|
You last visited: Today at 04:44
Advertisement
Fix for the Certification Server
Discussion on Fix for the Certification Server within the SRO Private Server forum part of the Silkroad Online category.
11/15/2011, 03:55
|
#1
|
elite*gold: 0 
Join Date: Jan 2010
Posts: 1,484
Received Thanks: 809
|
Fix for the Certification Server
EDIT: Important: After you changed your cert be sure to change the login credentials from the sql server because oriya might already have them but if you change the login credentials you he can't get them anymore from the cert
This is the new certification server with the leak in it patched. I won't discuss the leak in public since others might take advantage of servers who aren't aware of this yet.
Since a lot of people have different certification servers I based mine on the origninal one from drew. I've only fixed the leak. Some things you might need to check if you can't start it is the srNodeType.ini. You need to check if there is an entry inside it with the name "Certification Manager". Also you need to check if the id of the entry in the srNodeType.ini matches the node_type your certification data entry in the srNodeData.ini
if the server still flashes away open it with the command prompt to read the error.
Download:
Virus total:
I cannot guarantee that the certification server doesn't have any exploit anymore but at least this exploit should be fixed.
EDIT: New link on request since the last one was dead. sadly I lost the source of the previous fix so I made a new one. I don't know what the other one required but this one just needs a node with the name GlobalManager and it'll take that ip and only allow connections from that ip.
The download link also includes the source.
|
|
|
|
11/15/2011, 03:56
|
#2
|
elite*gold: 0
Join Date: Jul 2009
Posts: 1,555
Received Thanks: 740
|
Its not the certification server 
|
|
|
|
|
11/15/2011, 03:59
|
#3
|
elite*gold: 0
Join Date: Jan 2010
Posts: 1,484
Received Thanks: 809
|
Quote:
Originally Posted by LaHonda781
Its not the certification server |
Owh well then I fixed another security leak since I could get the database login credentials from the certification server
|
|
|
|
|
11/15/2011, 04:10
|
#4
|
elite*gold: 0
Join Date: Jul 2009
Posts: 1,555
Received Thanks: 740
|
np
|
|
|
|
|
11/15/2011, 14:34
|
#5
|
elite*gold: 0
Join Date: Jan 2010
Posts: 1,484
Received Thanks: 809
|
Since I noticed that a lot of servers are still vulnerable for this hack I would like to clear things up.
This fix prevents people from getting your database login credentials and ip's of all your servers ect.
However what LaHonda's meaning is that too many servers are poorly secured and have lots of other vulnerabilities.
So if you want to prevent oriya to drop your database or mess stuff up in your database use this cert. If you want to know how I fixed this I could give you some tips in pm's or msn I'm not gonna tell those things in public to prevent other people taking advantage of this bug
|
|
|
|
|
11/15/2011, 15:15
|
#6
|
elite*gold: 0
Join Date: Feb 2008
Posts: 649
Received Thanks: 320
|
Can you explain more about Certification Manager? it's wont start via Certification but in cmd i see he cant find Certification Manager
|
|
|
|
|
11/15/2011, 15:24
|
#7
|
elite*gold: 0
Join Date: Jan 2010
Posts: 1,484
Received Thanks: 809
|
Ofcourse, It seems like some modified versions of the certification manager are released and drew's original certification server gets the ip from the ini files. To fix your problem you should do the following:
Open the srNodeType.ini
Quote:
[Global]
count=2
[entry0]
id=337
operation_type=22
name=GlobalManager
wip=192.168.0.103
nip=192.168.0.103
machine_manager_node_id=703
[entry1]
id=338
operation_type=22
name=Certification Manager
wip=192.168.0.103
nip=192.168.0.103
machine_manager_node_id=701
|
Most of the configs have only one entry or multiple entries that doesn't matter but the point is the entry for the certification manager is missing.
The bold text above shows what you need to add and the red what you need to edit.
So you just need to add a new entry at the end of the file and change the [entry1] and increment the 1 by the number of the last entry.
The name of this entry should be Certification Manager and the id should be something unique in my case I use 338 but you can use anything you want.
Don't forget to increase the count= by one otherwise the entry won't be compiled.
Ok once you did this you need to open the srNodeData.ini and search for a node_id=1. This is your certification server. Once you found it change the node_type= to the one you just added in my case 338.
save the files and compile the files and you're done
Owh another thing you could check just in case is the port in the srNodeData.ini of the certification server so you're sure that you're using the correct one.
|
|
|
|
|
11/15/2011, 15:26
|
#8
|
Chat Killer In Duty
elite*gold: 5
Join Date: May 2008
Posts: 16,307
Received Thanks: 6,469
|
Quote:
Originally Posted by kevin_owner
Since I noticed that a lot of servers are still vulnerable for this hack I would like to clear things up.
