Hello & Welcome to our community. Is this your first visit? Register

Page 1 of 11 123456789 ... LastLast
Results 1 to 15 of 157
  1. #1
    Member

    Rank
    Member
    Join Date
    Mar 2013
    Location
    Hammerpoint HQ
    Posts
    75

    So were the War Z server files 100% fake?


    War Z Server Files & Source Code Discussion
    Let's "audit" the situation here.

    • What happened to War Z?

    [Only registered and activated users can see links. ] servers and forums (including their databases) were compromised by multiple people it seems.
    Details on how (Quoted from theDomo on this forum; cache backup of the post):
    #######################################################################

    Tile: WarZ, Warinc Hack
    Author: H.J. Auditing Employee Brent Junker
    E-mail: [Only registered and activated users can see links. ]
    Web: [Only registered and activated users can see links. ]

    #######################################################################

    ============
    Introduction
    ============

    In this document we will be covering the points of entry into Hammerpoint.

    ============
    Part 1 "point of entry"
    ============

    The hacker started by auditing. thewarinc.com
    Found an SQL Injection in the forums wich has been patched since then.
    After finding the SQL Injection, then proceed to dump the user table.
    And some of the admins had passwords like ******.

    From researching the user table, the hacker found out that kewk
    where using the same password on the forum, his email,
    The WarInc and The WarZ. This was the point of entry.

    ============
    Part 2 "The Shell"
    ============

    The hacker then proceeded of logging in to the admin cp of The WarZ.
    Then proceeded going to the plugins and adding a malicious plugin for executing basic commands.

    Plugin contained.
    ***************
    And then executed the command ******************** to get a more sofisticated backdoor up.

    example:
    *****************************

    Then the hacker hid the shell in a discrete directory so the administators would not find it.

    ============
    Part 3 "password logging"
    ============

    This is where it is starting to get interesting. The hacker placed a password logger in the vBulletin login function.
    Then we would be able to grab all login sessions with plain text passwords

    ============
    Part 4 "Accessing emails"
    ============

    About more than half of the employees used the same passwords on their email accounts along with their personal email.
    So inside their email contained information about SVN, RDP, what hosting company they where using and conversations between
    employees, witch contained some inappropriate content on their work emails.....


    ...... and more
    More (retarded) information on that here: [Only registered and activated users can see links. ]

    What is the "War Z Server files" thread? Who is "Sirgay"?
    Originally, a retarded user named "Sirgay" created this thread: [Only registered and activated users can see links. ] to most likely just cause drama and infect people. He claimed infecting the War Z servers, as well as having up-to-date server files (but no sourcecode). He could barely speak english fluently, and in the end the files were completely fake (and included viruses)

    What was really in Sirgay's files?
    Upon release of the so-called "files" he had, there was 3 seperate .rars to download as well as a database file. The final rar was called "WarZMarch30.rar" and here is a picture of the contents:

    This looks to me like the data extracted from War Z including the client files with other random crap included.

    There was a bunch of files with "Super Mario Bros" as the title and a "Studio.exe" virus which copied a java.exe to your localdata folder with a text script and disabled your task manager. Retards.

    The database he uploaded was a "Kal Online" database which had nothing to do with War Z and was last modified in 2008.

    What's Happening Now?
    This thread was made to inform everyone on what's going on here.

    I was infected! How can I remove it?
    (you should have been a little smarter, but)
    Quote Originally Posted by DragonKon View Post
    Here is a simple guide on how to remove the infection if you need help post here also make sure to download malwarebytes also i know this is in wrong section but i posted here so the infected users have a better chance to see.

    Tips:
    Having a problem removing restore your PC back to a previous date
    Disconnect your pc from the internet well doing this, (to stop him from messing you up)

    [Only registered and activated users can see links. ]

    Windows XP & Vista/7
    1. First go to your start and select Run if you don't see run then seach for it.
    2. Once you click on it type %appdata% and go to the bottom do you see java.exe
    3. Now minimize that and go back to run type msconfig and then select startup disable java.exe
    4. Now restart your PC and then login and go back to appdata and delete java.exe

    Windows 8
    1. First go to your start and search for run then type %appdata% and see if you got java.exe
    2. Hold [CTRL] + [ALT] + [DELETE] then select startup disable java.exe
    3. Restart your PC and then login then go back to your appdata and delete java.exe

    Screenshots [Windows 8]
    Notice i didn't get infected the program i was right clicked on in my startup wasn't the infected file was example


    Re-enabling task manager:
    Type regedit into search, navigate to this registry.
    Code:
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\]
    Delete
    Code:
    DisableTaskMgr=1
    or replace 1 with 0.

