Where is the problem ?

[okulyolu]

Hi friends.

I have sro pvp server which is running for 7 years. Nowadays I have a problem with a player. I banned him then he removed his ban, enter the game by changin other players ids, gives them dc, transfer their items to himself, loads himself money etc etc.

We’ve made all the controls, checked all the ports also we have changed the server and setup to another device *but we couldn’t get rid of him. He can still do what ever he wants. I couldn’t find any other solution.
Where is the bug?

 

[blapanda]

Disallow any entry and access to your database via GM accounts, external methods (setting your ODBC server option as private, instead of public), unravel the ends of your connection(s) (like managing portforwarding for server, ftp, billingserver, etc), and the list goes on.

Just get some intel about how things do work. You are running a pServer for 7 years, thus you should already have a fix for this kind of problem, though.

 

[okulyolu]

Disallow any entry and access to your database via GM accounts, external methods (setting your ODBC server option as private, instead of public), unravel the ends of your connection(s) (like managing portforwarding for server, ftp, billingserver, etc), and the list goes on.

Just get some intel about how things do work. You are running a pServer for 7 years, thus you should already have a fix for this kind of problem, though.

I tried everything

 

[NourAyman]

First of all clean your host by fully scanning it or reinstall or w/e
cuz even an sql injection could lead to throwing a backdoor into your server!!!

if you're using a filter:

1_try to look into packets that are related to ingame chat/msg that are
going to be stored in sql. you should be cautious about it.
here's an example for it

Spoiler

        public static string clean(string query)
        {
            query = query.Replace("'", string.Empty);
            query = query.Replace("\"", string.Empty);
            return query;
        }
//Then use this method to clean w/e you want
sql.clean(message)

2_there was an exploit that kept secret for a long time that player
can execute queries through fortress messages. and there is a fix for it

Spoiler

            if (_pck.Opcode == 0x705E)
            {
                string message = _pck.ReadAscii();
                if (message.Contains("'"))
                {
                    Disconnect.player();
                }
                else if (message.Contains("\""))
                {
                    Disconnect.player();
                }
            }

in case of none of them works then it's just your website mate.
try to disable web panel as a temp solution till you check up your entire website