This fix prevents people from getting your database login credentials and ip's of all your servers ect.
However what LaHonda's meaning is that too many servers are poorly secured and have lots of other vulnerabilities.
So if you want to prevent oriya to drop your database or mess stuff up in your database use this cert. If you want to know how I fixed this I could give you some tips in pm's or msn I'm not gonna tell those things in public to prevent other people taking advantage of this bug
|
in my case, i dont have public server, but a test one
some ppl do the saem, btu then they open it to public and do not change login credentials
and believe me, many server out there got user login "sa" and 123456 as password
again, in my case, i wont open server to public but rather to test edits and try fix exploits
|
|
|
|
|
11/15/2011, 15:55
|
#9
|
elite*gold: 0
Join Date: Feb 2008
Posts: 649
Received Thanks: 320
|
kevin_owner
thx for this i just sent you in msn what the problem
|
|
|
|
|
11/15/2011, 15:59
|
#10
|
elite*gold: 0
Join Date: Jul 2009
Posts: 1,555
Received Thanks: 740
|
Oh cool kevin owner, this could fix the cert problem.
But there is still 1 manager, which can get your id pw infos  -.-
|
|
|
|
|
11/15/2011, 16:01
|
#11
|
elite*gold: 0
Join Date: Jan 2010
Posts: 1,484
Received Thanks: 809
|
Quote:
Originally Posted by LaHonda781
Oh cool kevin owner, this could fix the cert problem.
But there is still 1 manager, which can get your id pw infos -.- |
intresting, but that could be solved by the firewall I guess
|
|
|
|
|
11/15/2011, 16:17
|
#12
|
elite*gold: 0
Join Date: Feb 2011
Posts: 112
Received Thanks: 198
|
Sorry to say, kevin_owner, but this does not fix it.
|
|
|
|
|
11/15/2011, 16:26
|
#13
|
elite*gold: 0
Join Date: Jan 2010
Posts: 1,484
Received Thanks: 809
|
Quote:
Originally Posted by evelknievel10
Sorry to say, kevin_owner, but this does not fix it.
|
explain please (you could also pm)
|
|
|
|
|
11/15/2011, 16:33
|
#14
|
elite*gold: 0
Join Date: Jul 2009
Posts: 1,555
Received Thanks: 740
|
Quote:
Originally Posted by kevin_owner
intresting, but that could be solved by the firewall I guess |
true
well, i give you an tip.
Only let port: 15779,15884 open, and ur so secured for the next hack attacks which might never happend. xD
|
|
|
|
|
11/15/2011, 16:36
|
#15
|
|
Chat Killer In Duty
elite*gold: 5
Join Date: May 2008
Posts: 16,307
Received Thanks: 6,469
|
Quote:
Originally Posted by LaHonda781
true
well, i give you an tip.
Only let port: 15779,15884 open, and ur so secured for the next hack attacks which might never happend. xD
|
there are various methods to hack, not really involving ports
but is a good method to do
|
|
|
|
 |
|
Similar Threads
|
[Release] EliteSro - Certification Server[Untouched]
09/26/2021 - SRO Private Server - 22 Replies
Link:
esro cert.rar (51,35 KB) - uploaded.to
Screen:
http://img17.imageshack.us/img17/8427/nonamegh.jp g
@Comments: All about security esro bro ;), secure your god damn server next time better.
|
i get an error when i try to compile my Custom Certification Server
03/23/2018 - SRO Private Server - 20 Replies
as the title said after finish my cfg
i get that error
http://img836.imageshack.us/img836/2971/44069292. png
would any one help
please don't post useless posts :) thank you
|
[Release] Fixed Certification Server
03/05/2014 - SRO PServer Guides & Releases - 13 Replies
This is a fix for the security hole inside the custom certification of drew.
I won't explain the details of this bug yet since other people could take advantage of the servers who aren't aware of this yet. But it is a really simple solution.
There might be a problem for some people since there are a lot of modified certification servers out there but I based this one on the originial cert server of drew which means that there should be an entry in the srNodeType.ini called "Certification...
|
problem with certification server
04/25/2010 - SRO Private Server - 18 Replies
Hi guys!
I have a problem with the certification server in server files.
It can detect only the globalmanager..:S
the another servers aren't certificated.....
and I dont know why....can someone help me,please?
|
All times are GMT +2. The time now is 04:44.
|
|
