. My explanation covered both facets.
P.S. Your post is badly written. For someone with so much time on their hands (anshin) you should have proofread and refined it.
Edit: Cleared up everything in the following post.Last edited by The Unintelligible; 29 Oct. 2012 at 05:21am.
- 29 Oct. 2012 05:58am #15
I fail to see the humor in my use of sublime. Sublime is better than SciTE in a lot of ways, though I would prefer it be open-source. If the humor is in the pun, then that's part of the point. My presence also isn't funny, I'm looking around for project ideas-- for someone else. Forcing myself to take time out to help someone learn is surprisingly rewarding-- not in an altruistic way, but in the sense that others' questions force you to evaluate your understanding and serve to improve communication skills. I'll address your postscript after I respond to the rest of your message.
My point about the restricted subset of HTML stands because the subset specifically allows <b/>, <i/>, <a/>, <font/> and <img/>. font, anchor, and image tags would be slightly more difficult than the others, but it stands to reason that those who were using this exploit were copy/pasting the HTML from elsewhere/others who told them about the exploit. It doesn't really stand to reason that a developer would fail to suspect that allowing arbitrary images to be loaded into chat bubbles would not become a problem. Therefore, I don't buy into the idea that someone added BBCode parsing to the chat. I'll grant you that BBCode is possible, but it's far more likely that someone inadvertently enabled HTML on the textfield in the chat bubble-- or even intentionally, and failed to filter the users' input properly. I wasn't aware of this exploit at the time, so I can't speak for certain. That's why I explained my doubts rather than claiming that you're wrong without any sort of proof. The best I can do is provide evidence to support my suspicions on what actually happened, which I've done.
As for the SWFs, there were a few methods. In rally, arbitrary swfs (remote or otherwise) could be loaded through the avatar, yes, but the OP specifically referred to chats. I was responding based on the post by "SpornyTheAlien" who mentioned SWFs in response to the OP (which, again, was discussing chat, not avatars). Your mention of SWFs didn't counter his response, which is why I posted the information I did. There were also a few methods of loading arbitrary SWFs through avatars or emotes in towns, but those were pretty complex (they used multiple "exploits"). To my knowledge, those never became common. I only mention to illustrate that I was aware of the ambiguity, but not sufficiently aware that my post was unclear.
Now, as for my posts being unclear. I have long had trouble with eloquence. In the past, pretty much all of what I learned about other languages was built on my understanding of AutoIt rather than my understanding of that language's documentation. I had trudged through Perl docs, but, aside from that, my knowledge of formal concepts was vastly limited. It still is, but it's not nearly as much of a problem anymore. Beyond that, I still have a few problems.
1. I have trouble making my point clear because of a distinct lack of clear transitions from one thought to the next. I often skip from topic to topic in a way that causes my writing to make very little sense. As a result, I do several iterations of almost any public post I make. This leads to the second problem.
2. My posts will sometimes have remnants of past iterations, making the transitions somewhat difficult to follow despite my efforts. Sometimes, I manage to avoid that problem. Sometimes, I don't.
These combine to make for difficult conversation in situations that are more or less instant messaging (such as towns, irc, msn, etc).
As for how much time I have on my hands, nothing on my Github profile suggests that I have an abundance of free time. Given your reference to my Github account, I'll explain how it actually has the opposite suggestion.
My repositories consist of two scripts I wrote during a time frame where I was more or less incapacitated (taking hydrocodone/in pain due to the removal of my wisdom teeth), 1 config modification to an Openbox theme that I whipped together in an inconsequential time period on a single day, and a few project forks that I haven't even gotten around to modifying.
Furthermore, my presence here tonight is due to what I mentioned before-- that I'm forcing myself to help someone else learn, and looking for project ideas.
I did take out the time to respond to you, and during that time I've been discussing future plans with the person I'm helping for the night.
I say this for your understanding, not as some sort of excuse to be here. I saw your post and couldn't resist supplying additional information. That's sort of what I do. There's no call for those sorts of comments.
- 29 Oct. 2012 06:20pm #16
Oh boy. Was it remotely necessary to type such a long post? For the record, people do not have the time to review over such unnecessarily lengthy content. I'm doing this for both of our understanding, though.
