Assistence available
Assistence available
Hello, my name is Lucifer.
- Reason why I made this thread and offered you my help:
I have skills in SQL.. Both SQL injection/Blind SQL injections and in how to manage a SQL database. I know how to configure it, script it and I've just made my own preg_replace script which makes it completely impossible for any hackers to hack any database who's is using it. :-) I would like to help you improve your server.
There is different types of hackers, in the hacker world we call it "Hacker hats"
Black hat:
Black hats is only hacking to be cruel, they're hacking because it makes them happy to screw other people up. Allthough some black hat hackers is doing it on wow servers to become the BEST on the server, he would be like a god on a server if he could gain himself access to the database.
Grey hats:
Grey hats is both nice and cruel. They're willing to help people, they demand payments tho. If you ever hire a grey hat and you fire him for a kind of silly reason, he will get revenge on you, because by the time he have been working for you, he have also gathered enough informations to hack your server and screw you over.
White hats:
Yeah, I guess you guys know what a white hat is. A white hat is the "awesome" and sweet hackers.. I dont like calling them hackers actually, they're more like supporters (dont let you trick, some "White hats" are actually "black hats") white hats is offering his help without demanding payments, you can almost keep a white hat as a slave, they only want to help. If you ever hire a white hat, you're lucky! There is not many of them out here.
Skills:
SQL both hacking and defending + configurations
C++
3dMaya (animating characters, creating custom npc's with the design of your choice)
Security monitors (I'm a Internet securiter myself, so I would easily be able to setup a security moniter up for you too! A security moniter the Danish government is using.)
I was ingame admin on WoWcooc. I was supporting the owner as much as possible, I made him scripts daily, to make sure the server wouldn't be outdated. I kept the server alive! The owner, after a while hired me as a protecter of the server, I was the head of security. So ofcourse, many popular wow servers will be offers for a random attack. I noticed a person was trying to hack into the database using SQL injections.. The owner was stupid enough to actually publicate the IP of his database in the account creation page.. So I got the change to use my preg_replace script which worked perfect! Since that, nobody have ever been close to hack it.
Which I would probably require:
Some more experience about your server ingame
Learn more people to know.
Self motivation ^_^
- Lucifer, out!
P.S I've been running some test' on your server.
RSS injection:
Can be performed at your account creation page, which will grant the hacker permission to alot of things. I wont make this too detailed, let's just say that RSS injections is a bit minor than SQL injections.
SQL Injections:
Can ofcourse be made everywhere on your website. Using some bruteforcing will easily discover the secrets behind this page, maybe something the regular players aren't suppose to get access too.
Ddos attack:
I wasn't gonna try and perform this, it could harm the server even if it was a test. You see, only black hat hackers use this one. Grey hat hackers uses it sometimes if someone he have helped screwed him up.
**These test' has been performed without doing damage to your server in any way. A proxy server has been used so you wont even notice it**
- Reason why I made this thread and offered you my help:
I have skills in SQL.. Both SQL injection/Blind SQL injections and in how to manage a SQL database. I know how to configure it, script it and I've just made my own preg_replace script which makes it completely impossible for any hackers to hack any database who's is using it. :-) I would like to help you improve your server.
There is different types of hackers, in the hacker world we call it "Hacker hats"
Black hat:
Black hats is only hacking to be cruel, they're hacking because it makes them happy to screw other people up. Allthough some black hat hackers is doing it on wow servers to become the BEST on the server, he would be like a god on a server if he could gain himself access to the database.
Grey hats:
Grey hats is both nice and cruel. They're willing to help people, they demand payments tho. If you ever hire a grey hat and you fire him for a kind of silly reason, he will get revenge on you, because by the time he have been working for you, he have also gathered enough informations to hack your server and screw you over.
White hats:
Yeah, I guess you guys know what a white hat is. A white hat is the "awesome" and sweet hackers.. I dont like calling them hackers actually, they're more like supporters (dont let you trick, some "White hats" are actually "black hats") white hats is offering his help without demanding payments, you can almost keep a white hat as a slave, they only want to help. If you ever hire a white hat, you're lucky! There is not many of them out here.
Skills:
SQL both hacking and defending + configurations
C++
3dMaya (animating characters, creating custom npc's with the design of your choice)
Security monitors (I'm a Internet securiter myself, so I would easily be able to setup a security moniter up for you too! A security moniter the Danish government is using.)
I was ingame admin on WoWcooc. I was supporting the owner as much as possible, I made him scripts daily, to make sure the server wouldn't be outdated. I kept the server alive! The owner, after a while hired me as a protecter of the server, I was the head of security. So ofcourse, many popular wow servers will be offers for a random attack. I noticed a person was trying to hack into the database using SQL injections.. The owner was stupid enough to actually publicate the IP of his database in the account creation page.. So I got the change to use my preg_replace script which worked perfect! Since that, nobody have ever been close to hack it.
Which I would probably require:
Some more experience about your server ingame
Learn more people to know.
Self motivation ^_^
- Lucifer, out!
P.S I've been running some test' on your server.
RSS injection:
Can be performed at your account creation page, which will grant the hacker permission to alot of things. I wont make this too detailed, let's just say that RSS injections is a bit minor than SQL injections.
SQL Injections:
Can ofcourse be made everywhere on your website. Using some bruteforcing will easily discover the secrets behind this page, maybe something the regular players aren't suppose to get access too.
Ddos attack:
I wasn't gonna try and perform this, it could harm the server even if it was a test. You see, only black hat hackers use this one. Grey hat hackers uses it sometimes if someone he have helped screwed him up.
**These test' has been performed without doing damage to your server in any way. A proxy server has been used so you wont even notice it**
-
- Posts: 230
Re: Assistence available
Oooh, SQL Injections. Those are nasty. I highly recommend this is checked out immediately.
So... Uhhh... bump.
So... Uhhh... bump.
"You're a pro, or you're a noob, that's life" -Athene
-
- Posts: 54
Re: Assistence available
Don't know if this is still possible, but there used to be a "code" on this server you could enter into the donation NPC that is basically an sql hack that can be performed ingame. You would enter something into the donation npc when it asks for a donation code, and it screwed with the database or something a bit and gave you donor.
Re: Assistence available
That has never been possible here and our site has SQL injection protection barriers in place and has.Wafflesauce wrote:Don't know if this is still possible, but there used to be a "code" on this server you could enter into the donation NPC that is basically an sql hack that can be performed ingame. You would enter something into the donation npc when it asks for a donation code, and it screwed with the database or something a bit and gave you donor.
Administrator - Project Lead / Server Management / Core Development
Re: Assistence available
Oh man, he even posted about them hats, totally thrustworthy, this guy has to get access to the whole server room of the provider. Send him some gold bars aswell imo.
Tap Peekaboo: Upset target moron.
DON'T MOVE!
DON'T MOVE!
Re: Assistence available
Hello. You're SQL database is not protected.. If you got a mail, then I'ma send some more informations to you.
Tested http://www.smolderforge.com and it got alot of vulnerabilities in store lol :)
Tested http://www.smolderforge.com and it got alot of vulnerabilities in store lol :)
Last edited by Mkolsen on 15 Sep 2011, 15:23, edited 1 time in total.
Re: Assistence available
Well you're more than welcome to PM me on the forums, email me at GM @ Smolderforge.com, etc.Mkolsen wrote:Hello. You're SQL database is not protected.. If you got a mail, then I'ma send some more informations to you.
Tested http://www.smolderforge.com and it got alot of vulnerabilities in store lol :)
Administrator - Project Lead / Server Management / Core Development
Who is online
Users browsing this forum: No registered users and 1 guest