Secure problem about deep web

~~beetols~~ · 03/06/2014, 19:52

I have search something about protect my server from "deepweb" hack. DeepWeb is a program that allow to inject in shaiya database, i think I did all what i can for protect my server, i tryed some hacks that i have found and they don't work on my server and I was Ok, now after months that my server is open, I have found some strings in my log action in the server that i have never see..
i have edit the name of the account in "UserID" and the name of the toon in "CharID"

PS_DBAGENT__charsave.log:

--<begin>2014-03-05 10:14:28,"UserID",56,"CharID",26

{?=call usp_Save_Char_Info_E(26,60, 0,1, 7,13,9,430,12,200, 14200,7166,1190, 1,358, 86579506,89217669, 1.#QNAN0,9.829485,1.#QNAN0, 0,200,0,0,0, 1182,199,18,17)}

EXEC usp_Save_User_StoredMoney_E 1,56,0

{?=call Usp_Save_Char_Item_Del_E(26,'4092259863424466944,4 091780184296980480,4091267872008044544')}

{?=call Usp_Save_Char_Item_Del_E(26,'4092262960095887360', 0)}

{?=call Usp_Save_Char_Item_Add_E(26,4092262960095887360, 1,7, 27026,27,26, 20, 0,0,0,0,0,0,'', 1, '2014-03-05 10:13:59', 'D')}

{?=call Usp_Save_Char_Item_Del_E(26,'4092262998750593024', 0)}

{?=call Usp_Save_Char_Item_Add_E(26,4092262998750593024, 1,8, 25093,25,93, 0, 0,0,0,0,0,0,'', 1, '2014-03-05 10:14:04', 'D')}

PS_DBAGENT__system.log:
2014-03-05 10:13:18 err=-1, [Microsoft][ODBC SQL Server Driver]Invalid character value for cast specification, SQL STATE: 22018, NATIVE ERROR: 0 (0x0)

2014-03-05 10:13:18 ::SaveCharacter 26 "CharID" ret=1, qerr=-1, {?=call usp_Save_Char_Info_E(26,60, 0,1, 7,13,9,430,12,200, 14200,7166,1190, 1,358, 86579506,89217199, 1.#QNAN0,9.829485,1.#QNAN0, 0,200,0,0,0, 1182,199,18,17, 4,2)}

After a bit of torture he have say me that have use this program, "deepweb" and that isn't easy to use.. sure I can find who use this hack and bann looking my logs every day, but I find better to find a way to protect the database from it.. I don't know what can be do with this program, if anyone know something about please help me.
Can be that your server can be hack whit this program to *attention*
ps: my server is secure from all the other hacks, no dupe and not other hack can function

Autrux · 03/06/2014, 23:26

#moved

rempieremco153 · 03/08/2014, 13:57

The "Deep Web" as he calls it, is the part of the internet that isn't indexed by search engines like Google.
He most likely means that he can "hack" (Inject in this case) because he learned it in that "Deep Web".
It isn't an actual program.

~~beetols~~ · 03/09/2014, 05:02

yes but my server is secure from all the the other hacks, this is the problem, through what is entered into a database considerable secure?
as shown by the logs he injected with procedures in it and this worries me a bit..

~~ShaiyaDeadlyBreath~~ · 10/07/2014, 07:43

hello beetols . i've never heard about the "deep web" .
beetols .
1. Firewall with advanced security
2. InBound Connection
3. New Rule > Port > TCP > 1433 > Block Connection
4. If you like message me on skype i will change SQL listening port and block it.
once the port to your SQL Server is blocked . there can't be connection between this "Deep Web i never heard of" and server.

~~beetols~~ · 10/07/2014, 13:08

thanks for the answer but this post is from march, i have already fix all dupe after it. The only problems that i now have are about some strange 'hack/bugs' that my players sometimes give me with screen or video..

- a player that don't aggr the guards from altair when he attack the altair..

-some players that don't miss and are missed with 500dex again players that have 900 des.

other this all perfect..

~~ShaiyaDeadlyBreath~~ · 10/07/2014, 15:23

About dex bug . please make sure you has EP-5 Databases.
Anyway . shaiya isn't made for that high stats so. it could be bugged sometimes i am pretty sure its ps_game.exe too.
dident understand "- a player that don't aggr the guards from altair when he attack the altair.."
if you mean players attack the altar and guards do not stun them. you should fix the Mob Skills .

~~beetols~~ · 10/07/2014, 18:27

i will conctact you so we speak better and not spam here..

i run ep 4.5 server, but i have not higher stats than normal.. we don't have any that is overpowered.. and normaly dex work, we have made more tests, the problem are about some players that have low dex, but don't miss (only some days), so are accused to use an hack.

between the altair guards them work, the problem isn't in mob skills, they make right their work, but i have a video where don't attack a singular player.... i go to test same situation and guards work! this is strange.

My game.exe is encrypt and i have not found any hack that work.

I don't know any hack for both this problems (for bug the proper dex or for bug the guards) so i don't understand what can be and how is possible.