So I made a maze generator that I published to public projects. I implemented a view tracker just for fun, aswell as an anticheat so people couldn't access the console. How did someone manage to hack this, it's not that important, I just wanted to use the view tracker to see how many people are interested in what I made. Link to project: https://studio.code.org/projects/gamelab/zaEORpNhfdmf5W8KtcY3zqRiZoV1feEM_pewoZSqQsI/edit

i hacked it... cuz my friend, cool gave me this inspect this where it inspects the website's code, and then he also gave me a code executor to execute the code i think is needed. :OOOO

Awards

  • â’¸ 1 from [WUT] Adam
    Comment: that's not very nice
  • â’¸ 10 from Captain_Jack_Sparrow
    Comment: good job hacking. you get treasure.

I already had "countermeasures" in place to prevent the use of the inspect console but I guess that's about the most I could do without extensive research, the view counter is reset now anyways and was mostly just to see if I could make it work. Thanks for the advice!

    bonana Just had a thought to automatically reset the views counter either to 0 or the last known amount of views if whatever is saved is not a number :0, might be able to work with obsessively large/small numbers aswell.

        bonana Or if you want a more secure way to handle views, Radon will do that all for you. In the editor tap the gear icon, select "manage libraries", and import Radon with this ID: edvRJ2lat7vDuDr5-9M0dsJ-XOI-fDymNpCeh_A-tZ0. Then you can get rid of your views counter function and replace it with Radon.log();.

        This should fix all of your problems, since it will block most hackers, it won't give a "this project stores data" warning, and if it is hacked it will automatically reset.

          yea lol i would just rather code it myself in order to better understand the concepts, i try not to use other peoples libraries

            bonana That is a nice sentiment, however, it is usually better to just not reinvent the wheel unless you think you can improve it for your specific use case. I 'borrow' code & use libraries all the time.

              Chat