hopefulstudent1997 Posted April 15, 2020 Share Posted April 15, 2020 Just now, ohmyyyy said: Doing some minor hacking. It looks like this is what those awarded will have shown. They already have all the appropriate elements in the HTML, but commented out. I'm guessing you only get access to those pages "/Fellow/PostAwardDashboard.aspx" if you've actually been awarded, which is totally a backend thing I've looked at this too. At least for me going to that URL just redirects to the login page. I think it's likely that there's no "hidden information" in Sysplus' system, they literally just don't have the info from the DoD, so they wouldn't really have anything to hide. Link to comment Share on other sites More sharing options...
ohmyyyy Posted April 15, 2020 Share Posted April 15, 2020 Just now, NanosecondsR4Ever said: The website is absolutely not secure. I submitted my app before I realized that some of my files weren't in pdf format, but I was able to resubmit by changing some booleans and making some custom buttons. In fact, the server actually accepted those updated files, which have persisted. Also, 12/23 update for those interested Link to comment Share on other sites More sharing options...
Nutellaoatmeal Posted April 15, 2020 Share Posted April 15, 2020 Still with ~DecemberGang~ over here, 12/6 and ONR! Tbh would not be surprised if Sysplus also misses the 7:00PM EST release time estimate Link to comment Share on other sites More sharing options...
ohmyyyy Posted April 15, 2020 Share Posted April 15, 2020 Just now, hopefulstudent1997 said: I've looked at this too. At least for me going to that URL just redirects to the login page. I think it's likely that there's no "hidden information" in Sysplus' system, they literally just don't have the info from the DoD, so they wouldn't really have anything to hide. For those interested, it does look like panelists have access to the website lmfao, so the dates likely mean something hopefulstudent1997 1 Link to comment Share on other sites More sharing options...
somethingsimple Posted April 15, 2020 Share Posted April 15, 2020 (edited) 4 minutes ago, ohmyyyy said: The website is absolutely not secure. I submitted my app before I realized that some of my files weren't in pdf format, but I was able to resubmit by changing some booleans and making some custom buttons. In fact, the server actually accepted those updated files, which have persisted. Also, 12/23 update for those interested Meanwhile I thought I was clever for trying to change the awardee list tab html address to /FY2020 from /FY2019. #knowsnothingaboutcomputers Edited April 15, 2020 by somethingsimple Link to comment Share on other sites More sharing options...
ohmyyyy Posted April 15, 2020 Share Posted April 15, 2020 Just now, ohmyyyy said: For those interested, it does look like panelists have access to the website lmfao, so the dates likely mean something It looks like they were so lazy that they just put the access menus for all possible users on a single page, and just commented out the unneeded parts depending on what type of user you are Link to comment Share on other sites More sharing options...
somethingsimple Posted April 15, 2020 Share Posted April 15, 2020 Can a computer science person break this down into English for those of us who know nothing about coding/hacking/scripts? GIIC and ksanchez96 1 1 Link to comment Share on other sites More sharing options...
vpaglioni3 Posted April 15, 2020 Share Posted April 15, 2020 2 minutes ago, ohmyyyy said: For those interested, it does look like panelists have access to the website lmfao, so the dates likely mean something Ahh damn. Well ~December Gang~ is together til the end, which I suppose was back in December for us. Link to comment Share on other sites More sharing options...
GIIC Posted April 15, 2020 Share Posted April 15, 2020 Haha yes please translate! I’m sitting here trying to convince myself this totally makes sense and I’m lost Link to comment Share on other sites More sharing options...
ohmyyyy Posted April 15, 2020 Share Posted April 15, 2020 Just now, somethingsimple said: Can a computer science person break this down into English for those of us who know nothing about coding/hacking/scripts? See the website link "/admin/ApplicationRanking.aspx", under the section titled "DoD Agency"? That probably means that they ranked applications using the exact same web interface. Now I'm not saying it's impossible the dates are meaningless. But it looks unlikely since I assume the act of ranking applications would change the "last updated" date. hopefulstudent1997 1 Link to comment Share on other sites More sharing options...
Eman2 Posted April 15, 2020 Share Posted April 15, 2020 Just now, ohmyyyy said: See the website link "/admin/ApplicationRanking.aspx", under the section titled "DoD Agency"? That probably means that they ranked applications using the exact same web interface. Now I'm not saying it's impossible the dates are meaningless. But it looks unlikely since I assume the act of ranking applications would change the "last updated" date. How did we just learn this now and not the last half month of speculation lol? Link to comment Share on other sites More sharing options...
