+- Forum L2 AgainsT (https://forum.l2against.eu)
+-- Forum: AgainsT v3 (https://forum.l2against.eu/forumdisplay.php?fid=3)
+--- Forum: Information Box (https://forum.l2against.eu/forumdisplay.php?fid=47)
+--- Thread: Bug Bounty Program (/showthread.php?tid=2)
Bug Bounty Program - l2against - 02-14-2020
Bug Bounty Program
We believe that working with skilled players across the globe is a crucial part of identifying and mitigating our vulnerabilities We want to be enable a coordinated response and minimize the risk to players potentially subject to or affected by the vulnerability. To encourage people to collaborate with us to find variety issues and not abusing them, we have created Bug Bounty Program.
If you believe you've found vulnerability on our server, we encourage you to notify us through our special section in ACP and work with us to mitigate the disclosure of the vulnerability to minimize the risk that exploitable information becomes publicly known before mitigations are available. This section is only visible only for Administration. Every player, who received reward from the program will be entered in another topic with prize.
Rules
· Do not abuse the bugs, which you found out!
· Do not impact other users with your testing.
· Stop immediately and inform us if you believe you have affected the availability of our services.
· Submissions must include written instructions for reproducing the vulnerability. Submissions without clear reproduction steps may be ineligible for a reward.
· If something should works differently submissions require explanation of “How it should work with attached proof e.g link to “knowledge base”
· If something works differently and it was made in purpose(server features) submission may be not ineligible for a reward.
· When reporting vulnerabilities you must keep all information on your PC. Do not post information to video-sharing(youtube) or something else.
· When duplicates occur, we only award the first report
Reward system
Rewards will be distributed in Credits and you can use them whatever way you want to. The ammount of credits depends on level of threat. Mostly we will award people, who will find out any gap in our code to get illegal advantage(game breaking) (500-1500 Credits).The next level of threat are typical bugs like (something should work, but it doesn’t or working differently) . We will categorizes that by ourselfes and players may get from 10 to 200 credits Credits for informing us. We reserve the right to edit this topic and improve the system over time, because we want to check if it works.
How to report the Bug
You have to log in into master account panel on website, then choose "Bug report" section.
Quote:1) Category: Bug/exploit/game-breaker/informative/other
2)Description: The best practice is to give us the most accurate description i.e: Normal Freya Instance - too many mobs have been spawned. If you feel the description is not sufficient, explain the bug in few words.
3)Enviroment:Website/forum/game-client
4)Virtual proff: Screen or movie - A visual element like screen shot will help us to solve the problem. IT HAS TO BE LINK.
5)Expected vs current status: If it's necessary tell us: "How it should work properly". Just saying:" [..] doesn't work as expected" it's not useful at all.
6)Optional - Extra information