|
You last visited: Today at 20:51
Advertisement
Theory - How to hack your server
Discussion on Theory - How to hack your server within the Conquer Online 2 forum part of the MMORPGs category.
05/11/2006, 15:41
|
#1
|
elite*gold: 0
Join Date: Feb 2006
Posts: 255
Received Thanks: 3
|
Hi, I'm not sure about this but maybe getting into conquer could be easier than most people think it is. All you need to do is obtain your playing server IP.
This can be done by
1. Starting conquer client and logging into the server you want to try and gain access to.
2. Start>Run>CMD>netstat -n check all the foreign address ip by tracing them and see if any of them go throught the conquer servers such as account.conqueronline.com. If your not sure how to treade them in command prompt type:
tracert 'ip address here without the port number' hit enter.
it will them be traced to 30 hops. Once you have all this information I Think all that would be required is a brute forcer?
Or if you would like to gain access to the conquer website you could go to and on there is a program that tells you the IP address of a URL once you type it in.
All it takes is time.
Not sure about this so flaming is welcome.
P.S THIS IS JUST A THEORY, If someone else will, I would gladly give it a try. Its a little more complicated than the above, had to make it short because im at school.
|
|
|
05/11/2006, 15:54
|
#2
|
elite*gold: 0
Join Date: Jan 2005
Posts: 2,248
Received Thanks: 8
|
well .. u still need to knwo the username rite?..
so u need to bruteforce user n pw tt takes many weeks tooo ..
even if u hacked u might go to jail too
|
|
|
05/11/2006, 16:24
|
#3
|
elite*gold: 0
Join Date: Nov 2005
Posts: 355
Received Thanks: 1
|
and it's very prolly that after few atempts the bruteforce's connection will be blocked. there was another thread about this some time ago and the conclusion was tq ain't that stupid to let anyone hack them
|
|
|
05/11/2006, 16:46
|
#4
|
elite*gold: 21
Join Date: Jul 2005
Posts: 9,193
Received Thanks: 5,376
|
knowing tq there is a chance... hm.. maybe there is a tinny chance I can use this to recover hacked accts (ones that actualy where mine incase you where wondering..)
Meh still.. tq aint 100 pc ******.. just 99.999
|
|
|
05/11/2006, 16:48
|
#5
|
elite*gold: 0
Join Date: Nov 2005
Posts: 355
Received Thanks: 1
|
good luck with recovering your accounts
|
|
|
05/11/2006, 17:26
|
#6
|
elite*gold: 0
Join Date: Jan 2006
Posts: 28
Received Thanks: 10
|
want the ip's?
[Group1]
ServerAmount=2
Server1=Aquarius
Ip1=69.59.142.13
ServerName1=Aquarius
HintWord1=
Pic1=servericon54
Server2=Pisces
Ip2=69.59.142.13
ServerName2=Pisces
HintWord2=
Pic2=servericon55
[Group2]
ServerAmount=2
Server1=Ryee
Ip1=69.59.142.13
ServerName1=Ryee
HintWord1=Welcome to Celebrities. Place your hugs well, and never be alone...*The Goddess Of Hugs*
Pic1=servericon46
Server2=KingJus
Ip2=69.59.142.13
ServerName2=KingJus
HintWord2=Let this server be the Epitome of the group and enjoy creating your distinct legacy.
