Guess the TAG

[BG]

After searching hours and hours I've finally found Nominet's Floor..

Image Source : Nominet

Now to work out the flaw within the floor, hmmm..

 

[Sean]

"bought" Is it for sale then?

It has been and I'm sure the person that sold it regrets it because he got played for a fool by cheats.

If Rob rolls out the exploit to his customers, it will pretty much kill off any advantage so at that point I'll release the details and possibly my code for free so that it really is a level playing field.

 

[RobM]

I want nominet to abolish the DAC. Other registries don't have it yet still have the EPP.
They went from the automaton which could only be cheated by people having multiple tags (something they've always claimed 'doesn't happen') to a system they claim is fairer but in reality is TOTALLY imbalanced. If you have a slow server - you have no chance. If you have slow software - you have no chance. If you don't utilise their system flaw when it occurs - you have no chance. Also there is still the problem of multiple tags. They are not grown up enough or technically proficient to run the system.
I also want them to allow people to multitag rather than pretending to try and stop it. The problem at nominet is far too many people are on the gravy train and we have unnecessary 'departments' to field problems THEY have created. The more that tags get pissed off hopefully the more they complain to them.

 

[RobM]

It has been and I'm sure the person that sold it regrets it because he got played for a fool by cheats.

If Rob rolls out the exploit to his customers, it will pretty much kill off any advantage so at that point I'll release the details and possibly my code for free so that it really is a level playing field.

Go for it - no need to wait for me to roll it out. Most people are using the same software anyway I suspect - probably for a % share of sales. However bear in mind that the software won't help if people have bad servers - perhaps they should be told where to host as well.

 

[Sean]

Go for it - no need to wait for me to roll it out. Most people are using the same software anyway I suspect. However bear in mind that the software won't help if people have bad servers - perhaps they should be told where to host as well.

What we can agree on is that apathy at Nominet and an ill advised decision by someone to sell his golden goose has created a perfect storm.

 

[Sean]

Forgot to add, that in all seriousness yes this is the so-called golden flaw you are looking for.

Renegade

 

[RobM]

...now that Rob has finally bought himself the "flaw"...

Interesting comment. How much did I pay? Who did I buy it from? You realise that people who have a modicum of programming knowledge and lots of logs to analyze can find it out...? We don't all have to buy/license software.

 

[timter51]

The cheat is, you get on the phone and whine to Nominet like a stuck pig and they let you catch a few. Only kidding.

Or you just do this.

The DAC returns are not live, they are cached when you query it.

What you see returned from Nom has the same time on it as the results are cached.

But just before the name drops the time stamp on that query will update as the cache is flushed before it drops

When you see a different time returned, shout holy mother and fire a heavenly number of EPP requests every millisecond in order until you land a catch.

EPP request has a unique number that comes back from Nom ... so you can then tune your script to get every bloody poll number 10001 , 10002, 10003 and so on and so on

 

[RobM]

?
Look again - I didn't ask those questions someone else did. I was quoting them.
Anyway welcome to the forum - always nice to see new faces

 

[RobM]

I have no idea what you're going on about. (Quoting a post is not the same as asking a rhetorical question). Your posts make as much sense as your method. But hey... if that's what you think people are doing then I guess that must be it. Anyway I suspect you're a sock puppet but you're probably better off making another post with an in depth explanation of your method, perhaps with some code for those who can't program, if you really want to level the playing field. Thanks. I'm done here anyway - nothing more needs to be said apparently.

 

[RobM]

What is? Can you spell it out please? After all - you can be the hero. Have you got some code for us? Also you might want to tell people the best place to host.

 

[RobM]

'What you see returned from Nom has the same time on it as the results are cached.'

Does your DAC response include the time then? If so you might want to explain to people how to read it.

 

[RobM]

Um...ok. What tag are you btw? As you like to talk about credibility thought you might want to give some to people here who will no doubt have questions for you (I guess you're not going to answer my genuine question above) - I hope they post them here or another thread though, rather than pm, so everyone can benefit. I'm not trying to talk anyone out of it - everyone use his system - I mean that.

 

[jamesw]

Ok I will bite,

I don’t get a timestamp back in the DAC response. Where do you see the time then?

 

[RobM]

Don't think you're going to get any joy from him. He signed up today just to post in this thread - obviously not his real account. Maybe someone else can explain what he meant.