I have a problem with my MYSQL

[Maseda 2]

Hellow guys,

I have a question about MYSQL.

I have a serverfiles and on MYSQL i had a user name monty'@'   and i just remove that user and i have this error on mysql db mysql_query error: The user specified as a definer ('monty'@') does not exist

 

The game is working but i can't creat any characters. I search with notepad++ in db source that user and i don't find it.
I need help with this problem... because this is a backdoor. In my config from db,auth,ch i change user and password.

I find in performance_schema this:

SELECT COUNT(*) FROM `performance_schema`.`users` WHERE CAST(`performance_schema`.`users`.`USER` AS CHAR CHARACTER SET utf8) COLLATE utf8_general_ci LIKE '%monty%'

SELECT
    *
FROM
    `performance_schema`.`events_statements_current`
WHERE
    CAST(
        `performance_schema`.`events_statements_current`.`EVENT_NAME` AS CHAR CHARACTER
        SET utf8
    ) COLLATE utf8_general_ci LIKE '%monty%'
OR CAST(
    `performance_schema`.`events_statements_current`.`SOURCE` AS CHAR CHARACTER
    SET utf8
) COLLATE utf8_general_ci LIKE '%monty%'
OR CAST(
    `performance_schema`.`events_statements_current`.`SQL_TEXT` AS CHAR CHARACTER
    SET utf8
) COLLATE utf8_general_ci LIKE '%monty%'
OR CAST(
    `performance_schema`.`events_statements_current`.`DIGEST` AS CHAR CHARACTER
    SET utf8
) COLLATE utf8_general_ci LIKE '%monty%'
OR CAST(
    `performance_schema`.`events_statements_current`.`DIGEST_TEXT` AS CHAR CHARACTER
    SET utf8
) COLLATE utf8_general_ci LIKE '%monty%'
OR CAST(
    `performance_schema`.`events_statements_current`.`CURRENT_SCHEMA` AS CHAR CHARACTER
    SET utf8
) COLLATE utf8_general_ci LIKE '%monty%'
OR CAST(
    `performance_schema`.`events_statements_current`.`OBJECT_TYPE` AS CH...

 

 

Edited September 12, 2022 by Maseda

[[007]DawisHU 260]

Hi.
After deleting from tables.
You are restarted mysql server on freebsd? 
If no, use this command.
 

Quote

1. /usr/local/etc/rc.d/mysql-server stop
2. /usr/local/etc/rc.d/mysql-server start

 

[Maseda 2]

3 minutes ago, [007]DawisHU said:

Hi.
After deleting from tables.
You are restarted mysql server on freebsd? 
If no, use this command.
 

 

I restarted, reboted, and i think this user monty is hidden in source, or vdi because if i create again that user is working to create characters, so this user is hiden somewhere...

[[007]DawisHU 260]

Are you sure? hidden?

From virgin source, if not same, the hidden user name are found

DB side,
 

Quote

 

Quote

main.cpp
Search: 
int Start()
In this , search:
if (CConfig::instance().GetValue("SQL_PLAYER", line, 256))

Original looks like:
 

Quote

if (!CDBManager::instance().Connect(SQL_PLAYER, "localhost", 0, "player", "mt2", "mt2!@#"))
    {
        if (CConfig::instance().GetValue("SQL_PLAYER", line, 256))
        {
            sscanf(line, " %s %s %s %s %d ", szAddr, szDB, szUser, szPassword, &iPort);
            sys_log(0, "connecting to MySQL server (player)");

            int iRetry = 5;

            do
            {
                if (CDBManager::instance().Connect(SQL_PLAYER, szAddr, iPort, szDB, szUser, szPassword))
                {
                    sys_log(0, "   OK");
                    break;
                }

                sys_log(0, "   failed, retrying in 5 seconds");
                fprintf(stderr, "   failed, retrying in 5 seconds");
                sleep(5);
            } while (iRetry--);
            //fprintf(stderr, "Success PLAYER\n");
            SetPlayerDBName(szDB);
        }
        else
        {
            sys_err("SQL_PLAYER not configured");
            return false;
        }
    }

