|
You last visited: Today at 06:51
Advertisement
Hacking a conquer server
Discussion on Hacking a conquer server within the Conquer Online 2 forum part of the MMORPGs category.
06/18/2006, 18:34
|
#1
|
elite*gold: 0 
Join Date: Aug 2005
Posts: 15
Received Thanks: 0
|
well,as we all know the server prolly uses a file to store all the data,right?if we scanned some ports of the server,use a server id(the ports for pharos and the ip then plz) then we could log in,and gain passwords and usernames,right?or isnt it this easy?i saw the bruteforcing thread and i thought id make one with my thaught
|
|
|
|
06/18/2006, 18:43
|
#2
|
elite*gold: 0
Join Date: Aug 2005
Posts: 1,466
Received Thanks: 56
|
1 against the law
2 passwords are encrypted
3 against the law(btw so is bruteforcing)
i dont know about you but i dont wanna have any stuff on my record...so i say screw that..
|
|
|
|
|
06/18/2006, 18:47
|
#3
|
elite*gold: 0
Join Date: Aug 2005
Posts: 15
Received Thanks: 0
|
well,with a good decryptor,using a program that constantly changes ur ip, and netbus i think it should work 
|
|
|
|
|
06/18/2006, 19:47
|
#4
|
elite*gold: 0
Join Date: Feb 2006
Posts: 187
Received Thanks: 4
|
goodluck lol, i don't think any1 hacked in tq servers before, don't think any1 ever will.
this isen't as easy as bruteforcing a account, and when you try to hack into something, try to keep it small so they won't start hunting you...(got any id what they will do to yo when they find out who hacked into tq servers ?)
p.s @ glenn_de_zot...hmm mss zijn we allemaal een beetje zot ( nler of belg btw ?)
|
|
|
|
|
06/18/2006, 20:46
|
#5
|
elite*gold: 0
Join Date: Nov 2005
Posts: 1,963
Received Thanks: 36
|
yip i would never hack server cuz mayb IP bann <_<
|
|
|
|
|
06/18/2006, 23:55
|
#6
|
elite*gold: 0
Join Date: Jun 2006
Posts: 125
Received Thanks: 1
|
Quote:
Originally posted by n0b0dYsB3tT3r@Jun 18 2006, 19:47
goodluck lol, i don't think any1 hacked in tq servers before, don't think any1 ever will.
this isen't as easy as bruteforcing a account, and when you try to hack into something, try to keep it small so they won't start hunting you...(got any id what they will do to yo when they find out who hacked into tq servers ?)
p.s @ glenn_de_zot...hmm mss zijn we allemaal een beetje zot ( nler of belg btw ?)
|
lol, I know someone who hacked the TQ server because his char got deleted.
|
|
|
|
|
06/19/2006, 00:59
|
#7
|
elite*gold: 0
Join Date: Jul 2004
Posts: 980
Received Thanks: 46
|
Quote:
Originally posted by Glenn_De_Zot@Jun 18 2006, 18:34
well,as we all know the server prolly uses a file to store all the data,right?if we scanned some ports of the server,use a server id(the ports for pharos and the ip then plz) then we could log in,and gain passwords and usernames,right?or isnt it this easy?i saw the bruteforcing thread and i thought id make one with my thaught
|
you cant just scan a server for open ports and then just login a port is like a door you can go to it and knock and if there is a programm on the other side it can reply but you dont know what programm is on the other side of the door and not every to tell you the truth nearly no programm lets you get files from the server
so what you could do is write a programm that can communicate with the login server of conquer bruteforce or use a wordlist on account names and passwords but this would take alot of time realy realy alot we dont talk about hours or days we talk about hundreds of years if you dont know the acc name and the password
and they would find you through your ip before you find even one acc and maybe put you in prison 
|
|
|
|
|
06/19/2006, 01:05
|
#8
|
elite*gold: 20
Join Date: Mar 2005
Posts: 1,248
Received Thanks: 2,252
|
just as co was written to communicate with the server, you could make a program, based on conquer, because as conquer can read the files, something similar should do the same, if it has the same protocol and sutff
|
|
|
|
|
06/19/2006, 02:43
|
#9
|
elite*gold: 0
Join Date: Oct 2005
Posts: 332
Received Thanks: 69
|
Get brutus AE2 (brute forcer) it has a built in proxy. Find out if the server runs SQL databases, brute force for a pass and username to the SQL port, login with PostgreSQL, voilah... there's a database
Now without SQL, all files are stored on the server, therefore requiring a backdoor implanted server-side to let you in through the port.
Another way -> There are main packets sent at login that send the username and password. Find out a way to simply log packets from a remote computer to the server, decrypt the password in the packet (it's even encrypted clientside), and then you have a username and pass.
|
|
|
|
|
06/19/2006, 04:20
|
#10
|
elite*gold: 20
Join Date: Jun 2005
Posts: 1,489
Received Thanks: 301
|
Quote:
Originally posted by Neuropath+Jun 18 2006, 23:55--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>QUOTE (Neuropath @ Jun 18 2006, 23:55)</td></tr><tr><td id='QUOTE'> <!--QuoteBegin--n0b0dYsB3tT3r@Jun 18 2006, 19:47
goodluck lol, i don't think any1 hacked in tq servers before, don't think any1 ever will.
this isen't as easy as bruteforcing a account, and when you try to hack into something, try to keep it small so they won't start hunting you...(got any id what they will do to yo when they find out who hacked into tq servers ?)
p.s @ glenn_de_zot...hmm mss zijn we allemaal een beetje zot ( nler of belg btw ?)
|
lol, I know someone who hacked the TQ server because his char got deleted. [/b][/quote]
sure ya do
|
|
|
|
|
06/19/2006, 04:33
|
#11
|
elite*gold: 20
Join Date: Mar 2005
Posts: 1,248
Received Thanks: 2,252
|
Quote:
Originally posted by iliveoncaffiene@Jun 18 2006, 20:43
Get brutus AE2 (brute forcer) it has a built in proxy. Find out if the server runs SQL databases, brute force for a pass and username to the SQL port, login with PostgreSQL, voilah... there's a database
Now without SQL, all files are stored on the server, therefore requiring a backdoor implanted server-side to let you in through the port.
