Server hackings

~~SiggyMaker~~ · 07/12/2010, 16:25

Well, as most of you know... many servs got hacked in the last few days, and it was not from Pandora staff (I think ) . Its making em look bad....Why would they make themselves look bad?

Quoted from Arch:

Guys, there is one problem. The guy's IP isn't in the US.. That isn't where he lives.. He lives in Belgium, so that would be a problem as it falls under international law... Which I can assure you in these cases is not gonna be much use to us without some help.

I will share the IP addy I have with JCS when he gets back in a PM and he can check the logs, if it is in fact the same, then I know exactly who it is doing this.

Arch

He's talking about the hacker's IP, and Pandora staff assumes its their ex GM doing this to ruin their reputation.

Tell me what you think? =P

thenitelord · 07/12/2010, 17:08

i think that anyone who is smart enough to hack a server is smart enough to hide/bounce there ip properly...

AriezOMG · 07/12/2010, 17:17

I think that Pandora is just ******** with people again and should cut their ****, this probably worked out exactly as they planned, notice how none of them log into epvpers in forever then this goes on and they're like "no, must've been somebody out to get us!" I think they did it and are using this excuse as a cover up and for the most part people are believing it.

~~SiggyMaker~~ · 07/12/2010, 18:06

Quote:

Originally Posted by thenitelord

i think that anyone who is smart enough to hack a server is smart enough to hide/bounce there ip properly...

On perfect shaiya forums, it clearelly says the hacked was a obvious noob cus he/she/it only spawned mobs and did nothing more.

Idk I don't think its Pandora... Could bee... I just hope eternity is back up ASAP

thenitelord · 07/12/2010, 18:49

no matter if they are noob with server commands or not. hiding/bouncing an ip requires far less skill then acctualy hacking a server. anyone that acctualy has the wit/smarts to hack a server would have the wit/smarts to hide the there ip... p.s. 100% of people who "hack" servers have ip hiders/bouncers running all the time no matter what they are doing, just browsin the net.

btw this relates to op because
the ips you have are false
therefore you don't know where he really lives...

Fates-End · 07/12/2010, 20:31

The hacks are starting again. Purity just got hit. Keep and eye out for yourselves guys.

13latrix · 07/12/2010, 20:56

Quote:

Originally Posted by SiggyMaker

Well, as most of you know... many servs got hacked in the last few days, and it was not from Pandora staff (I think ) . Its making em look bad....Why would they make themselves look bad?

Quoted from Arch:

Guys, there is one problem. The guy's IP isn't in the US.. That isn't where he lives.. He lives in Belgium, so that would be a problem as it falls under international law... Which I can assure you in these cases is not gonna be much use to us without some help.

I will share the IP addy I have with JCS when he gets back in a PM and he can check the logs, if it is in fact the same, then I know exactly who it is doing this.

Arch

He's talking about the hacker's IP, and Pandora staff assumes its their ex GM doing this to ruin their reputation.

Tell me what you think? =P

The Ex admin of Pandora "Virus" aka "La M1n" aka "Homer" aka "[GM]Angel" (I could keep going but meh, Im sure you know who I'm talking about) lives in Sweden.

-------
Info on this "Lizzy" hacker...

The hacker would use SQL injections on SQL port to gain access via existing GM's. They would make mass spawn, post notices (claiming to be "Lizzy"), and summon people to other factions.

The hacker made a mistake tho, he failed to disconnect from SQL port. As I do not allow remote assistance and server/SQL files are on same machine, this was easy to spot. Here is info on the wannabe hacker. Have fun.

nestat details..
58.240.220.91 was connected on 1433 with 13 process's.

58.240.220.91 details..
58.240.220.91 Whois Information
% [whois.apnic.net[Who Is Domain][trace][Reverse DNS Search] node-3]
% Whois data copyright terms APNIC - Home[Who Is Domain][trace][Reverse DNS Search]/db/dbcopyright.html

inetnum: 58.240.0.0[Who Is IP][trace][Reverse IP Search] - 58.241.255.255[Who Is IP][trace][Reverse IP Search]
netname: UNICOM-JS
descr: China Unicom Jiangsu province network
descr: China Unicom
country: CN
admin-c: CH1302-AP
tech-c: LL58-AP
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation's account
remarks: name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
mnt-by: APNIC-HM
mnt-lower: MAINT-CNCGROUP
mnt-lower: MAINT-CNCGROUP-JS
mnt-routes: MAINT-CNCGROUP-RR
status: ALLOCATED PORTABLE
changed: [Who Is Domain][trace][Reverse DNS Search] 20050603
changed: [Who Is Domain][trace][Reverse DNS Search] 20050621
changed: [Who Is Domain][trace][Reverse DNS Search] 20090508
source: APNIC

