|
You last visited: Today at 15:45
Advertisement
Database Filler (Exploit)
Discussion on Database Filler (Exploit) within the Shaiya PServer Guides & Releases forum part of the Shaiya Private Server category.
09/23/2015, 12:19
|
#1
|
elite*gold: 0 
Join Date: Aug 2015
Posts: 11
Received Thanks: 3
|
Database Filler (Exploit)
#removed
|
|
|
|
09/23/2015, 12:48
|
#2
|
elite*gold: 0
Join Date: Jan 2010
Posts: 525
Received Thanks: 805
|
I won't be surprinsed if your server will get hacked / ddosed and all that.. full time as from today 
If this takes you 20 secs to add 1000 would take me a second to run
Code:
USE PS_UserData DELETE * FROM Users_Master WHERE UserIp = ''
Small kids would try to use this and if their accounts would get deleted with them spam accounts, would be you to blame ? good luck.
|
|
|
|
|
09/23/2015, 12:57
|
#3
|
elite*gold: 0
Join Date: Aug 2015
Posts: 11
Received Thanks: 3
|
Quote:
Originally Posted by treica
I won't be surprinsed if your server will get hacked / ddosed and all that.. full time as from today
If this takes you 20 secs to add 1000 would take me a second to run
Code:
USE PS_UserData DELETE * FROM Users_Master WHERE UserIp = ''
Small kids would try to use this and if their accounts would get deleted with them spam accounts, would be you to blame ? good luck. |
so much hatred all shoved in one comment, **** you're good o.o
and good for the admins, they can delete it in seconds... what's your POINT? nothing is wrong with my tool means shut your mouth and watch how we fill up the databases with lots of **** 
"I won't be surprinsed if your server will get hacked / ddosed and all that.. full time as from today "
Like I have one o.o, wish I did tho would prob be better than urs <3
|
|
|
|
|
09/23/2015, 13:55
|
#4
|
elite*gold: 0
Join Date: Jul 2015
Posts: 27
Received Thanks: 21
|
#request to move Wrong Section
|
|
|
|
|
09/23/2015, 14:18
|
#5
|
elite*gold: 0
Join Date: Jul 2009
Posts: 81
Received Thanks: 49
|
Not Work in window 7 !
|
|
|
|
|
09/23/2015, 14:57
|
#6
|
elite*gold: 0
Join Date: Oct 2011
Posts: 70
Received Thanks: 50
|
Quote:
Originally Posted by kosakos
A small heads up to all servers that does not have a maximum IP account registration or a Re-Chapta filtered one...
This exploit will fill up your database and use a lot of wasted space, of course overheating your database server when packets gets dropped off before reaching the server.
How to use?
1) Open the tool and go to settings page.
2) Chose the server you would like to over-heat and then press on Save.
(I realize there is only 2 servers in the list but there will shortly be an update )
3) Head back to main page and choose the amount of accounts u would like to create.
(If it's your first time ever using this tool, please make 1 account then use it again because first time it's bugged).
4) Head to the Logs page and check the accounts that were created by the tool.
5) Max accounts is 1000 and it takes up to 20 seconds to create all 1000.
Images:
Virus scan:
Download Link:
PS! If you have a request for a server to be added to the list, please post a comment! |
This virus scan is not real!
Look this
|
|
|
|
|
09/23/2015, 15:04
|
#7
|
elite*gold: 0
Join Date: Jan 2010
Posts: 525
Received Thanks: 805
|
Limit your registrations per ip.
ODBC //tested works
Code:
$ip = $_SERVER['REMOTE_ADDR'];
$conn = your server connection;
$error = "No more accounts from this address";
$sql = odbc_exec($conn, "SELECT Count(UserUID) as tot_accs FROM PS_UserData.dbo.Users_Master WHERE UserIp = '".$ip."'");
$arr = odbc_fetch_array($sql);
if($arr['tot_accs'] > 2){
return $error;
}
MSSQL //tested works
Code:
$ip = $_SERVER['REMOTE_ADDR'];
$conn = your server connection;
$error = "No more accounts from this address";
$sql = mssql_query($conn, "SELECT Count(UserUID) as tot_accs FROM PS_UserData.dbo.Users_Master WHERE UserIp = '".$ip."'");
$arr = mssql_fetch_array($sql);
if($arr['tot_accs'] > 2){
return $error;
PDO //not tested yet.
Code:
$ip = $_SERVER['REMOTE_ADDR'];
$conn = your server connection;
$error = "No more accounts from this address";
$sql = $conn->prepare("SELECT Count(UserUID) as tot_accs FROM PS_UserData.dbo.Users_Master WHERE UserIp = ?");
$sql->bindValue(1, $ip, PDO::PARAM_INT);
$sql->execute();
while($row = $sql->fetchAll(PDO::FETCH_ASSOC)){
if($row['tot_accs'] > 2)
{
return $error;
}
|
|
|
|
|
09/23/2015, 16:10
|
#8
|
elite*gold: 0
Join Date: Aug 2015
Posts: 11
Received Thanks: 3
|
Quote:
Originally Posted by treica
Limit your registrations per ip.
