PROCUREMENT : The Ultimate Path Of Exile Companion Tool!

Bump!
Procurement  : The Ultimate Exile's Companion!
Forum Thread : https://www.pathofexile.com/forum/view-thread/172710/page/1
Github : https://github.com/Stickymaddness/Procurement/
"
deathbybinary wrote:
I had been looking through the source code of this application after having some initial scepticism. Had four .NET developers looking over the source along with me all day yesterday.

I can provide more information regarding the source if anyone is interested however I can confirm that there is no saving (or logging) of your username or password and the only site accessed is https://www.pathofexile.com

Initial testing in a VM using Procurement v0.0.3

Spoiler
Filename: Procurement.exe
MD5: ea53f6f69f1b3fc1ef7d97aab78c72de


Attempts HTTPS connection to 173.192.44.22 (legit)

URLs used:
loginURL = @"https://www.pathofexile.com/login";
characterURL = @"http://www.pathofexile.com/character-window/get-characters";
stashURL = @"http://www.pathofexile.com/character-window/get-stash-items?league={0}&tabs=1&tabIndex={1}";
inventoryURL = @"http://www.pathofexile.com/character-window/get-items?character={0}";

Also, the code uses the SecureString class which provides some protection against runtime attacks targeting strings in memory (utilises the Data Protection API).

Spoiler
(Using VMware Workstation, ProcMon, TCPview, WireShark, VS 2012 Premium, IDA Pro and ollyDbg) for those that care)


NINJA EDIT: I can confirm that v0.0.5 has not changed the authentication method(s)


I am glad to know that there are other .Net developers out there to help out. The VM test is what I should have done before putting in my own credentials. Thanks for doing this because it what should have been done. If you have a problem with the software just upload a bug report to the issues tab of the project. https://code.google.com/p/procurement/issues/list
i find it interesting that the number of reported hacked accounts seemed to surge right after this program was released...
"
I am glad to know that there are other .Net developers out there to help out. The VM test is what I should have done before putting in my own credentials. Thanks for doing this because it what should have been done. If you have a problem with the software just upload a bug report to the issues tab of the project. https://code.google.com/p/procurement/issues/list


Thanks for mentioning the issue tracker, it's the best place to report bugs or request new features.
Procurement  : The Ultimate Exile's Companion!
Forum Thread : https://www.pathofexile.com/forum/view-thread/172710/page/1
Github : https://github.com/Stickymaddness/Procurement/
Bump!
Procurement  : The Ultimate Exile's Companion!
Forum Thread : https://www.pathofexile.com/forum/view-thread/172710/page/1
Github : https://github.com/Stickymaddness/Procurement/
Bump!
Procurement  : The Ultimate Exile's Companion!
Forum Thread : https://www.pathofexile.com/forum/view-thread/172710/page/1
Github : https://github.com/Stickymaddness/Procurement/
GGG wonders why people getting hacked all the time/etc, prob cuz they don't remove these threads lol

could careless if it was open source, 1 update from the admin side, boom keylogged gg.

i wouldn't use nothing unless verified by ggg or chris or someone, just my opinion :P
"Good thing they nerfed the carto, it wasn't fun to find one in every map." - Haborym
Last edited by monkuar on Feb 22, 2013, 3:24:18 PM
"
monkuar wrote:
GGG wonders why people getting hacked all the time/etc, prob cuz they don't remove these threads lol

could careless if it was open source, 1 update from the admin side, boom keylogged gg.

i wouldn't use nothing unless verified by ggg or chris or someone, just my opinion :P


At exactly what line of code do you see some connection to the "admin side?"

Not taking any sides, just curious where you see one. I don't.
If you're reading this, I'm probably on another year-long ban.
Thanks GGG.
"
monkuar wrote:
could careless if it was open source, 1 update from the admin side, boom keylogged gg.


How about not commenting on things you have zero understanding of.
Procurement  : The Ultimate Exile's Companion!
Forum Thread : https://www.pathofexile.com/forum/view-thread/172710/page/1
Github : https://github.com/Stickymaddness/Procurement/
i guess if anyone is stupid enough to give their account info to a third party app they deserve to have their shit stolen.

Report Forum Post

Report Account:

Report Type

Additional Info