SMJS

GDIntercept is out for most platforms including: - Android (32/64 bit) - Windows - Macbook (M1 chipset)

@BeatGTO he still does it so I don't think it's due to finding it too much effort

@SMJSGaming how hard is it to search and replace GJ with GD

Fun fact about #GeometryDash . In RobTop's eyes it's still called GeometryJump since all endpoints and most methods are prefixed with GJ to this day.

@outstreamed_ @BeatGTO Just make it case sensitive and problem solved as long as camelCase and TitleCase is used correctly (it is)

@BeatGTO @SMJSGaming 1. anything that isnt gj as in geometry jump will be replaced too 2. whats the point

@TheWylieMaster Someone has to take over 😂

@SMJSGaming Bro has begun the path I took 🔥

@SixtieTen My DMs on Discord are open?

@SMJSGaming hey so i wanna message u ab something with this but your dms are closed

#GeometryDash A data breach was discovered in the GD servers which was likely already known by malicious individuals. This means that your email, IP address, hashed password, messages, private levels and much more has likely been dumped somewhere.

@Epixx512 Passwords have been hashed in the DB for quite a while already. However other essential info like the actcod2 (the code you receive via mail when you forgot your pass) isn't meaning that anyone with read access can freely swap passwords if they want to.

@SMJSGaming crazy how up until 2.2, logins were being sent over unencrypted HTTP and password were in PLAINTEXT, UNHASHED

@CodrGamer The entire lifespan of GD...

@SMJSGaming Approximately how long has this exploit been a thing

@jitlua Incident response wise sadly very little. The hole was patched and that's it even when I pushed rob to announce this. And this injection left behind a small bit of garbage data in the open. That's how we found that we weren't the only ones who used it.

@SMJSGaming You'd think something would already be known or found by someone else before, but you'd probably be surprised how many times that's not true, even for simple stuff. Do we know if any incident response whatsoever been done on this? What makes you say it was likely already known?

@luckylakie_real An overview of the amount of lines (1 line is 1 DB table) where the column userIP exists on (126 in total)

@luckylakie_real Well then for you it might be less of a problem but for every action taken with the server the IPv4 associated with the request was stored in the database.

@evrglo2 Unless someone has it in their local save (I genuinely doubt it) yes

@SMJSGaming Alright so it genuinely is likely lost forever

Regarding the recent post I made while I had full access to the DB I looked for Element 111 Rg. It's not there #GeometryDash

@WinterDHX @Restoration_Uni Nah that's unrelated they just bruteforce or use leaked passwords from other breaches

@SMJSGaming @Restoration_Uni Guess that explain all thoses hacks that happen in the mast 2 weeks by thoses teamtuff cockroaches

@ThophGD 1. Yes, if the password complexity in GD is not safe enough to protect against a brute force without restrictions like those imposed on the GD servers. Which is the case now that they might be available locally. 2. Mostly change your pass 3. Sell your data, leak private stuff etc

@SMJSGaming Would be nice if you or someone else answered those questions to make people feel safer! 1. Are our GD accounts in risk of getting hacked? 2. Is there anything that we should do? (changing password etc...) 3. What could people do with the dumped info?

@UncannyInfinity @cvsilly_ Yes that's the danger this no longer limits them from brute forcing it.

@cvsilly_ @SMJSGaming but if your password is simple then it's still a problem. they now can guess a password locally

@jojo989_A7_ Yes, all passwords were hashed with bcrypt. A proven 1 way encryption

@SMJSGaming only the hashed password right? i mean stupid ahh question but anyways

@hypoorr Most were done by simple brute forcing or using other DB breaches to try repeated passwords. But I already found a few which used a trick to bypass logins altogether

@SMJSGaming is this how so many people are being hacked recently then

@ddeaen Yes, it might be as recent as in the past few weeks

@SMJSGaming is this breach recent? cuz i changed my everything like a week ago

@GreenRedGD @wezakune Not really, worst case scenario he fucks it up and accidentally makes it not work properly. But the code is not so legacy that it's impossible to add totp. Infact I've already created an example before

@wezakune @SMJSGaming The problem with this is that RobTop is stuck with code from a few years ago, so adding a modern security system like 2FA can be very dangerous.

@cvsilly_ bcrypt. so it's fine

@SMJSGaming knowing robtop the hashes in question are sha-1 without salt.. gulp