Pic2=servericon47
[Group3]
ServerAmount=8
Server1=Pyramid
Ip1=69.59.142.13
ServerName1=Pyramid
HintWord1=
Pic1=servericon40
Server2=Mausoleum
Ip2=69.59.142.13
ServerName2=Mausoleum
HintWord2=
Pic2=servericon41
Server3=HangingGardens
Ip3=69.59.142.13
ServerName3=HangingGardens
HintWord3=
Pic3=servericon42
Server4=GreatWall
Ip4=69.59.142.13
ServerName4=GreatWall
HintWord4=
Pic4=servericon45
Server5=Pharos
Ip5=69.59.142.13
ServerName5=Pharos
HintWord5=
Pic5=servericon44
Server6=StatueOfZeus
Ip6=69.59.142.13
ServerName6=StatueOfZeus
HintWord6=
Pic6=servericon38
Server7=ColossusRhodes
Ip7=69.59.142.13
ServerName7=ColossusRhodes
HintWord7=
Pic7=servericon39
Server8=TempleArtemis
Ip8=69.59.142.13
ServerName8=TempleArtemis
HintWord8=
Pic8=servericon43
[Group4]
ServerAmount=8
Server1=Neptune
Ip1=69.59.142.13
ServerName1=Neptune
HintWord1=
Pic1=servericon16
Server2=Saturn
Ip2=69.59.142.13
ServerName2=Saturn
HintWord2=
Pic2=servericon23
Server3=Jupiter
Ip3=69.59.142.13
ServerName3=Jupiter
HintWord3=
Pic3=servericon20
Server4=Mars
Ip4=69.59.142.13
ServerName4=Mars
HintWord4=
Pic4=servericon17
Server5=Venus
Ip5=69.59.142.13
ServerName5=Venus
HintWord5=
Pic5=servericon18
Server6=Mercury
Ip6=69.59.142.13
ServerName6=Mercury
HintWord6=
Pic6=servericon21
Server7=Uranus
Ip7=69.59.142.13
ServerName7=Uranus
HintWord7=
Pic7=servericon22
Server8=Pluto
Ip8=69.59.142.13
ServerName8=Pluto
HintWord8=
Pic8=servericon19
[Group5]
ServerAmount=8
Server1=Snowfall
Ip1=69.59.142.13
ServerName1=Snowfall
HintWord1=
Pic1=servericon36
Server2=Tornado
Ip2=69.59.142.13
ServerName2=Tornado
HintWord2=
Pic2=servericon34
Server3=Blizzard
Ip3=69.59.142.13
ServerName3=Blizzard
HintWord3=
Pic3=servericon32
Server4=Sunshine
Ip4=69.59.142.13
ServerName4=Sunshine
HintWord4=
Pic4=servericon37
Server5=Lightning
Ip5=69.59.142.13
ServerName5=Lightning
HintWord5=
Pic5=servericon35
Server6=Volcano
Ip6=69.59.142.13
ServerName6=Volcano
HintWord6=
Pic6=servericon30
Server7=Thunder
Ip7=69.59.142.13
ServerName7=Thunder
HintWord7=
Pic7=servericon31
Server8=Meteor
Ip8=69.59.142.13
ServerName8=Meteor
HintWord8=
Pic8=servericon33
[Group6]
ServerAmount=8
Server1=Eternity
Ip1=69.59.142.13
ServerName1=Eternity
HintWord1=
Pic1=servericon02
Server2=Dream
Ip2=69.59.142.13
ServerName2=Dream
HintWord2=
Pic2=servericon01
Server3=Glory
Ip3=69.59.142.13
ServerName3=Glory
HintWord3=
Pic3=servericon12
Server4=Faith
Ip4=69.59.142.13
ServerName4=Faith
HintWord4=
Pic4=servericon13
Server5=Freedom
Ip5=69.59.142.13
ServerName5=Freedom
HintWord5=
Pic5=servericon10
Server6=Honor
Ip6=69.59.142.13
ServerName6=Honor
HintWord6=
Pic6=servericon11
Server7=Justice
Ip7=69.59.142.13
ServerName7=Justice
HintWord7=
Pic7=servericon05
Server8=Triumph
Ip8=69.59.142.13
ServerName8=Triumph
HintWord8=
Pic8=servericon04
[Group7]
ServerAmount=6
Server1=Turquoise
Ip1=69.59.142.13
ServerName1=Turquoise
HintWord1=
Pic1=servericon29
Server2=Emerald
Ip2=69.59.142.13
ServerName2=Emerald
HintWord2=
Pic2=servericon26
Server3=Crystal
Ip3=69.59.142.13
ServerName3=Crystal
HintWord3=
Pic3=servericon24
Server4=Diamond
Ip4=69.59.142.13
ServerName4=Diamond
HintWord4=
Pic4=servericon25
Server5=Ruby
Ip5=69.59.142.13
ServerName5=Ruby
HintWord5=
Pic5=servericon28
Server6=Sapphire
Ip6=69.59.142.13
ServerName6=Sapphire
HintWord6=
Pic6=servericon27
[Group8]
ServerAmount=6
Server1=Eagle
Ip1=69.59.142.13
ServerName1=Eagle
HintWord1=
Pic1=servericon07
Server2=Lion
Ip2=69.59.142.13
ServerName2=Lion
HintWord2=
Pic2=servericon09
Server3=Tiger
Ip3=69.59.142.13
ServerName3=Tiger
HintWord3=
Pic3=servericon03
Server4=Phoenix
Ip4=69.59.142.13
ServerName4=Phoenix
HintWord4=
Pic4=servericon14
Server5=Dragon
Ip5=69.59.142.13
ServerName5=Dragon
HintWord5=
Pic5=servericon08
Server6=Kylin
Ip6=69.59.142.13
ServerName6=Kylin
HintWord6=
Pic6=servericon06
|
|
|
05/11/2006, 17:32
|
#7
|
elite*gold: 0
Join Date: Jan 2005
Posts: 2,248
Received Thanks: 8
|
thats onli for login server not game server u bird
|
|
|
05/11/2006, 17:52
|
#8
|
elite*gold: 0
Join Date: Feb 2006
Posts: 255
Received Thanks: 3
|
Hmm.
