summaryrefslogtreecommitdiff
path: root/test/test-pages/ars-1/expected.html
diff options
context:
space:
mode:
Diffstat (limited to 'test/test-pages/ars-1/expected.html')
-rw-r--r--test/test-pages/ars-1/expected.html2
1 files changed, 1 insertions, 1 deletions
diff --git a/test/test-pages/ars-1/expected.html b/test/test-pages/ars-1/expected.html
index 2ed436e..a00aa37 100644
--- a/test/test-pages/ars-1/expected.html
+++ b/test/test-pages/ars-1/expected.html
@@ -1,5 +1,5 @@
<div class="article-content clearfix" itemprop="articleBody">
- <figure class="intro-image image center full-width" style="width:640px"><img height="331" src="http://cdn.arstechnica.net/wp-content/uploads/2015/04/server-crash-640x426.jpg" width="640"></img><figcaption class="caption">
+ <figure class="intro-image image center full-width"><img height="331" src="http://cdn.arstechnica.net/wp-content/uploads/2015/04/server-crash-640x426.jpg" width="640"></img><figcaption class="caption">
</figcaption></figure><p>A flaw in the wildly popular online game <em>Minecraft</em> makes it easy for just about anyone to crash the server hosting the game, according to a computer programmer who has released proof-of-concept code that exploits the vulnerability.</p>
<p>"I thought a lot before writing this post," Pakistan-based developer Ammar Askar wrote in a <a href="http://blog.ammaraskar.com/minecraft-vulnerability-advisory">blog post published Thursday</a>, 21 months, he said, after privately reporting the bug to <em>Minecraft</em> developer Mojang. "On the one hand I don't want to expose thousands of servers to a major vulnerability, yet on the other hand Mojang has failed to act on it."</p>
<p>The bug resides in the <a href="https://github.com/ammaraskar/pyCraft">networking internals of the <em>Minecraft </em>protocol</a>. It allows the contents of inventory slots to be exchanged, so that, among other things, items in players' hotbars are displayed automatically after logging in. <em>Minecraft</em> items can also store arbitrary metadata in a file format known as <a href="http://wiki.vg/NBT">Named Binary Tag (NBT)</a>, which allows complex data structures to be kept in hierarchical nests. Askar has released <a href="https://github.com/ammaraskar/pyCraft/tree/nbt_exploit">proof-of-concept attack code</a> he said exploits the vulnerability to crash any server hosting the game. Here's how it works.</p>
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-08 17:09:35 +0000