Hate to burst your bubble (okay, I lied), but even if you DID manage to get in, you still face the problems of: a. You don't know where the character files are b. You (probably) don't know how the character files are formatted c. Your ass is grass when they notice that they have someone accessing their server in this manner d. And TQ's lawyers are lawnmowers e. It will probably not take them much longer to notice you in their system than it will take you to go "Woohoo, I'm in!"
Real Hacking CO2 Wild Kingdom Eagle Server
07/04/2008 10:57
Xiron#16
07/04/2008 18:38
scottdavey#17
Who cares about accessing data files, Everyone hates TQ = ctrl a & delQuote:
Hate to burst your bubble (okay, I lied), but even if you DID manage to get in, you still face the problems of: a. You don't know where the character files are b. You (probably) don't know how the character files are formatted c. Your ass is grass when they notice that they have someone accessing their server in this manner d. And TQ's lawyers are lawnmowers e. It will probably not take them much longer to notice you in their system than it will take you to go "Woohoo, I'm in!"
07/04/2008 19:15
devilsmum#18
everyone hates TQ, but they are not as stupid as you make out. 700 employees and rising. One of the most successful games in china and many other big mmorpgs.
They are just money made. We are talking about the US side of TQ being complete idiots. But they will have tight security since conquer makes them so much money now.
They are just money made. We are talking about the US side of TQ being complete idiots. But they will have tight security since conquer makes them so much money now.
07/04/2008 19:25
emmanication#19
why not sql injection?
07/04/2008 19:37
TonyPlayer#20
done :D
tipe in the ip on site 1
and server was down for 5mins.. NO IT WASNT MAINTAINCE
but i became scared and crash my pc down xD
tipe in the ip on site 1
and server was down for 5mins.. NO IT WASNT MAINTAINCE
but i became scared and crash my pc down xD
07/04/2008 23:18
InfamousNoone#21
I don't know if you've passed the password stage but why not use a simple password generation algorithm such as; Can't be assed to do the cmd prompt shite right now, going out.
Code:
// just an example of how to do it with an 8-char max password
bool Connect(char* Password)
{
// ...
// ...
// ...
}
// ----------------------------
bool connected = false;
char tryPassword[8];
char lastPassword[8];
memset(tryPassword, 0, 8);
memset(lastPassword, 255, 8);
while (!connected)
{
if (memcmp(tryPassword, lastPassword, 8) == 0)
break; // tried all valid passwords
*((unsigned __int64)tryPassword)++;
connect = Connect(tryPassword);
}
07/05/2008 00:15
Role_Model#22
Well, this is FTP where talking about, File Transfer Protocol, sound simple as is...unless its in a language, or encrypted...and i dont feel like learning any language, or decrypting...at the moment i will just take down everything, **Format**...that would suck for Kutie-Janet...she has freaking everything Super 2Sock with All SDG, all -7, all +12 she is freaking fully maxed out...but idc...besides im your all talking to a 15yr old!Quote:
07/05/2008 00:48
iliveoncaffiene#23
Rofl what a dumbass.
*Don't you all realize you're being fooled by a complete idiot? All he did is use something we can all use, command prompt.*
Login to your server and type "netstat -a" into command prompt, then find the IP which your connected to port 5816 on (Map server port). You now have game server IP [sarcasm]OMG THAT WAS HARD[/sarcasm]
All he did is realize that there's an FTP server running, which is pretty easy for most people to figure out. Yes, they have a banner for the FTP which is quite stupid, but serv-u isn't easily brute forced. You didn't find anything but another login, and it's doing EXACTLY what it should be doing, keeping you out.
You didn't hack anything script-kiddie. If you really want to meet someone who's been inside TQ's SQL servers, talk to me. I'll give you SQL SELECT access to my backup of the Dragon game server database (I'm not kidding). The previous hack was on their website, they left a gaping security hole in the player photo system: that, coupled with an admin/admin user authentication got us in with a PHP shell script that brought about the massive hacks on CO around last september/august (The DB drop on Dragon, yes).
P.S. Xiron:
b - Again, SQL
c - They took about a week last time
d - No lawyers because you're not accessing it by illegal means
e - Look at 'C'
*Don't you all realize you're being fooled by a complete idiot? All he did is use something we can all use, command prompt.*
Login to your server and type "netstat -a" into command prompt, then find the IP which your connected to port 5816 on (Map server port). You now have game server IP [sarcasm]OMG THAT WAS HARD[/sarcasm]
All he did is realize that there's an FTP server running, which is pretty easy for most people to figure out. Yes, they have a banner for the FTP which is quite stupid, but serv-u isn't easily brute forced. You didn't find anything but another login, and it's doing EXACTLY what it should be doing, keeping you out.