Youre probably right but as soon as i fix my computer i might give it a try and see how far I can get. There is proably a verification on the logon or something like that I suspect, I think there are some brute forcers that can be 'trained' to get past this.
|
|
|
05/11/2006, 18:30
|
#9
|
elite*gold: 0
Join Date: Dec 2005
Posts: 831
Received Thanks: 60
|
Quote:
Originally posted by Peach@May 11 2006, 17:32
thats onli for login server not game server u bird
|
Probally also game server...
|
|
|
05/11/2006, 20:37
|
#10
|
elite*gold: 0
Join Date: Feb 2006
Posts: 255
Received Thanks: 3
|
Quote:
Originally posted by toreddo+May 11 2006, 18:30--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>QUOTE (toreddo @ May 11 2006, 18:30)</td></tr><tr><td id='QUOTE'> <!--QuoteBegin--Peach@May 11 2006, 17:32
thats onli for login server not game server u bird
|
Probally also game server... [/b][/quote]
Nope, Its the login server.
|
|
|
05/11/2006, 21:23
|
#11
|
elite*gold: 0
Join Date: Oct 2005
Posts: 295
Received Thanks: 342
|
Brute forcers are useless against obscure username/passwords as it would literally take them hundreds of years to get anything. Consider that you don't know the username OR the password, you would have to try every possible username with every possible password. Not viable. Dictionaries are a better way to go, but hardly anyone these days uses dictionary words for usernames or passwords.
It's also common practise in net code to include a progressive exponential delay algorythm into routines that deal with authorization. A few wrong logins from the same IP will result in minimal delays, but, start getting upto about 6 and the delays start to get too long to make brute forcing viable.
The last option you have is TRA (timed response analysis) which can measure the time taken for the server to respond to the login. Over the internet this method is so inaccurate it's almost not worth using. It's used mainly on LANs but is still dodgy then and should only be used during minimal network activity. Modern net code often throws in a random short delay, and coupled with exponential delays on failed logins, this method is next to useless these days.
Hacking is not a targetted thing, it's not usually the case that you attempt to gain access to a specific system or IP. It is more an oppertunistic thing, scanning for systems that have weaknesses or vulnerabilities and exploiting them. If a system has no vulnerabilities and has no easy to guess username/passwords, then doesn't matter how long you try (unless you have several millenia of free time) you aint getting in.
If you must try to target a system, you need to try to find out as much info as you can. Operating system, open ports, software running on those ports, etc... Then goto an underground site and find out all the exploits known for the OS and software you discover. Then try them, if you are very lucky, you may find one that works.
|
|
|
05/11/2006, 21:25
|
#12
|
elite*gold: 0
Join Date: Dec 2005
Posts: 335
Received Thanks: 4
|
username sniper112
password pokemonashketchum
hf no need for karma
|
|
|
05/12/2006, 16:23
|
#13
|
elite*gold: 0
Join Date: Jul 2005
Posts: 120
Received Thanks: 6
|
As qonquer said. Most big hacking that many of you have heard about... Are either an opprotunity that someone took up. Or was the result of months of research, trashing(going through dumpsters at the location for thrown away information). And scanning to death. This is called profiling. Most big corporations tend to be pretty patched up... which is where trashing comes in. Say your at work, and you spill coffee on your login sheet... most people will throw it into the trash, which means it then goes into the dumpster. Which means. A hacker going through there, will find it, and beable to login. Dont look at hacking as you see in most movies, someone hacking a un exploitable computer in under 30 seconds. Look at it as it is. A slow, and precise art.
|
|
|
05/13/2006, 18:56
|
#14
|
elite*gold: 0
Join Date: Dec 2005
Posts: 32
Received Thanks: 0
|
i agree completely... i just smoked a giant phattttttttty so im really weeded... but check it... look at it like this...
if your here, you should know a little bit about IRC, well r00ting in irc is rather easily done on a machine that doesnt have decent security, even those with semi-decent security till get owned by some kid, somewhere else...
i havent r00ted in 2 years but i used to compile r00t kits for friends on irc channels to make bots...
