Some kind of Hackers on your server (arcturus server)

Results 1 to 9 of 9
  1. #1
    Valued Member harry12 is offline
    MemberRank
    Jun 2010 Join Date
    148Posts

    Some kind of Hackers on your server (arcturus server)

    i remember this stat hack before, bretts proxy is it? use on prose before..

    we've made our server up and fix the error with a help of payed dev,
    we also manage to fix the server freeze.

    well these days our server run for almost 2weeks and peeked maximum of 100+ players online
    but theres unknown hacker that can edit stats and zulies. SQL injection maybe? so how we can sure that our files, mssql database are secured? we already even setup ddos protection tho
    i saw this on our logs files, using zcools release alliance rose view character reports



    probably he troll on the server. look at hes username and emaill add
    btw we use hijacob server files, asked him about 12hrs ago waiting for reply and asking if hes file are secure.


  2. #2
    Proficient Member Kingdom Rose is offline
    MemberRank
    Nov 2013 Join Date
    FetusLocation
    199Posts

    Re: Some kind of Hackers on your server (arcturus server)

    You might need to look for the protection in osrose forums you might find the sql query to fix this

  3. #3
    Member hijakob is offline
    MemberRank
    May 2014 Join Date
    81Posts

    Re: Some kind of Hackers on your server (arcturus server)

    I've heard about these things earlier.

    I'm sorry this is happening and you're being attacked by a virgin who's life must be empty and feeling sorry for him to be terrified by a pinoy server that casts its shadow on his small nuts.

    Sadly I have no ideas how he proceeds.

    If anyone knows how this works, I will do my best to help you sort this out.

    Your website isn't secure regarding SQL injections you should have that fixed.

    And even if he does hack from InGame, you can setup an email verification check, that will prevent him from making accounts as he uses shit email adresses.

    I just hope for you his life doesn't sucks enough for him to make 200 email adresses.

    I never said my files were hackerproof. I just said they were working. And they are.

    Now what we have to do is to point out how what he's doing works, and we'll be able to fix it.

    Just remember I'm supporting you.


    Hij.

  4. #4
    Valued Member ihaki is offline
    MemberRank
    Nov 2008 Join Date
    FranceLocation
    144Posts

    Re: Some kind of Hackers on your server (arcturus server)

    This guy is french

  5. #5
    Member zcool1956 is offline
    MemberRank
    Jul 2010 Join Date
    ArizonaLocation
    71Posts

    Re: Some kind of Hackers on your server (arcturus server)

    At one time ICON had addressed this and his suggestion was to take the sql files and rename them to something else.

    Example: seven_ORA = partytime

    SHO = mygame

    Then have the ODBC point to your new sql file names. The reason for this is everyone knows the names of the sql files.

    This is only one small way to try and stop sql injection but there are more advanced way's of doing which I do not have the knowledge of...But if a person that is just learning how to hack or a kid that is doing this for the hell of it or is mad at you for some reason this might stop them.
    Last edited by zcool1956; 18-05-15 at 04:50 PM.

  6. #6
    Valued Member ihaki is offline
    MemberRank
    Nov 2008 Join Date
    FranceLocation
    144Posts

    Re: Some kind of Hackers on your server (arcturus server)

    Ofc, change your db names to random ones.

  7. #7
    Member hijakob is offline
    MemberRank
    May 2014 Join Date
    81Posts

    Re: Some kind of Hackers on your server (arcturus server)

    Told them in the first place that DB names had to be changed. But it seems they did not take that advice seriously.

    The kid responsible of this used SQL injections. He used their website (RoseCP) wich is known to have that security leak.

    There are only few ways to fix this.

    1) You have enough PHP/MSSQL knowledge to make your own filter to avoid these kind of injections or you know someone that can do it for you.

    2) You go for a totally new website but this one requieres even more knowledge.

    In both cases, you will have to change your DB names for more security, you can even apply some more triggers inside your databases to prevent injections.


    Hij.

  8. #8
    Valued Member ihaki is offline
    MemberRank
    Nov 2008 Join Date
    FranceLocation
    144Posts

    Re: Some kind of Hackers on your server (arcturus server)

    Php isn't that hard to learn, i suggest you to do that, it's fun and your website will be all yours ;)

  9. #9
    Member fawkeslinux is offline
    MemberRank
    Mar 2014 Join Date
    97Posts

    Re: Some kind of Hackers on your server (arcturus server)

    Yup SQL injection.. Vuln. try Scan with Vulnerability scanner to your site.. to know were they possible to get in 2 ur DB
    hacker also pwn to our server but i delete his access acc. but still can access bcoz he make a backdoor to our server.. to maintain access. i also agree to harry that rose kiorochi site have a vulnerability or someone reedit it to orig author and upload and make a vuln. to easily get in to DB hahaha..


    sorry for my bad english.



Advertisement