Tony 1 Posted May 21, 2014 Share Posted May 21, 2014 (edited) Hello Metin2dev, I have a problem.. big problem. The Hacker can drop all items from my server.. He doesn't hase an account on server, only char. He can set: drop, exp 1000% + all events.. Why? I have dif... for this? I'm using dif by Shogun Dif by Shogun for backdoor: 00000007: 09 00 0001447C: B0 E8 0001447D: 01 DF 0001447E: 90 ED 0001447F: 90 FF 00014480: 90 FF 000307AC: 90 83 000307AD: 90 F8 000307AE: 90 5A 000307AF: E9 0F 000307B0: 8A 8E 000307B1: 0B 89 000307B2: 00 0B 000319CA: D1 C1 000319CC: 90 02 000855EE: B0 E8 000855EF: 01 1D 000855F0: 90 FE 000855F1: 90 FF 000855F2: 90 FF 00086EBF: B0 E8 00086EC0: 01 DC 00086EC1: 90 54 00086EC2: 90 09 00086EC3: 90 00 000871D7: B0 E8 000871D8: 00 F4 000871D9: 90 D3 000871DA: 90 F8 000871DB: 90 FF 000CF4E4: B0 E8 000CF4E5: 01 B7 000CF4E6: 0F CE 000CF4E7: 1F 04 000F49E6: B0 E8 000F49E7: 00 E5 000F49E8: 90 FB 000F49E9: 90 F1 000F49EA: 90 FF 000F9EAE: B0 E8 000F9EAF: 01 DD 000F9EB0: 90 22 000F9EB1: 90 02 000F9EB2: 90 00 0010135D: B0 E8 0010135E: 01 AE 0010135F: 0F 28 00101360: 1F F2 00101361: 00 FF 0011F4D8: 90 C7 0011F4D9: 90 05 0011F4DA: 90 D8 0011F4DB: 90 3C 0011F4DC: 90 6A 0011F4DD: 90 08 0011F4DE: 90 20 0011F4DF: 90 A7 0011F4E0: 90 46 0011F4E1: 90 08 001EAC19: F3 3C 001EAC1A: D0 6B 001EAC1B: 64 63 001EB316: F3 3C 001EB317: D0 6B 001EB318: 64 63 004230C8: 30 0C 004230CC: 48 12 004230D0: 68 1A 004230D4: A0 28 004230D8: D4 35 004230DC: 18 46 004230DD: 01 00 004230E0: 90 64 004230E1: 01 00 006BE292: 41 45 006BE293: 39 31 006BE294: 36 41 006BE295: 44 37 006BE296: 45 37 006BE297: 30 34 006BE298: 32 43 006BE299: 31 43 006C5636: 37 35 006C5637: 38 44 006C5638: 37 41 006C5639: 36 45 006C563A: 32 33 006C563B: 44 45 006C563C: 36 45 006C5773: 37 35 006C5774: 38 44 006C5775: 37 41 006C5776: 36 45 006C5777: 32 33 006C5778: 44 45 006C5779: 36 45 Edited August 22, 2022 by Metin2 Dev Core X - External 2 Internal Link to comment Share on other sites More sharing options...
Premium Shogun 4591 Posted May 21, 2014 Premium Share Posted May 21, 2014 Do you have a firewall? If your db port is open to the internet anybody can login as any character by connecting an auth server to your db server. 1 Link to comment Share on other sites More sharing options...
Tony 1 Posted May 21, 2014 Author Share Posted May 21, 2014 Login only by tunneling.. DB port is not pen for internet. Link to comment Share on other sites More sharing options...
Premium Shogun 4591 Posted May 21, 2014 Premium Share Posted May 21, 2014 adminpage_ip should be 127.0.0.1 I don't think localhost works... beyond that, I don't know what could be the problem without more information. Link to comment Share on other sites More sharing options...
.CHHorny 6 Posted May 21, 2014 Share Posted May 21, 2014 00029AC4: F4 14 00029ACE: F8 18 00029AD8: 30 20 00029B0E: 0C 10 00029B15: 89 C7 00029B19: C7 94 00029B1A: 44 DA 00029B1B: 24 45 00029B1C: 04 08 00029B1D: 94 C7 00029B1E: DA 44 00029B1F: 45 24 00029B20: 08 04 00029B21: C7 8B 00029B22: 04 14 00029B23: 24 00 00029B24: 02 00 00029B25: 00 C7 00029B26: 00 04 00029B27: 00 24 00029B28: E8 34 00029B29: 63 EE 00029B2A: 6F 45 00029B2B: 3C 08 00029B2C: 00 89 00029B2D: 8B 44 00029B2E: 16 24 00029B2F: 8B 0C 00029B30: 52 E8 00029B31: F8 DB 00029B32: 83 75 00029B33: EA 3C 00029B34: 20 00 00029B36: 45 46 00029B37: 10 2C 00029B38: 83 8B 00029B39: C0 10 00029B3A: 01 C7 00029B3B: 89 44 00029B3C: 04 24 00029B3D: 24 04 00029B3E: FF 00 00029B3F: D2 00 00029B40: C7 00 00029B41: 04 00 00029B42: 24 89 00029B43: 0C 04 00029B44: 00 24 00029B45: 00 FF 00029B46: 00 52 00029B47: 90 10 0013B0EF: 00 01 0013B0F0: 02 00 00417000: A0 00 00417001: E1 00 00417002: 04 00 00417003: 08 00 This is the backdoor fix. 1 Link to comment Share on other sites More sharing options...
Tony 1 Posted May 21, 2014 Author Share Posted May 21, 2014 Okey... Thanks.. but... 100% work? Link to comment Share on other sites More sharing options...
Premium Shogun 4591 Posted May 22, 2014 Premium Share Posted May 22, 2014 You should reverse "my dif" 1 Link to comment Share on other sites More sharing options...
.CHHorny 6 Posted May 22, 2014 Share Posted May 22, 2014 Reverse the other dif and use mine. It will fix the backdoor. Video: 3 Link to comment Share on other sites More sharing options...
Tony 1 Posted May 22, 2014 Author Share Posted May 22, 2014 Great Okey. Soon I will give information about this. Link to comment Share on other sites More sharing options...
CrazyBear 2 Posted June 12, 2014 Share Posted June 12, 2014 hello CHHorny if someone shuted the channels with this backdoor what would be the syserr message ? Link to comment Share on other sites More sharing options...
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now