1. get a program like xscan or necture something capable of bruteforce attempts with a dictionary file (find one that also does random chars)
2. scan the ip range. so if i.p is 122.125.164.133 you would can for (e.g. 122.125.0.0 - 122.125.255.255) then you should have a list of all the ip's within the range (takes time)
3. go threw those lists, lookin for active administration passwords (usually if its administrator/administrator on a xp box its secured on NT tho its free game)
4. find your approach, port, method (figure out on your own, im not yoda)
5. telnet in
6. upload your tools/toys
7. secure
8. play.
since this is so commonly known to kids who download a few mirc scripts and read a few forums... tq obviously knows about these attacks and probably has decent enuff security for it to be rendered useless ... all it takes is a GOOD up to date firewall and a router, and given that theyre running a server inwhich people pay real money to buy dragon balls on, they have a physical firewall. which can be hacked, but thats going to take you EVEN LONGER, then once your in your also kind of screwed, you are going to need to download whatever you find PERIOD. no point in downloading only HALF of the files... therefore you need to be connected for a super long ass time like the kid who leaked half life 2 from valve entertainment, then got caught for it. you need shells, many of them, desktop accessable shells, you can scan from, you can brute force from, you need to figure out the proper delay on the server so your ip isnt banned for hammering if theyre running a good firewall.. you need serious knowledge of sql and telnet and every other possible method of attack, you need to be fluent, patient and understand what could happen to your immediate life by attempting this... (jail, court, getting sued) .. ... anyways my final thought is.... no it wont work, if i ran something that involved peoples real life money, i wouldnt have a r00table system.
|
|
|
05/13/2006, 21:52
|
#15
|
elite*gold: 0
Join Date: Feb 2006
Posts: 255
Received Thanks: 3
|
Well, Looks like my theory is ****** then dosen't it.
:P
|
|
|
|
|
Similar Threads
|
[Theory]Shaiya hack
03/09/2012 - Shaiya Hacks, Bots, Cheats & Exploits - 5 Replies
Hi all! I am trying to hack Shaiya. I know it is server-side, and to hack server side I need to have access to the Server computer, but I'm thinking about something other. I can't hack the server, but maybe I can hack the client. For example you get 5000 EXP from a mob. Is the value 5000 send from the client to the server, or the server send the value to the client, and the client send it back to server? I want to know before I start doing something stupid. :D Good bye!
|
[CoNFiRMaTioN] Hack Theory
11/20/2009 - Grand Chase - 2 Replies
As as posted by assassin in his GCPH SD hack... He said that he somehow tried to match the file size by bytes of the original one to his decompress + recompress + CRC'ed . I tried his theory on GC US. I tried decompressing, then edit the slime to just die. Then compress. CRC'ed and tried to have an exact file size of the original one. And *drum roll* .... it works. yeah. I was able to log.in and tried entering trial forest and the slime really died. So this is a heads up to the editors on what...
|
Vacuum Hack Theory
08/12/2009 - Dragonica - 12 Replies
Hi, anyone knows something about how the Vacuum Hack is implemented ?
I can't seem to understand what exactly happens.
|
psychic force hack theory
06/09/2009 - Grand Chase Philippines - 6 Replies
1. go to practice, use AeK
2. use rune flare, scan 1,exact value,4 bytes
3. use rune flare again, scan 2,exact value,4 bytes
4. use psychic force and scan 1
5. if theres less addreses, find the changing value when using rune flare and psychic force and freeze it to 3.
6. theres two addresses that youll freeze into three,that the address
juz a theory since i already tried aegis knight in GS SEA(already closed)
|
Moonbox Theory (Just a theory, don't flame =D)
01/17/2009 - Conquer Online 2 - 10 Replies
Looks like my theory was wrong. Looks like all Moonboxes are Moonbox. If you can prove that it isn't, by all means let me know =P
|
All times are GMT +2. The time now is 20:51.
|
|