pro4ever .. albetros source cheat???

02/03/2012 03:49 somecode#1
why did the albetros source , some player can cheat,add much statpoint and cps .....i'm in trouble ,how can i do ,

in the server didn't saw any Exception..
but some player can make statpoint up to 10000+
and cps add 1,000,000,000 +

how can i prevent that cheat again

help me ....
02/03/2012 04:11 pro4never#2
Random needs a threadsafe wrapper which I mentioned in original release.

As for other stuff I'd guess It's unsecured commands. I don't recall any issues with stat points on our server so not sure really. It wouldn't be an exception obviously because the code is fine... It's simply exploitable. You're best off logging player chats as well as asking users how they are doing it.
02/03/2012 05:29 somecode#3
Quote:
Originally Posted by pro4never View Post
Random needs a threadsafe wrapper which I mentioned in original release.

As for other stuff I'd guess It's unsecured commands. I don't recall any issues with stat points on our server so not sure really. It wouldn't be an exception obviously because the code is fine... It's simply exploitable. You're best off logging player chats as well as asking users how they are doing it.
i try to chat...
but he reluctant to tell me
and he can delete my characters table record


According to your opinion, which is probably what the problem is
02/03/2012 05:53 pro4never#4
Sounds to me like your website isn't very secure.

If he's able to delete the characters table then he's most definitely injecting into your website and letting himself do whatever he wants with the database.
02/03/2012 10:11 I don't have a username#5
This is your real problem.

Take your time to study this very careful.

[Only registered and activated users can see links. Click Here To Register...]
02/03/2012 11:11 BioHazarxPaul#6
lawl sql inject, and this is why some people should not try to code in php,
not a big problem it just takes practice, id recommend using Dreamweaver it helps you code to a point and helps to prevent common mistakes..
02/03/2012 11:23 I don't have a username#7
Quote:
Originally Posted by BioHazarxPaul View Post
lawl sql inject, and this is why some people should not try to code in php,
not a big problem it just takes practice, id recommend using Dreamweaver it helps you code to a point and helps to prevent common mistakes..
Lool I know right. It's funny, when people make websites, their first concern is always design and functions, but not security. If ever security. When I'm making sites and coding functions, then I always focus on the security for every single functions. I'm not using PHP tho, but ASP.NET, but still reasonable for anything.
02/03/2012 12:38 somecode#8
everybody ..i didn't use website...
and ididn't use any php

i only use the souce + client to work ...

acc auto reg ... if the login acc isn't exist

the new cheat ...
he can talk with another player 's name...
he can delete items table record
OMG.... fuck
02/03/2012 13:15 I don't have a username#9
LMFAO
02/03/2012 20:54 F i n c h i#10
Looks like you are COMPLETELY screwed.