The joke was that you even changed your location. The joke was that you cared and thought others would care. The joke was that you took the time out to change it to begin with. "in __" is not a pun. That shouldn't be needed to be explained. Sublime is a decent text editor, the joke is not in Sublime itself. Open source? Other than it being a generally good philosophy, do you have any other particular reasoning why you would prefer it to be open source? As far as I know you're limited in terms of skill (although I believe Sublime is made in Python, which to be fair you have some experience in). Could you really take advantage of Sublime if it were open source? Or would you just prefer it for the additional luxury? I'm wagering on the latter.
Yes, I've clarified in my subsequent post.
This does not have much (if anything) to do with eloquence. This is also a common way of learning for someone more or less novice. I honestly don't know what lead you to believe this was some sort of "unique" or exclusive issue. As far as I know, it's a common avenue for people still in the process learning. Presently, you are still learning. This seems to be more of a habit that you adopted from the language itself rather than a personal deficiency or inadequacy.
Most of your post consists of incessant rambling and banter. This is not favorable to other readers (for instance, me). This personally seems more troublesome to me than your learning "issue."
Generally speaking, people are different and have different mindsets and ways of thinking. So it should not be surprising if you find certain things or characteristics about you that differ from others. I'm not sure how you could come to the conclusion that this more or less distinctly applies to you when you cannot possibly tell if this is mutual or not.
The reference to your Github account had nothing to do with time on your hands. If I recall correctly, you wanted a career oriented around tech, so Github should not by any means be detrimental to this objective. It's the fact that your account is named anshin, which when I googled resulted in the definition of "Lack of worry, relief, peace of mind" and "Ease in one's body, relaxation; establishing oneself in the world, making a career for oneself."
If it has a different denotation, even outside the implications and reference of the word "anshin" you presumably still have no job, still aren't in school, and still live with your parents. Objectively speaking you have a plethora of time on your hands. I don't associate your lack of substance in your Github account with not having the time, I associated it with the fact that I believe that you can't do anything worthwhile to host on Github.
Your mindset--based on my belief--consists of both consciously and subconsciously boosting your own ego and self-esteem by "supplying additional information" among other things typically due to the premise that those around you are not sufficiently aware of said information, thus making you feel more knowledgeable and superior. I battle this mindset by giving you the details that just so happen to not occur to you. I battle this mindset by bringing you down to earth rather than feeding it.
This is one of the reasons why I've grown contempt for you and frown upon you. I don't insult you for indiscernible reasons. But rather because of the person you are. This is also one of the reasons why I can't realistically see you succeeding and becoming someone like an entrepreneur.
You were babysat by Azn/Seal, Lain, Pirate, Doc, and Hero.
I can't bring myself to be civil with someone with such an unwarranted superiority complex, and you should know that by now.Last edited by The Unintelligible; 29 Oct. 2012 at 06:23pm.
- 29 Oct. 2012 05:11am #17
Looked into a bit. Could not find anything mentioning BBCode. I am aware that HTML has always existed in Towns, but it seems that may have also been the case in Rally. Which probably caused me to intertwine the two.
In other words, knew there was an exploit in the past in Towns that allowed you to enter HTML into chat. Thought when a seemingly different occasion popped up in Rally it was done through BBCode instead of HTML. It now seems that this exploit in these Flash hangouts in the past were caused by the same vulnerability in enabled HTML.
All I know is that there was a markup aspect involved. I wasn't exactly sure as to whether it was HTML or BBCode in Rally but now I'm leaning toward HTML. All I vaguely remembered was "markup."
Either way, as I said before, in Rally, this appeared somewhere around 2009 (verified when I looked at dates as to when the issue was reported to developers). It was done through some form of markup (apparently stripped down HTML). What Matt and a lot of other people in this thread seem to be confusing with the exploit OP is actually referring to is an entirely different exploit. That's just an avatar change as I've stated before. What Flare is talking about was actually done through the chat bubbles because of some other security fallacy.
To put it short: long gone.Last edited by The Unintelligible; 29 Oct. 2012 at 05:14am.
- 29 Oct. 2012 05:15pm #18
I may not have been clear.
A restricted subset of HTML is available to textfields in Flash.
It can be disabled, but it isn't limited to towns or rally.