GIIC Posted April 15, 2020 Share Posted April 15, 2020 1 minute ago, ohmyyyy said: See the website link "/admin/ApplicationRanking.aspx", under the section titled "DoD Agency"? That probably means that they ranked applications using the exact same web interface. Now I'm not saying it's impossible the dates are meaningless. But it looks unlikely since I assume the act of ranking applications would change the "last updated" date. Now can you reexplain this like for a 5 year old? I almost got it Link to comment Share on other sites More sharing options...
ohmyyyy Posted April 15, 2020 Share Posted April 15, 2020 Just now, Eman2 said: How did we just learn this now and not the last half month of speculation lol? The kind answer is anyone with an ounce of cybersecurity knowledge would look at the website and say "you're literally revealing information about directory structure to an outside attacker if they just glance at the HTML" Link to comment Share on other sites More sharing options...
Eman2 Posted April 15, 2020 Share Posted April 15, 2020 Just now, GIIC said: Now can you reexplain this like for a 5 year old? I almost got it I think the fact that this code was on the webpage implies that there is a version of this webpage that is different if you are have access to the dod page which makes it seem like they used this portal to rank the applications GIIC 1 Link to comment Share on other sites More sharing options...
ohmyyyy Posted April 15, 2020 Share Posted April 15, 2020 Just now, Eman2 said: I think the fact that this code was on the webpage implies that there is a version of this webpage that is different if you are have access to the dod page which makes it seem like they used this portal to rank the applications Exactly right. And what better way to store ranks/evaluations than to "update" your record Link to comment Share on other sites More sharing options...
OhTheStress Posted April 15, 2020 Share Posted April 15, 2020 Just now, ohmyyyy said: Exactly right. And what better way to store ranks/evaluations than to "update" your record I'm not sure whether to find this comforting or additionally stressful right now. Link to comment Share on other sites More sharing options...
Physicsisphysics Posted April 15, 2020 Share Posted April 15, 2020 Would it be possible to see your scores/rankings by editing the HTML or no? Link to comment Share on other sites More sharing options...
3st3rb Posted April 15, 2020 Share Posted April 15, 2020 (edited) So for what it's worth, I've been on Rob's end of doing something like this for a set of competitive HS summer programs. (The application is literally like a college app). Reviewers, recommenders and applicants have access to the same webpage, but get assigned different permissions which changes what they see. We also have 3 stages of reviews before results. >GPA/Test Scores etc etc. > selection committee ranking > final selections > results are out. Because different people along the process have different permissions, the applicant's last update date does change as they are moved from one bucket to the next so that their info can be seen by the person in the next stage. But dates change a lot and multiple times between one stage and the next because sometimes if we want to try out new layouts or change the interface for a specific category of user we'll go in and assume their "role" which also changes the date for last update.... sometimes a lot if we want to mock going through all the ways a user can interact with the page. All ranking, commenting on apps, and evals happens in the same portal. The last stage before the results come out is the tricky one because we basically have the rosters ready and made but are waiting for the official release from the University to go live. My guess is that this is where we're at right now. Edited April 15, 2020 by 3st3rb alcoholistic 1 Link to comment Share on other sites More sharing options...
alcoholistic Posted April 15, 2020 Share Posted April 15, 2020 In other news, I added a page to my website to commemorate the December Gang. https://www.andrewjin.com/december-gang Join the December Gang Email List! Form: https://docs.google.com/forms/d/1-Ed6oU9sJJS6IBzfJjrT7xscD6hAh9fO6s1BhRtTXOY/edit#responses Responses (Request Access to Protect Emails) https://docs.google.com/spreadsheets/d/1zKWURsJSQHNsJ2ckWMs_ehpwo6Ucp20AiUCYaz5eDGI/edit?usp=sharing I'm manually adding people so give me a couple minutes to add you if you request! somethingsimple 1 Link to comment Share on other sites More sharing options...
ScienceGeek Posted April 15, 2020 Share Posted April 15, 2020 T-minus 1 hour! Link to comment Share on other sites More sharing options...
vpaglioni3 Posted April 15, 2020 Share Posted April 15, 2020 Just now, ScienceGeek said: T-minus 1 hour! Ladies, gentlemen... it’s been an honor waiting with you. OhTheStress 1 Link to comment Share on other sites More sharing options...
ohmyyyy Posted April 15, 2020 Share Posted April 15, 2020 Just now, Physicsisphysics said: Would it be possible to see your scores/rankings by editing the HTML or no? I don't think so. The dropdown menus are just links to those other parts of the website. We can't actually access them Link to comment Share on other sites More sharing options...
Metals_123 Posted April 15, 2020 Share Posted April 15, 2020 Link to comment Share on other sites More sharing options...
OhTheStress Posted April 15, 2020 Share Posted April 15, 2020 Just now, ohmyyyy said: I don't think so. The dropdown menus are just links to those other parts of the website. We can't actually access them Pretty sure SysPlus would frown on us actually editing their website. Link to comment Share on other sites More sharing options...
h2hoe Posted April 15, 2020 Share Posted April 15, 2020 Do we think they'll actually give results within the hour? Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now