ODBC //tested works
Code:
$ip = $_SERVER['REMOTE_ADDR'];
$conn = your server connection;
$error = "No more accounts from this address";
$sql = odbc_exec($conn, "SELECT Count(UserUID) as tot_accs FROM PS_UserData.dbo.Users_Master WHERE UserIp = '".$ip."'");
$arr = odbc_fetch_array($sql);
if($arr['tot_accs'] > 2){
return $error;
}
MSSQL //tested works
Code:
$ip = $_SERVER['REMOTE_ADDR'];
$conn = your server connection;
$error = "No more accounts from this address";
$sql = mssql_query($conn, "SELECT Count(UserUID) as tot_accs FROM PS_UserData.dbo.Users_Master WHERE UserIp = '".$ip."'");
$arr = mssql_fetch_array($sql);
if($arr['tot_accs'] > 2){
return $error;
PDO //not tested yet.
Code:
$ip = $_SERVER['REMOTE_ADDR'];
$conn = your server connection;
$error = "No more accounts from this address";
$sql = $conn->prepare("SELECT Count(UserUID) as tot_accs FROM PS_UserData.dbo.Users_Master WHERE UserIp = ?");
$sql->bindValue(1, $ip, PDO::PARAM_INT);
$sql->execute();
while($row = $sql->fetchAll(PDO::FETCH_ASSOC)){
if($row['tot_accs'] > 2)
{
return $error;
}
|
why u releasing something that's already released other places in a comment o.o ?
Brain.exe malfunctions I believe
Hmmm, next update is this:
PROXY SERVER ADDED!
nice isn't it ?
|
|
|
|
|
09/23/2015, 16:47
|
#9
|
elite*gold: 0
Join Date: Jan 2010
Posts: 525
Received Thanks: 805
|
Add in your header
Code:
<?php if(@fsockopen($_SERVER['REMOTE_ADDR'], 80, $errstr, $errno, 1))
die("Proxy access not allowed"); ?>
OR in .htaccess
Code:
<ifModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP:VIA} !^$ [OR]
RewriteCond %{HTTP:FORWARDED} !^$ [OR]
RewriteCond %{HTTP:USERAGENT_VIA} !^$ [OR]
RewriteCond %{HTTP:X_FORWARDED_FOR} !^$ [OR]
RewriteCond %{HTTP:PROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:XPROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR]
RewriteCond %{HTTP:HTTP_CLIENT_IP} !^$
RewriteRule .* - [F]
</ifModule>
result
Quote:
Originally Posted by kosakos
why u releasing something that's already released other places in a comment o.o ?
Brain.exe malfunctions I believe
Hmmm, next update is this:
PROXY SERVER ADDED!
nice isn't it ? |
Sorry i don't see anywhere written RELEASE. is just a comment same as yours
Regards
|
|
|
|
|
09/23/2015, 16:59
|
#10
|
elite*gold: 0
Join Date: Aug 2015
Posts: 11
Received Thanks: 3
|
Quote:
Originally Posted by treica
Add in your header
Code:
<?php if(@fsockopen($_SERVER['REMOTE_ADDR'], 80, $errstr, $errno, 1))
die("Proxy access not allowed"); ?>
OR in .htaccess
Code:
<ifModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP:VIA} !^$ [OR]
RewriteCond %{HTTP:FORWARDED} !^$ [OR]
RewriteCond %{HTTP:USERAGENT_VIA} !^$ [OR]
RewriteCond %{HTTP:X_FORWARDED_FOR} !^$ [OR]
RewriteCond %{HTTP:PROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:XPROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR]
RewriteCond %{HTTP:HTTP_CLIENT_IP} !^$
RewriteRule .* - [F]
</ifModule>
result
Regards |
such a fake message... everyone knows that it doesn't work it just give u bunch of errors -.-"
use that proxy and u'll see lol
it either blocks everyone or no one
|
|
|
|
|
09/23/2015, 21:57
|
#11
|
elite*gold: 10
Join Date: Jan 2012
Posts: 1,698
Received Thanks: 5,455
|
|
|
|
|
|
09/23/2015, 22:40
|
#12
|
elite*gold: 0
Join Date: Jul 2009
Posts: 380
Received Thanks: 86
|
#Request close this is not a hack and exploit part of the forum
|
|
|
|
|
09/24/2015, 16:57
|
#13
|
elite*gold: 246
Join Date: Dec 2010
Posts: 33,476
Received Thanks: 6,060
|
#closed
Rly? Sounds for me more like ddos.
|
|
|
|
Similar Threads
|
[Fix]How to fix the Exploit Change Name from Database
10/06/2013 - 4Story - 5 Replies
EDIT:
|
[Release]MySQL (Linux) Database Privilege Elevation Zeroday Exploit
02/05/2013 - Metin2 PServer Guides & Strategies - 6 Replies
For all stupid idiots
Men what is wrong with u.?
use DBI();
$|=1;
|
[WTS] Zandekaron Server/Database/gm panel exploit.
10/02/2011 - Dekaron Trading - 5 Replies
Contact me @ pacmanmelody on skype.
I provide the exploit and the method. I will not explain exactly how to do it. I advise if you buy it you have some knowhow on how to use exploits (Though I have a youtube video on how to do the exploit) or you have a friend willing to do it.
If this sort of exploit isn't allowed just say.
Comes with:
GM panel exploit-Allows you to ban people, unban people, so on so forth.
Database exploit: See everything.. literally in text, no salted DB....
|
All times are GMT +1. The time now is 15:46.
|
|