That's why it happened in both-- it's a Flash feature rather than something a Gaia developer implemented.
No rage should be necessary given that similar things did happen in towns, and we're both referring to the same exploit.
As for our meeting, I don't remember any such place, but it's entirely possible. I don't have a good memory as far as people and events.
- 29 Oct. 2012 05:33pm #19
- 29 Oct. 2012 06:32pm #20
- 29 Oct. 2012 02:46pm #21
- Join Date
- Apr. 2010
- Location
- When freedom is outlawed only outlaws will be free
- Posts
- 5,113
- Reputation
- 195
- LCash
- 0.00
Heyyy, uhmm... This may or may not cause some rage/completely settle the argument, but it was in Rally now that I remember correctly. Not Towns. Sorry about that.
And hey, Personoid, do I remember you from the same chatroom where I met Protozoid? (Unintelligible)
It was some little chat room on a website which also hosted a few small as3 scripts, if I remember correctly. It was a few years ago.
- 29 Oct. 2012 06:22pm #22
No, this does not make any difference in the argument.
And yes, this was back at Wonoes. It didn't host as3 scripts, it hosted au3 scripts. This was before I progressively started to realize Personoid is an idiot and joke.
But either way it's more or less irrelevant to the situation at hand.
- 29 Oct. 2012 07:44pm #23
- Join Date
- Apr. 2010
- Location
- When freedom is outlawed only outlaws will be free
- Posts
- 5,113
- Reputation
- 195
- LCash
- 0.00
- 29 Oct. 2012 07:46pm #24
- 29 Oct. 2012 06:54pm #25
Seriously though. Perso, you're 19 years old. Don't you think it's high time to start acting like it? Why not get a job? School is probably not essential, but it probably would have helped you in pursuit of your entrepreneur goal. It could have taught you stuff that would probably be more difficult learning independently rather than with assistance and in an environment of peers with a common goal.
You don't have any friends or girlfriend for that matter, so honestly what do you have? Lol, remember when you had your nudes leaked in Towns? Then you started making false threats and such to eradicate Sarah, who leaked them? This was roughly a year ago. You probably haven't changed at all.
Bottom line, pure and simple: I don't like you. Don't expect any of our encounters to be friendly, or free of ad hominem. I can accommodate to someone I dislike, but not when this someone in question is someone with complete delusions of grandeur like you.
Have a nice day.
- 29 Oct. 2012 07:29pm #26
I agree, he also lead on several girl's over the internet, some people you know. (izzy, sarah, etc...) he saw "potential" in them and said, at the end, "i'm not interested". After they sent nudes of them to him, and other shit that is pretty fucked up.
He hasn't attended any where since, what? I don't know, or care. AT LEAST PEOPLE TRY TO DO SOMETHING. I suggest you do the same, newton-butt
- 29 Oct. 2012 07:45pm #27
Honestly don't know what girl in their right mind would fall for Perso, but yeah, I'm aware. It's sad in more than one respect.
I've lost hope for him at this point honestly. All he does is sit on hackernews and make dumb points, and argue on Twitter. He also did Google+ but I don't know what happened to that. He supposedly "blogs in private" now. Oh, and he also pushes lame projects on Github, which ironically is the VCS he repudiated (Git) and dismissed in the past. Wonder what happened to Mercurial, which he practically used to swear by.
- 29 Oct. 2012 08:07pm #28
I addressed this in my other post.
How would you know anything about my personal life? I can see why you would think that you do given your obsession with me and your insistence upon following my every move on social media, but I don't discuss my personal life on social media. Beyond that, what does a girlfriend have to do with my age or my status as a person?
Also, if you still believe those were mine, you're a fool. The guy looks nothing like me.
I couldn't care less whether you like me, but a refusal to avoid ad hominem in a discussion that has everything to do with a topic at hand and nothing to do with the individuals having the discussion is foolishness.
I spend a lot of time reading articles on HN (well, saving articles to read later).
I spent next to no time at all on Twitter. I'm only there when friends link to tweets or I get bored while away from my desktop-- which doesn't happen anymore because I allocate nearly all of my spare time to reading.
I deleted my account on Google Plus.
The tools I host on Github are tools that I needed (and wrote while in pain/on pain meds, as I've already pointed out. I could hardly work on one of my more complex projects at that time). You can hardly argue that my version is not an improvement over the official gyazo client.
