Aurora - GW2 Multihack! by Eiden

eiden · 07/18/2013, 14:28

siehe anleitung, deine accdaten werden nicht gespeichert, aurora hat jetzt bereits schon 400 user

einzigst dein display name des gw2 accs wird zur zuordnung zu deinem aurora account übermittelt, der ist aber sowieso für jeden in gw2 sichtbar

mfg

LastKingLP · 07/18/2013, 14:30

& wie kann ich es deinstallieren?

was ich auch noch fragen wollte ist ich hab vor mir auf der mini map so ne "Taschenlampe" gehört die auch zum hack? wenn ja will ich den hack so schnell wie möglich weg haben

buFFy! · 07/18/2013, 18:15

Quote:

Originally Posted by LastKingLP

was muss ich injfizieren guild wars 2 ? habe angst das meine acce daten an andere weiter gehen

cooler char, aber leider bisschen wenig gold drauf :/

eiden · 07/20/2013, 11:12

die "taschenlampe" hat btw nix mit dem hack zu tun

wenn er bei guild wars start nicht injected ist, verändert er absolut nichts am game client!

zum deinstallieren einfach alle files löschen

mfg

stratxz · 07/22/2013, 01:48

its asking me for administrative privileges, i tried running as admin but it still crashes
Edit: it runs now and says "injection successful" but nothing comes up

Ploxasarus · 07/22/2013, 10:08

Just to inform you..

Your website shop is vulnerable to SQL injection and you also can easily pull an entire directory list out of it showing some things that people maybe should not be able to see... Your dll can be easily decompiled and has no protection on it to prevent reversing the entire thing. You can bypass practically every aspect of login contained within the .rar to just straight run it.

Just figured I would let you know maybe you should think about securing some of your stuff prior to a full release and if you already had future plans of that then you might wanna look into your website aspects. If you need the method(s) I used then I'd be happy to message them to you, it was all just through using Live HTTP Header plugin with some SQL injection methods.

Now you can take this as trolling but I would much rather take it as being informative unless you just want another Midnight rip situation to happen all over again.. Granted some people here may not bother who are knowledgeable, there is others who just don't give a ****

Fragaria · 07/22/2013, 11:35

Quote:

Originally Posted by Ploxasarus

Just to inform you..

Your website shop is vulnerable to SQL injection and you also can easily pull an entire directory list out of it showing some things that people maybe should not be able to see... Your dll can be easily decompiled and has no protection on it to prevent reversing the entire thing. You can bypass practically every aspect of login contained within the .rar to just straight run it.

Just figured I would let you know maybe you should think about securing some of your stuff prior to a full release and if you already had future plans of that then you might wanna look into your website aspects. If you need the method(s) I used then I'd be happy to message them to you, it was all just through using Live HTTP Header plugin with some SQL injection methods.

Now you can take this as trolling but I would much rather take it as being informative unless you just want another Midnight rip situation to happen all over again.. Granted some people here may not bother who are knowledgeable, there is others who just don't give a ****

Don't see why you can't just PM them if you got no intentions to make them look bad. I'm sure in some sort of way you mean good, but hey, private messages

Ploxasarus · 07/22/2013, 12:52

Well, obviously I tried to inform before, but nobody ever listens..

Fragaria · 07/22/2013, 13:28

Quote:

Originally Posted by Ploxasarus

Well, obviously I tried to inform before, but nobody ever listens..

If they didn't listen back then, they won't listen now either. More their problem than yours. Action by them will probably only be taken once their server has been publicly compromised, and when that happens, more customers for you! Hurray!

eiden · 07/22/2013, 14:10

I did not secure anything cause the shop is dead, in beta there are not really any confidential information stored on the server and I really thought there would be no idiots trying to hack my ******* server cause you know, normal people have a life and usually no time to do such nonsense

EDIT: and unless you provide quick fixxes for these security issues you found, stay off MY server and off this thread, did you hear about private messages btw? or is your only intention to ruin this thread? what lame technique is that, do I spam your unf thread?

Ploxasarus · 07/22/2013, 20:25

I've tried to contact you about it.. And if you want quick fixes I can easily provide them.. Normal people do have lives, yes, but this is just simple techniques and methods and well, people get bored

..

Go ahead an spam unf, I don't mind at all

Seriously dude, just listen sometimes.. Your gonna put out a paid for this and its just gonna get ripped right as you launch an turn into another midnight/daylight thing.

You want me to stay off the thread? No problem, enjoy what you do and what happens to it in the end.

eiden · 07/22/2013, 20:30

thank you, and please keep your promise

if you only want to tell me to escape my strings so you cant inject any sql code, I already know that and if I have time again, I will fix it before the release

all further communication from you is done by pm or skype - thank you

Mackston · 07/23/2013, 03:54

i register where?

RockThatBodyTBBT · 07/23/2013, 17:43

Alle Features außer "Teleport on Kill" erklären sich von selbst. Die Funktion, bringt was?

eiden · 07/23/2013, 18:38

teleportiert dich direkt zum nächsten gegner sobald du einen abgeschlachtet hast, alles mit teleport ist aber gefährlich und kann zum bann führen, wenn du das dennoch verwenden willst und dir der risiken bewusst bist, solltest da aber zusätzlich noch autosynch anmachen, zu finden im misc tab

mfg