route: 58.240.0.0[Who Is IP][trace][Reverse IP Search]/15
descr: CNC Group Jiangsu province network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
changed: [Who Is Domain][trace][Reverse DNS Search] 20050603
changed: [Who Is Domain][trace][Reverse DNS Search] 20050622
source: APNIC

person: ChinaUnicom Hostmaster
nic-hdl: CH1302-AP
e-mail: [Who Is Domain][trace][Reverse DNS Search]
address: No.21,Jin-Rong Street
address: Beijing,100140
address: P.R.China
phone: +86-10-66259940
fax-no: +86-10-66259764
country: CN
changed: [Who Is Domain][trace][Reverse DNS Search] 20090408
mnt-by: MAINT-CNCGROUP
source: APNIC

person: Lan Li
nic-hdl: LL58-AP
e-mail: [Who Is Domain][trace][Reverse DNS Search]
address: No. 65 Beijing West Road,Nanjing,China
phone: +86257900060
fax-no: +86252900280
country: CN
changed: [Who Is Domain][trace][Reverse DNS Search] 20031117
mnt-by: MAINT-NEW
source: APNIC
-------------------
Hostname: 58.240.220.91
ISP: China Unicom Jiangsu province network
Organization: China Unicom Jiangsu province network
Proxy: None detected
Type: Broadband
Assignment: Static IP
Blacklist:

Geolocation Information
Country: China
State/Region: Jiangsu
City: Nanjing
Latitude: 32.0617
Longitude: 118.7778
--------------------------
Since I blocked the entire IP block I havnt had an issue.

Update: I have personaly talked to Pandoras staff members and family of Lizzy on Pandora. They are innocent as they are working with myself and Purity to trace these guys. Please stop flaming Pandora as I myself owe them all an apoligy.

Purity was hit yet again but my server was safe due to the blocked IP block.

We have more info but please dont pm me unless you an Admin of a victom server. We have it narrowed to a handful of people and I believe some will be surprised to who they are.

~Phish

EvilWarriorReturns · 07/12/2010, 23:04

dang latrix u in some serious stuff lol

13latrix · 07/12/2010, 23:29

I want them to feel our wrath as their "fun" is trying to ruin others fun. Then shifting the blame. The real sad thing is they are a poser here that I have personaly helped and its just ******* sad.

Burn Hacker.. your days are numbered.
~Phish

EvilWarriorReturns · 07/12/2010, 23:45

haha lol u crack me up latrix..
arent u the owner of ultimate shaiya or somethin?

~Phish

Danco1990 · 07/13/2010, 00:56

Ive been monitoring 3 servers past 4 days and i think i got it figured out myself... Been non active myself for a long time, but tried to specialize in this... As far as i know, the IP is bumped by 4 proxies. 1 Origin from Belgium, 1 from china, 1 from australia and 1 from somewhere in the US... It COULD be that there are multiple hackers, but i highly doubt this since the recent activity. Ill be putting my reports i get in this thread, and i hope we can figure out as a team where this is coming from since they got 2 servers down i was fairly active on... Once i get a hold of the actual IP, i WILL share. Let us all unleash what we got on that then...

*PS Don't contact me for help on PServers, i WONT help you*

stormpower16 · 07/13/2010, 02:41

As you all know many shaiya private servers have been hacked in the last few days and i believe That its the Shaiya Trinity gm team. Because a server that i play on (Insane shaiya) The hacker followed me and my guild anbu across the Whole game and started typing in I love Jen, Jen= Jenna, And then droped Drops that only Jenna can pick up like Goddess and 1bill all in our faces and deleted our gear but not hers. Also the reason i think its Shaiya Trinity is because Jen(AKA [GS]Rayneboe Is GS on Shaiya Trinity Private server) Also just pointg out Shaiya Trinity is up yet but it will be soon but on fourms i read about wanting to kill Compatison (Sorry my english isnt so good)

ShaiyaEternity · 07/13/2010, 06:31

I think Shaiya Pandora not doing this

.. Thats all i can say .. !!!
Fair play is my main

)
Thank you for all the info.
We should try even small chance ..

TO staff in Pandora :
If you know how to agaist those ****** hackers . please show us !!!!

hackin · 07/13/2010, 07:36

Hackers IPs been traced..but who would fake being another server?Every server had a notice said "Join Pandora or we will hack you"..I'm going to look into who logged into our own GM account and did this..but for now we don't know who it is.

Danco1990 · 07/13/2010, 12:23

/No support on ePvPers