- Code: Select all
ny^M"CqE7$@P1LX1PPOST / HTTP/1.1
Host: www.nationstates.net
Connection: keep-alive
Content-Length: 66
Cache-Control: max-age=0
Origin: http://www.nationstates.net
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.56 Safari/536.5
Content-Type: application/x-www-form-urlencoded
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Referer: http://www.nationstates.net/page=login
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: [REMOVED SO YOU JOKERS CAN'T LOG IN AS ME]
logging_in=1&nation=Afforess&password=hunter2&autologin=yes
Don't bother with that password, I hope you get the reference though
Point is, logging into the game sends the password in clear text. This means you shouldn't log in anywhere where you don't have complete control of the entire connection up until it reaches your ISP. This means public wifi, universities, libraries, internet cafes, airports, etc could easily have sniffers ready to rob your account.
Is there a reason NS doesn't use SSL or some other encryption/salt for the password? I feel a lot edgier logging into a service with my password in clear text, especially with how easy network sniffing is. I could teach a 12 year old to hack a NS account with McDonalds wifi.