[HELP] ps_login Injection Again

Namikaz3 · 01/12/2015, 22:08

Hello to one month ago many database were invaded. and so 4 people launched ps_login fix. Nubness, JujiPoli, Juuf and szobonya3. But three days began attacks again, I used all ps_login, yet could edit my database. Before they deleted user_master. Are now editing my dbo.Chars. I ask all the best Shaiya developers, the elitepvpers, to investigate this and can help me and several more who are suffering because of that, and losing their players won honestly. And for those who do not know, who is behind this are three Brazilians.
Eric Dutra and Lucas Dutra. Own the Shaiya Easy.
And Bruno Barbosa, owner of Shaiya Spirit of Hero. This bruno barbosa already launched many programs with keyloguer here in the forum.

Please again. I ask everybody to help solve this problem. According to Bruno Barbosa, still lacking in ps_login also in ps_dbagent and ps_game.

Thanks for reading this.

[ADM]Pain · 01/13/2015, 00:58

We all suffer from this man .... Im asking for help with you.

Autrux · 01/13/2015, 16:28

#moved

Boul27 · 01/19/2015, 09:49

Maybe, we to search about protect against sql injection, and after, edit de ps_login.

If you are protected against sql injection, we don't really nead to edit ps_login.

I you want, i can wrote you some sql injection, and we can search a way to avoid them.

I think that we can use regex, and if the regex isn't correct, stop the procedure (so we don't execute the query, and avoid the injection)

Boul27 · 01/19/2015, 11:29

Useless comment ..

~~superklamus~~ · 01/19/2015, 11:30

tell how its Useless Boul27 you can be better than him than me if you want you can do it bro.

Boul27 · 01/19/2015, 11:34

Why it's useless ?

because we know that we have to use our brain.exe
And a lot here tried to avoid ps_game injection

We are here to have a reflection about how to avoid this, not to read that we have to use brain.exe

Maybe your topic was for the people who are only here like "I want an anti ps login injection" and not for the people who tried to find solution
I think, isn't it ?

~~superklamus~~ · 01/19/2015, 11:38

what about if i tell you that the problem is not only on ps_login and ps_game??

Boul27 · 01/19/2015, 11:41

I know that.

If you read my post, i personnaly think it's only the trigger in the databases.

I think that the user input verification are not as efficient as already think..

(i don't know if efficient is the right word to use, i'm french, and don't use translator, tell me if this word is unappropriate)

~~superklamus~~ · 01/19/2015, 11:44

i already Read it...

from there you right they can use the search button but the problem is not from only ps_login , ps_game DB , try change the ps_gamelog too

now i have to go bro maybe soon i will Release. im actually at work now xD.

Boul27 · 01/19/2015, 11:47

No problem

If you want to release, it will be cool
But maybe, i will have some question because i'm not a sql programme in mssql (only in oracle and Mysql) and don't know lot a function from mssql

Have a nice day
And thank's to clear my brain about the fact that it's in the database.

killer2p · 01/20/2015, 23:02

you also need to modify PS_Login

Boul27 · 01/21/2015, 11:47

Personnaly, i think that it not really necessary.

What it does ? It only reduce the maximum lenght that we can send.

I agree that it reduce the possibility of hack, but not at all.

I think that we must focus on the trigger in the database, and after, focus on the ps_login

But it's only what i think.

I will have a look into the trigger, and modify it, and see with all the people who want test it to avoid hack by the way of the login.

Namikaz3 · 01/21/2015, 19:31

I think the problem with age in all systems within the game that somehow seek information in the database. For example: Character Creation. Guild Creation. ADD friend. Search systems within the game. I believe that failures are not only in ps_login, and also in ps_dbagent and who knows in ps_game. I really need help. because messing with that escapes my knowledge. I'm a week with server stopped because of it. I do not know what to do. so I am asking for help.

Dotzie · 01/22/2015, 08:23

I gotta ask, If the reason are a Injection program used on the Persons Computer.. It should be injected witha IP, Port. Other wise the Injector would have to run local wish means they would have to use it on the Server Machine as a 127.0.0.1 Adress.

So if its connecting thru a IP,Port.. I twould actually have to use a Regulare port that Shaiya Actually always use. And the Port i can think about would be Shaiya login Server "30800" and Shaiya Game Server "30810".

If the the tool Acutally use any other Ports it gotta redirect it to the file it self like:
192.***.***.xx:443
C:/ShaiyaServer/PSM_Client/Bin/Data/PS_Login.exe

However to secure this are quite Easy. Change the name of the ServerFiles Directory O.o

If the Problem actually uses the Shaiya Regular ports then Find the resorces that uses the Ports and change the port number to a Different port number.

Just my Opinion. And ofcause im not completely sure how their Ijection Work or What it is.