That kid can earn on inet money on diff way
not pay fcking up the work from others

Good job Oriya.

Solution :
1 - Disable SA account
2 - FIREWALL

we (bloody) payd nothing. we fixed the issue ourselfs. if some1 want help to fix that. drop me a private message

simple Q (not trolling) or anything but why cant they just call the police u know blackmailing is a crime (i guess) isnt it ? and there is this internet police thingy that can help em out and get there money back :)

Well, any skiddie could do it. I knew about that bug since the research of old jsro files, just forgot about it (didn't make much attention on it actually). Paying 400$ for fixing such a little shit ? Mhm... It wasn't that hard to figure out the issue (althrough that guy tryed to mask it a bit, haha), anyways, He/Joymax (joymax mostly) fails. Basically, he was just deleting TB_User content, and that's dumb. He could get way more money by "drawing" himself a gm account through that sql injection, and sell items to players, but well... Also, could take all the system under control using mssql built-in shell exec functions... change paypal mails, etc. Maybe, "delete from TB_User" is all he knows, haha ?

one way from those ones "how to leak original server files from vsro testserver".

hmm...funny how a guy pwned u all ^_^''

AM I KAWAII DESU NE UGUU~
^_<

:handsdown:
This, how hard was that?


ADMIN >> :rtfm:

sa is the kral
if you havent been hacked while having sa enabled, you are kral
seriously, ppl should really learn some basic sql protection

Well, our server is finally back. It's fully secured :D !

paid ? or ..

No, we didn't paid anything.

fyi
exploit may be fixed, but be sure that is not the only exploit
make backup of everything

he lives in my country :D if you'll pay me enough i'll make sure he'll be paralyzed for the next months ^^

please, be kind and dont ask for money, or you wont be differet form oriya
just do it free for the sake of humanity

lol i was joking ^^ i can find him really easly but i wont go to jail cus of a stupid faggot.. :D
anyway how come anyone never stopped him?.. i'm playing for 2 years and he did the stall network bug (duplicating items) that cause all pservers shut down the stalls and now this?
i'm ashamed to say we're from the same country

What a douche.

elitesro and eroad are down atm, anyone has any info on this ?

Yes Portal why should we do it? All over the time this fcking community fucks me and alot of us...
But hey... when it comes to your fucking interests you starting to beg... kiss my ass..
Now feel how's to get raped ... Oriya isn't bad person... you can compare him to robbinhood... helping who deserve it.. and you guys? do not deserve a shit !!
Btw he's from my country too, and you know what? i think the next month will be harder for the "big" servers...
Don't forget... when i opened a topic about my server i got insulted.. why the hell you think i wanna compit you.. so stay from my fucking ass.. but you did the oppsite so here we go you get fucked from your own mistakes... have fun getting raped, trust me we wont make your life easier.

P.S: Little suggestion, next time just look on your own behavior before telling us someone is bad person !

Joymax is laughing at all of you right now I bet xd, and esro is down due to ddos attacks no because of this bug found in vsro files

[Only registered and activated users can see links. Click Here To Register...]

Feel sorry for what happen to VSRO servers xD

LOL,, i cant stop laughing coz of u guys, trust me u cant fix that, actually Oriya found the bug from me.

I knew that security hole since a long time. I have proved it on Titan Server and showed screens on Epvp and I know how to fix it ;)

Actually no he didnt "found the bug" from you. We talked to Oriya when our server got attacked and he confirmed that someone was asking for his help to do the dirty work and the talking so the person could who knew the bug could remain hidden.
Also we fixed the bug on our server now and many other servers have so just keep your mouth closed, or rather you fingers away from the keyboard and stop talking crap which you have no idea about please.

Any one an idear how the Exploid works? I've readed a few threads about it and it seams to be an SMC hack. is it right? Also i've readed something about closing port 15880 UDP and TCP for incoming connection should help. Hase someone a link with usefull informations or hints for this Exploid so i can figure out how to close the Security gap.

lmao no one will tell you how this exploit works :awesome:

i cant stop laughing at you
how did you come up with this bullshit?
trying to grow your e-penis a bit by lying?

@MKNocivo ok... and how should anyone fix the Exploid when no one Knows how the Exploid works or No One wants to tell it? How should we know if we are save or not? nobody knows the Exploid or tells anything about it. is it a hoax?
Im confused.

btw. sorry for my bad english but im from Germany and the school is years away.Im 28.

Right now it doesnt matter
so here you go
theres 2 exploits, to fix the first one (that most people are talking about)
Block cert manager port (usually 32000) for public connections or just filter the ips, same with sql server port (usually 1433) ~~~ OR use kevin_owner's cert manager fix

to secure yourself from the second exploit (that this thread is about), just block global manager port which is usually port 15880

but like any server owner should do you should block all ports except the ones clients are using which is gateway / agent / download server (if your updating clients with it)
usually : 15779 / 15884 (and i think 15883 for dl server)

there you go

@HaGsTeR
Thank you my friend! now i know what to do. this was a usefull information. With it should anyone be able to secure ther Server.:handsdown:
Well then. Im on the work. Tanks!