Welcome!

Join our community of MMO enthusiasts and game developers! By registering, you'll gain access to discussions on the latest developments in MMO server files and collaborate with like-minded individuals. Join us today and unlock the potential of MMO server development!

Join Today!

Where is the problem ?

O

okulyolu

Newbie Spellweaver
10 Happy Years
Joined
Nov 6, 2012
Messages
22
Reaction score
2
Hi friends.

I have sro pvp server which is running for 7 years. Nowadays I have a problem with a player. I banned him then he removed his ban, enter the game by changin other players ids, gives them dc, transfer their items to himself, loads himself money etc etc.

We’ve made all the controls, checked all the ports also we have changed the server and setup to another device *but we couldn’t get rid of him. He can still do what ever he wants. I couldn’t find any other solution.
Where is the bug?
 
Sort by date Sort by votes
blapanda

blapanda

Retired
Joined
Oct 28, 2013
Messages
536
Reaction score
103
Disallow any entry and access to your database via GM accounts, external methods (setting your ODBC server option as private, instead of public), unravel the ends of your connection(s) (like managing portforwarding for server, ftp, billingserver, etc), and the list goes on.

Just get some intel about how things do work. You are running a pServer for 7 years, thus you should already have a fix for this kind of problem, though.
 
Upvote 0
The Best DDoS Protected Servers
O

okulyolu

Newbie Spellweaver
10 Happy Years
Joined
Nov 6, 2012
Messages
22
Reaction score
2
blapanda said:
Disallow any entry and access to your database via GM accounts, external methods (setting your ODBC server option as private, instead of public), unravel the ends of your connection(s) (like managing portforwarding for server, ftp, billingserver, etc), and the list goes on.

Just get some intel about how things do work. You are running a pServer for 7 years, thus you should already have a fix for this kind of problem, though.
Click to expand...

I tried everything :(
 
Upvote 0
NourAyman

NourAyman

(⌐■_■)
Joined
Feb 2, 2012
Messages
681
Reaction score
102
First of all clean your host by fully scanning it or reinstall or w/e
cuz even an sql injection could lead to throwing a backdoor into your server!!!

if you're using a filter:

1_try to look into packets that are related to ingame chat/msg that are
going to be stored in sql. you should be cautious about it.
here's an example for it
Code: 
        public static string clean(string query)
        {
            query = query.Replace("'", string.Empty);
            query = query.Replace("\"", string.Empty);
            return query;
        }
//Then use this method to clean w/e you want
sql.clean(message)
2_there was an exploit that kept secret for a long time that player
can execute queries through fortress messages. and there is a fix for it
Code: 
            if (_pck.Opcode == 0x705E)
            {
                string message = _pck.ReadAscii();
                if (message.Contains("'"))
                {
                    Disconnect.player();
                }
                else if (message.Contains("\""))
                {
                    Disconnect.player();
                }
            }
in case of none of them works then it's just your website mate.
try to disable web panel as a temp solution till you check up your entire website
 
Last edited:
Upvote 0
You must log in or register to reply here.

About Us

RaGEZONE® is a website dedicated to the development of massively multiplayer online role-playing games (MMORPGs).

Online statistics

Members online
200
Guests online
2,124
Total visitors
2,324
Totals may include hidden visitors.

Forum statistics

Threads
428,865
Messages
4,589,077
Members
279,458
Latest member
rcex
Most visitors online was 8830 , on 6 Feb 2024

RaGEZONE Sponsor

    HyperFilter
Back
Top