    Last edited by Sirgey; 04-04-13 at 09:49 PM.

  2. # ADS
    HyperFilter
    RaGEZONE Sponsor

    Rank
      Sponsor  
    Join Date
    Sep 2013
    Posts
    9000


     

  3. #2
    Member

    Rank
    Member
    Join Date
    Sep 2012
    Location
    Ocala, Florida,
    Posts
    87

    Re: So were the War Z server files 100% fake?

    I have no idea man :/

  4. #3
    Member

    Rank
    Member
    Join Date
    Mar 2013
    Posts
    30

    Re: So were the War Z server files 100% fake?

    3 days waiting for nothing...

    Edit: and now i just finished the download of all files.. going delete..

  5. #4
    Member juniordark's Avatar

    Rank
    Member
    Join Date
    Sep 2012
    Posts
    65

    Re: So were the War Z server files 100% fake?

    Sirgay was banned ,so yeah....

  6. #5
    Member

    Rank
    Member
    Join Date
    Sep 2012
    Location
    Ocala, Florida,
    Posts
    87

    Re: So were the War Z server files 100% fake?

    :/ wow. Got happy for no reason at all.

  7. #6
    Ultimate Member crazydude23's Avatar

    Rank
    Member
    Join Date
    Jan 2007
    Location
    Null Sector
    Posts
    152

    Re: So were the War Z server files 100% fake?

    Go read the post be mental

    [Only registered and activated users can see links. ]


    yes they were fake.

  8. #7
    Ultimate Member Marlon Colhado's Avatar

    Rank
    Member
    Join Date
    Jan 2009
    Location
    Brazil
    Posts
    191

    Re: So were the War Z server files 100% fake?

    It was 100% false. :/

  9. #8
    Member

    Rank
    Member
    Join Date
    Jun 2012
    Posts
    46

    Re: So were the War Z server files 100% fake?

    Quote Originally Posted by crazydude23 View Post
    Go read the post be mental

    [Only registered and activated users can see links. ]


    yes they were fake.
    if they were real... DOOD, the crackers were going to be alot famous.

  10. #9
    Member

    Rank
    Member
    Join Date
    Nov 2007
    Location
    Canada
    Posts
    30

    Re: So were the War Z server files 100% fake?

    well as upsetting as that was, im kind of glad they were not legit, means i can focus on things other than WarZ

  11. #10
    Member

    Rank
    Member
    Join Date
    Sep 2012
    Location
    Ocala, Florida,
    Posts
    87

    Re: So were the War Z server files 100% fake?

    They are out there somewhere it's only a matter of time... :/

  12. #11
    Member

    Rank
    Member
    Join Date
    Apr 2013
    Posts
    77

    Re: So were the War Z server files 100% fake?

    Lol he got us pretty good there

  13. #12
    Member GodLy's Avatar

    Rank
    Member
    Join Date
    Jul 2004
    Location
    C:/ROOT/.../
    Posts
    74

    Re: So were the War Z server files 100% fake?


  14. #13
    Member

    Rank
    Member
    Join Date
    Sep 2012
    Location
    Ocala, Florida,
    Posts
    87

    Re: So were the War Z server files 100% fake?

    "Regards.

    # Update 1

    The official servers were compromised. I have been given user databases and additional material to confirm this (unnamed sourced). Whilst the source code does exist and numerous people have it. Now, it's only a matter of time before they make their way here. It maybe a few days or weeks but they will be here, it all comes down to who wants to release it first. First person to release will get subscriptions here and e-glory.
    "

  15. #14
    Newbie

    Rank
    Member
    Join Date
    Feb 2012
    Posts
    4

    Re: So were the War Z server files 100% fake?

    I did dl everything using Jdownloader, should i do an antivirus scan?

  16. #15
    Account Upgraded | Title Enabled! JonnyTruant's Avatar

    Rank
    True Member
    Join Date
    Mar 2013
    Posts
    587

    Re: So were the War Z server files 100% fake?

    Really, why wont Brazilians release the source-code in here?

 

 
Page 1 of 11 123456789 ... LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HyperFilter
Sponsored by HyperFilter , secured by Incapsula , powered by LiteSpeed.
Mods by DBTech. All times are GMT +1. The time now is 08:52 AM.
Powered by vBulletin® Copyright , Jelsoft Enterprises Ltd.