You didn't hack anything script-kiddie. If you really want to meet someone who's been inside TQ's SQL servers, talk to me. I'll give you SQL SELECT access to my backup of the Dragon game server database (I'm not kidding). The previous hack was on their website, they left a gaping security hole in the player photo system: that, coupled with an admin/admin user authentication got us in with a PHP shell script that brought about the massive hacks on CO around last september/august (The DB drop on Dragon, yes).
P.S. Xiron:
a - It's SQL, no filesQuote:
b - Again, SQL
c - They took about a week last time
d - No lawyers because you're not accessing it by illegal means
e - Look at 'C'
07/05/2008 10:22
warriorchamp#24
......
Guys... :)) I must laugh on you..
A guy comes with 4 posts and with his cmd knowledge and want to break in in the CO's serverPC. And now comes the interesting thing: everybody believes him:))
He's not the only who tried to break in/hack the CO...nobody succeeds...
Btw... Posting this sh*t on Forum, CO will take care that nobody can access their servers without their permission in the future....
Guys... :)) I must laugh on you..
A guy comes with 4 posts and with his cmd knowledge and want to break in in the CO's serverPC. And now comes the interesting thing: everybody believes him:))
He's not the only who tried to break in/hack the CO...nobody succeeds...
Btw... Posting this sh*t on Forum, CO will take care that nobody can access their servers without their permission in the future....
07/05/2008 11:28
Evil~nub#25
/agreedQuote:
Guys... :)) I must laugh on you..
A guy comes with 4 posts and with his cmd knowledge and want to break in in the CO's serverPC. And now comes the interesting thing: everybody believes him:))
He's not the only who tried to break in/hack the CO...nobody succeeds...
Btw... Posting this sh*t on Forum, CO will take care that nobody can access their servers without their permission in the future....
07/05/2008 13:07
Kiyono#26
search for a mysql 3 exploit (yea i know tq uses mysql 3 it's sad)
07/05/2008 13:36
Kiyono#27
if you realy have the backup could i see it? i've alway wondered about how their DB looks likeQuote:
*Don't you all realize you're being fooled by a complete idiot? All he did is use something we can all use, command prompt.*
Login to your server and type "netstat -a" into command prompt, then find the IP which your connected to port 5816 on (Map server port). You now have game server IP [sarcasm]OMG THAT WAS HARD[/sarcasm]
All he did is realize that there's an FTP server running, which is pretty easy for most people to figure out. Yes, they have a banner for the FTP which is quite stupid, but serv-u isn't easily brute forced. You didn't find anything but another login, and it's doing EXACTLY what it should be doing, keeping you out.
You didn't hack anything script-kiddie. If you really want to meet someone who's been inside TQ's SQL servers, talk to me. I'll give you SQL SELECT access to my backup of the Dragon game server database (I'm not kidding). The previous hack was on their website, they left a gaping security hole in the player photo system: that, coupled with an admin/admin user authentication got us in with a PHP shell script that brought about the massive hacks on CO around last september/august (The DB drop on Dragon, yes).
P.S. Xiron:
a - It's SQL, no files
b - Again, SQL
c - They took about a week last time
d - No lawyers because you're not accessing it by illegal means
e - Look at 'C'
07/05/2008 15:09
dbzman1995#28
wow, teach me lolQuote:
*Don't you all realize you're being fooled by a complete idiot? All he did is use something we can all use, command prompt.*
Login to your server and type "netstat -a" into command prompt, then find the IP which your connected to port 5816 on (Map server port). You now have game server IP [sarcasm]OMG THAT WAS HARD[/sarcasm]
All he did is realize that there's an FTP server running, which is pretty easy for most people to figure out. Yes, they have a banner for the FTP which is quite stupid, but serv-u isn't easily brute forced. You didn't find anything but another login, and it's doing EXACTLY what it should be doing, keeping you out.
You didn't hack anything script-kiddie. If you really want to meet someone who's been inside TQ's SQL servers, talk to me. I'll give you SQL SELECT access to my backup of the Dragon game server database (I'm not kidding). The previous hack was on their website, they left a gaping security hole in the player photo system: that, coupled with an admin/admin user authentication got us in with a PHP shell script that brought about the massive hacks on CO around last september/august (The DB drop on Dragon, yes).
P.S. Xiron:
a - It's SQL, no files
b - Again, SQL
c - They took about a week last time
d - No lawyers because you're not accessing it by illegal means
e - Look at 'C'
wait, so you got into their server and fucked everything up and it wasn't illegal?
also, what hacks? I wasn't playing durring the time.. DB drops? Did you guys make it so mobs drop DBS every 100 kills or something? If so tell me what tq has their drop rate set on xD 1/18389275
07/05/2008 17:21
~Yuki~#29
Dropprates are in the source not in the db (im pretty sure its so)