Printable View
Hi, Got very big problem! Was playing MU, visited WEB and save error, that MEMB_INFO Doesnt exist, i was wtf... looked enterprise manager and there realy were missing some tables.
Guys, please, help me. Dont know what the... happened. Is there some ideas how to log what happened or backup information, even if it sound unreal, need your advices, ideas.
The MuServer somehow secured from SQL Injection attacks, but the WEB might be not secured yet, with simple hack attempt likeorCode:' or 1=1; DROP TABLE MEMB_INFO
can really wipe out your MuDatabase 'cause an unsecured website.Code:' or 1=1; DROP DATABASE MuOnline
Find another web client for your MU which already secured.
using mymuweb
Im using another account for Web, not sa, isnt that enough ?
sql injections are random
so ulll have to secure ur muweb as good as u can and maybe put anti sql inject scripts etc :)
google will help though.
You must also have ExDB with anti-injection in server side.
http://forum.ragezone.com/f197/exdb-0-40n-0-4-a-663411/
wow! Thanks guys, good informatino for me, if somebody want to share more information about security of muserver will be greatful to listen.
about the mu server - download exdb with secure about the sql injection from the GUILD NOTICE, and block all applications without gs and cs in the firewallQuote:
Originally Posted by 6matko