I love how you know all of this about me. For someone who hates me, has such little faith in my ability, etc, you spend a lot of time stalking my online presence.
Edit: I forgot to respond to the comments about mercurial.
I did not swear by mercurial.
I pointed out that mercurial has a lower learning curve than git, and had git plugins for the occasions where I may need to deal with git projects. It suited my needs because I had no intention of writing open-source software.
Once I decided to use Github, the only sensible option was to switch to git.
It isn't that I think git is superior to mercurial or vice versa. I had merely pointed out that I had no need of git, and mercurial made for a lighter learning curve.
As I said before, I have no problem changing my mind in the face of new information or due to a change in priority. Your mocking says more about you than it does about me.Last edited by Personoid; 29 Oct. 2012 at 08:13pm.
- 29 Oct. 2012 08:51pm #29
I also like how you say I love to stalk you. I follow you to see if you're actually achieving these goals you've put forth and set and changing as a person. I've yet to see this. Heck, to see if you're releasing any of these "projects" you always babble about "planning."
Just like I'd follow anyone else. Whether that be Hero, Pirate, Iso, Ryan, etc. There's nothing wrong with allotting a few minutes of my time (which I do occasionally) to look into these kinds of things. I think you're just a little troubled by the idea that you're being monitored and judged.
Edit: In fact, I think I'm going to start following you on Github (formally so). Let's see what you can do. That's all what the matter of "stalking" you falls down to anyway. Let's follow Cake (cacen) while we're at it.Last edited by The Unintelligible; 29 Oct. 2012 at 09:04pm.
- 29 Oct. 2012 09:48pm #30
I have no objection to your following me. If your reasons are as simple as that, that's fine.
As for expecting to see such achievement mentioned in social media, that was unlikely.
I don't make a habit of posting on Twitter, and I hadn't used Google+ in quite a while at the time when I deleted it.
I've been focused elsewhere, but I'm at a sort of turning point where weekend projects may become "a thing."
Don't hold me to this, though. It's entirely possible that I'll just end up focusing on my actual work or books instead.
Anything open source will be on Github.
I don't have any intention of announcing closed-source work on Twitter though. I only still have my account for a project on my backlog.
- 29 Oct. 2012 11:46pm #31
Lol, do not have further time to respond to all of this. Especially since this is usually where all of our arguments tend to lead to; in circles. Did not honestly read.
Going to proceed to following you on GitHub. Let's hope you don't disappoint.
Edit: Done and done. Have a nice day, Newton.Last edited by The Unintelligible; 29 Oct. 2012 at 11:55pm.
- 30 Oct. 2012 12:49am #32
Every post in this thread is a damn essay.
- 30 Oct. 2012 01:29am #33
Artificial, meet Personoid. Personoid, Artificial.
His excuse, "Je n'ai fait celle-ci plus longue que parce que je n'ai pas eu le loisir de la faire plus courte."
I say it's just general stupidity. I merely reciprocated what he wrote this entire time. I wouldn't expect to see anything different when it comes to things that he's involved in, lol.
- 30 Oct. 2012 02:39am #34
- Join Date
- Apr. 2010
- Location
- When freedom is outlawed only outlaws will be free
- Posts
- 5,113
- Reputation
- 195
- LCash
- 0.00
- 30 Oct. 2012 11:29pm #35
- 30 Oct. 2012 11:47pm #36
- 01 Nov. 2012 12:12am #37
- 01 Nov. 2012 01:19am #38
And now we're on to semantics. Joy.
- 01 Nov. 2012 02:10am #39
While I agree with this, it is technically an argument. In denotation, he's correct. In connotation, you're correct. He doesn't understand that though so he tries to be politically and overly literally correct.
And he's just in every regard correct. Can't say I'm surprised.
- 02 Nov. 2012 04:31am #40
I wasn't referring to you and me; I was referring to him and me. We disagreed on several topics, and I'm sure each of us wrote some things that would be called heated at one point or another.
No. I don't know what else you could call a long and drawn out debate like this one. Debate is pretty much another word for argument.
I'm not "trying" to be overly correct. I seriously cannot see any other answer. If you have one, I'd be surprised to hear it.