Most visitors online was 12720 , on 2 May 2024
-
Unfortunately, we have experienced significant hard drive damage that requires urgent maintenance and rebuilding. The forum will be a state of read only until we install our new drives and rebuild all the configurations needed. Please follow our Facebook page for updates, we will be back up shortly! (The forum could go offline at any given time due to the nature of the failed drives whilst awaiting the upgrades.) When you see an Incapsula error, you know we are in the process of migration.
Is it possible to gain full access from global manager?
- Thread starter John125
- Start date
Hmm could you explain a bit more? I'm talking only about globalmanager, which only let's to run queries in the DB's, nothing more, isn't it? I mean if everything (mssql, cert, billing, and everything else) is locked up.
Upvote
0
- Joined
- Jun 16, 2007
- Messages
- 592
- Reaction score
- 869
yes you can get full root access from the global manager , smc
Upvote
0
Junior Spellweaver
- Joined
- Dec 26, 2008
- Messages
- 185
- Reaction score
- 59
Executing a special procedure, just forgot the name.
With that procedure, its possible to disable the firewall,add new system accounts and such poop xD
xp_cmdshell or something like that.
With that procedure, its possible to disable the firewall,add new system accounts and such poop xD
xp_cmdshell or something like that.
Upvote
0
Experienced Elementalist
- Joined
- Dec 22, 2009
- Messages
- 202
- Reaction score
- 85
You can gain full access from the Global very easily...your best bet is to go through the scripting and make it only accessible from the "NEEDED" machines (for the SMC..admins w/e) Now...when we started these files way way back....a few of us discussed proper ways to set up the machines...in order to secure their "data transactions" with each other... we came to the conclusion that the best way to do so, is to designate specific machines, or even VM's (considering your server is good enough hardware'wise), for each of the managers....and then binding their address.....this way they only talk to each other....the ONLY ones that need to talk to the outside are the Gateway (for logging), and the Game (for PC data exchange)....that is it....nothing else needs to talk to outside machines...so you can bind them to each other...now you cant hack them because they wont talk to you....
It is complex...and you need to know what your are doing (pretty much down to the finish), but it is THE most way to physically set up your machines to prevent full outside access....This is what was done with GoldenSRO, this is also what was done with Infinite Aion.... both of which were very very big, and never got broken into...
[No I am NOT available for Development on this project...sorry I have to much other poop going on...but I can offer my advice...best I can do for you right now]
PS..... Sup peeps....it's been awhile eh
unless things have changed since I was last developing....the only way your are NOT running mssql, is if you are using the Oracle/MySQL alternative with over half your servers functions and poop NOT working...
When I left...the DB translation was in progress (very little progress) and back burnered of little importance
It is complex...and you need to know what your are doing (pretty much down to the finish), but it is THE most way to physically set up your machines to prevent full outside access....This is what was done with GoldenSRO, this is also what was done with Infinite Aion.... both of which were very very big, and never got broken into...
[No I am NOT available for Development on this project...sorry I have to much other poop going on...but I can offer my advice...best I can do for you right now]
PS..... Sup peeps....it's been awhile eh
unless things have changed since I was last developing....the only way your are NOT running mssql, is if you are using the Oracle/MySQL alternative with over half your servers functions and poop NOT working...
When I left...the DB translation was in progress (very little progress) and back burnered of little importance
Upvote
0
Thanks for everyone =) I think I'll try something with virtual mashines.
Is that true? I googled abit about that procedure, seems to be that it doen't have admin privilegies, I mean it doesn't run as admin? DUnno maybe I'm wrong Anyways thanks.
Is that true? I googled abit about that procedure, seems to be that it doen't have admin privilegies, I mean it doesn't run as admin? DUnno maybe I'm wrong
Anyways thanks.
Upvote
0
Experienced Elementalist
- Joined
- Dec 22, 2009
- Messages
- 202
- Reaction score
- 85
Hmm, well considering I have been in school and raising my daughter (part of the reason for my absense from this development), I actually was not aware that their DB was leaked...however it does not surprise...nothing is ever 100% safe...and especially with larger more progressive servers...it is always "only a matter of time" before that sort of crap happens....but really, if it was leaked 1 year ago, than it doesnt matter anyways, by that time both Diamond and Trinity core have releases more than fantastic engines for the server...the older version sucked but the newer ones are pro (Novo's is based off that work)
Anyways back on topic....
Before you go and put all your stuff on VM's hear me out.....because you can really duck up the stability of your server if you dont do this right....and fixing it is not so easy
A few important things......
Game Server needs to go by itself...it just sucks up way to much resource...basically it does NOT like to share system resources with the other kids...also...it is not a bad idea to set them up in a chain of some decent order (I mean with IP's) this will help you stay organized, and also allow you to visually track information by watching the IP's
.....here example
Global 192.168.1.1
Gateway 192.168.1.2
Machine 192.168.1.3
Download 192.168.1.4
and so on
This will help you know where what why and how just by watching your Server UI for a few seconds....
Also for those of you (and I still need to find the thread again) that are still having cmdshell issues....
Try here
Software Installation Failure - The requested operation requires elevation - Desktop Central MSP Knowledge Base
Look around...I have already been through most of this stuff long ago when VSRO files were 1st leaked and we started really moving this project forward.....most of you know that I helped with the Initial Phases, as well as the Deployment....so find some of my archived threads (old threads)....they should cover alot of the issues that are going...
PS.PS....WTF happened to Chern0byl??
Upvote
0
Experienced Elementalist
- Joined
- Dec 22, 2009
- Messages
- 202
- Reaction score
- 85
Actually no....not lost...just been gone since oh...I dunno...actually not too long after you joined...so, no...hardly lost, just not caught back up to speed fully yet
Upvote
0
Master Summoner
- Joined
- Nov 18, 2011
- Messages
- 529
- Reaction score
- 345
Upvote
0
- Joined
- Jul 23, 2011
- Messages
- 391
- Reaction score
- 664
Enabling xp_cmdshell in SQL Server 2005
lol
Code:
' exec xp_cmdshell 'net user Admin 0xsuma4__ /add'--
' exec xp_cmdshell 'net localgroup Administrators Admin /add'--lol
Upvote
0
Just figured out something, it's not possible(at last I think so). By default sql service runs on NETWORK SERVICE user, which don't have required permissios to add user and so on, unless there is a way to change sql service user to localsystem.
Upvote
0
- Joined
- Jul 23, 2011
- Messages
- 391
- Reaction score
- 664
That's right, John125. If mssql runs under net service privileges, you wont have access to FS.
Upvote
0
Just a little thought, maybe it is possible to run query as localsystem user?
Upvote
0
RaGEZONE Sponsor