Another way -> There are main packets sent at login that send the username and password. Find out a way to simply log packets from a remote computer to the server, decrypt the password in the packet (it's even encrypted clientside), and then you have a username and pass.
|
im pretty sure they use chinese windows, and they dont use any sql... i think they store their data in .ini files lol... my opinion is based on their game coding
|
|
|
|
|
06/19/2006, 08:29
|
#12
|
elite*gold: 0
Join Date: Mar 2006
Posts: 95
Received Thanks: 0
|
Quote:
Originally posted by XtremeX-CO+Jun 19 2006, 04:33--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>QUOTE (XtremeX-CO @ Jun 19 2006, 04:33)</td></tr><tr><td id='QUOTE'> <!--QuoteBegin--iliveoncaffiene@Jun 18 2006, 20:43
Get brutus AE2 (brute forcer) it has a built in proxy. Find out if the server runs SQL databases, brute force for a pass and username to the SQL port, login with PostgreSQL, voilah... there's a database
Now without SQL, all files are stored on the server, therefore requiring a backdoor implanted server-side to let you in through the port.
Another way -> There are main packets sent at login that send the username and password. Find out a way to simply log packets from a remote computer to the server, decrypt the password in the packet (it's even encrypted clientside), and then you have a username and pass.
|
im pretty sure they use chinese windows, and they dont use any sql... i think they store their data in .ini files lol... my opinion is based on their game coding [/b][/quote]
.ini files for local system use. The only other location for any .ini files would be on the web server for directory paths and so on.
You would have to know a few things before attempting to target a server directly.
1. The type of database (FrontBase, MySQL, OpenBase, Oracle, PostgreSQL, SQL Server, Sybase etc... the list goes on.)
2. Is this database located on a dedicated server or is it shared with other types of servers?
Dedicated: This means the the server that runs the DB does not run any other server type functions. This limits the available ports but expands the possible exploits to try depending on the type of DB used
Shared: This means the DB server is also running other server functions, possiby web server or login etc... This means on this system there are more open ports and more vulnerable however this does give you numerous possabilities and the issue is how much time do you want to waste?
3. What type of Server are they running?
Wich one do they use where? (Unix,NT4, Win2k, 2003)
This brings again the issue of what type of process are you to take to try and gain access to the server. Also with every server there's patches. What patch is the server running? Whats exploits exist for that patch?
Yes its possible, highly illegal but doubtfull that any average to intermediate user can do it. You need time patience and brains. Not hard to log such activities on a server and activate another level of security.
I sadly had the pain of working for  building such machines and cloaking them from users.
|
|
|
|
|
06/19/2006, 11:49
|
#13
|
elite*gold: 0
Join Date: May 2006
Posts: 422
Received Thanks: 3
|
Quote:
Originally posted by Tw3ak+Jun 18 2006, 22:20--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>QUOTE (Tw3ak @ Jun 18 2006, 22:20)</td></tr><tr><td id='QUOTE'><!--QuoteBegin--Neuropath@Jun 18 2006, 23:55
lol, I know someone who hacked the TQ server because his char got deleted.
|
sure ya do [/b][/quote]
Those were my thoughts too 
|
|
|
|
|
06/20/2006, 17:58
|
#14
|
elite*gold: 0
Join Date: Aug 2005
Posts: 15
Received Thanks: 0
|
well, i know for sure u can hack it without gettin caught.... we just need the right gears....
PS at n0b0dYsB3tT3r:Belg lol,jij ok?
|
|
|
|
 |
Similar Threads
|
hacking conquer
08/30/2007 - Conquer Online 2 - 2 Replies
ok..im quite new to hacking so im using linux 10.2, and nmap for port scanning, im currently scanning......can anyone give me any pointers as to were to go once ive gained acces...and if anynes ever tried before can they give me some tips and i know elitepvpers does not condone server hacking i'am just doing it to get a look at the server files for private servers.
please pm me if you would like ot help
|
Hacking server in Conquer
07/14/2007 - Conquer Online 2 - 4 Replies
Does any1 know how to hack into the conqueer servers.
|
Hacking Conquer
07/04/2007 - Conquer Online 2 - 12 Replies
Hey everyone
Im wondering if this will work.
If you use a packet sniffer and decrypt the packet found in the conquer server to find registered data on items in conquer, could u change the register number (for a normal neck) and change its registered number to a DB register number and send the packet back and thus switching a normal item into a DB.
Just curious!?!
Hiyoal
|
Conquer Hacking
11/17/2005 - Conquer Online 2 - 18 Replies
Ein Freund von mir hat sich hingesetzt und ein bischen was gecodet darunter fallen:
Infinit clients
High Jump / Long Jump
Jump ins Meer etc. ( braucht noch bissel tweaking)
Und einen Taobot. der Attackt, und Manaregent.
Alles Cliendside codet.
Da er für die Analyse der Packeges für den Bot (Items usw.) aber nicht die nötige zeit hat werden wir eine Hackinggroup für co erstellen ( bord geht in den nächsten tagen on)
Also falls ihr intress habt meldet euch schon mal.
|
All times are GMT +2. The time now is 06:51.
|
|
