Hacking SQL with Server IP Only?

[RoozeV]

Yes, even without knowing the password or login, the guy managed to send and edit items.

I don't have a website and the SQL port is filtered for local access only.

How is this possible?

[MentaL]

[PwrDex]

Yes, even without knowing the password or login, the guy managed to send and edit items.

I don't have a website and the SQL port is filtered for local access only.

How is this possible?

That what you saying is impossible. Did you checked the sent mail table and cash item history?

[RoozeV]

That what you saying is impossible. Did you checked the sent mail table and cash item history?

Yes I checked the history, and that's not it. He showed me that he can create characters too (within accounts I created), so I assume he can execute SQL commands.

I spoke to him on discord and he told me he can do this if port 38180 or 38181 (I can't remember for sure which one) is open. I closed those ports on the firewall and asked him to try again, and apparently he couldn't. But I don't know if I can trust him.

There's no way to be brute force because my login and password are about 10 characters long, including special symbols, and my SQL port is not the default. Also, I changed the password and he got it quickly.

It also showed me that it can crash channels, but I used that thread and blocked some packets like ''e2b70e0000000000..'' and apparently fixed it.

[AzureSensei]

Why would you keep GlobalDBAgent port open?????

There is a reason why only these ports suppose to be open:
- 80 - HTTP
- 443 - HTTPS
- 1433 - Database
- 38101 - LoginSvr
- 38121 - Chatnode
- 38151 - AgentShop
- 38111 - 38116 - Channels*
- 38126 - War [170-190]*

[RoozeV]

Why would you keep GlobalDBAgent port open?????

There is a reason why only these ports suppose to be open:
- 80 - HTTP
- 443 - HTTPS
- 1433 - Database
- 38101 - LoginSvr
- 38121 - Chatnode
- 38151 - AgentShop
- 38111 - 38116 - Channels*
- 38126 - War [170-190]*

Yeah, I didn't think something like that was possible... not on this level. :P

[AzureSensei]

There are tools out there, since EP2 times, that are extremely damaging if you leave specific ports open, so that's the reason why the only minimal amount is needed to be public, everything else is communicating behind firewall.

[PwrDex]

Why would you keep GlobalDBAgent port open?????

There is a reason why only these ports suppose to be open:
- 80 - HTTP
- 443 - HTTPS
- 1433 - Database
- 38101 - LoginSvr
- 38121 - Chatnode
- 38151 - AgentShop
- 38111 - 38116 - Channels*
- 38126 - War [170-190]*

Also if you have to open Port 22 and 1433 than IP filter and if you want better protection than certification authentication is recommended.

[Ocid Borlan]

sql procedure

[Fur Zi]

SQL Injection can be done in your client.