Next is:

if (CConfig::instance().GetValue("SQL_ACCOUNT", line, 256))
Original looks like:
 

Quote

if (CConfig::instance().GetValue("SQL_ACCOUNT", line, 256))
    {
        sscanf(line, " %s %s %s %s %d ", szAddr, szDB, szUser, szPassword, &iPort);
        sys_log(0, "connecting to MySQL server (account)");

        int iRetry = 5;

        do
        {
            if (CDBManager::instance().Connect(SQL_ACCOUNT, szAddr, iPort, szDB, szUser, szPassword))
            {
                sys_log(0, "   OK");
                break;
            }

            sys_log(0, "   failed, retrying in 5 seconds");
            fprintf(stderr, "   failed, retrying in 5 seconds");
            sleep(5);
        } while (iRetry--);
        fprintf(stderr, "Success ACCOUNT\n");
    }
    else
    {
        sys_err("SQL_ACCOUNT not configured");
        return false;
    }

Next is:
if (CConfig::instance().GetValue("SQL_COMMON", line, 256))

Original looks like:

 

Quote

if (CConfig::instance().GetValue("SQL_COMMON", line, 256))
    {
        sscanf(line, " %s %s %s %s %d ", szAddr, szDB, szUser, szPassword, &iPort);
        sys_log(0, "connecting to MySQL server (common)");

        int iRetry = 5;

        do
        {
            if (CDBManager::instance().Connect(SQL_COMMON, szAddr, iPort, szDB, szUser, szPassword))
            {
                sys_log(0, "   OK");
                break;
            }

            sys_log(0, "   failed, retrying in 5 seconds");
            fprintf(stderr, "   failed, retrying in 5 seconds");
            sleep(5);
        } while (iRetry--);
fprintf(stderr, "Success COMMON\n");
    }
    else
    {
        sys_err("SQL_COMMON not configured");
        return false;
    }

Next is:
if (CConfig::instance().GetValue("SQL_HOTBACKUP", line, 256))
Original looks like :

 

Quote

if (CConfig::instance().GetValue("SQL_HOTBACKUP", line, 256))
    {
        sscanf(line, " %s %s %s %s %d ", szAddr, szDB, szUser, szPassword, &iPort);
        sys_log(0, "connecting to MySQL server (hotbackup)");

        int iRetry = 5;

        do
        {
            if (CDBManager::instance().Connect(SQL_HOTBACKUP, szAddr, iPort, szDB, szUser, szPassword))
            {
                sys_log(0, "   OK");
                break;
            }

            sys_log(0, "   failed, retrying in 5 seconds");
            fprintf(stderr, "   failed, retrying in 5 seconds");
            sleep(5);
        }
        while (iRetry--);

fprintf(stderr, "Success HOTBACKUP\n");
    }
    else
    {
        sys_err("SQL_HOTBACKUP not configured");
        return false;
    }

 

Game side:

 

Quote

Config.cpp

Search this:

void config_init(const string& st_localeServiceName)

in this void,  search this:

TOKEN("player_sql")

Original looks like:
 

Quote

TOKEN("player_sql")
        {
            const char * line = two_arguments(value_string, db_host[0], sizeof(db_host[0]), db_user[0], sizeof(db_user[0]));
            line = two_arguments(line, db_pwd[0], sizeof(db_pwd[0]), db_db[0], sizeof(db_db[0]));

            if (NULL != line[0])
            {
                char buf[256];
                one_argument(line, buf, sizeof(buf));
                str_to_number(mysql_db_port[0], buf);
            }

            if (!*db_host[0] || !*db_user[0] || !*db_pwd[0] || !*db_db[0])
            {
                fprintf(stderr, "PLAYER_SQL syntax: logsql <host user password db>\n");
                exit(1);
            }

            char buf[1024];
            snprintf(buf, sizeof(buf), "PLAYER_SQL: %s %s %s %s %d", db_host[0], db_user[0], db_pwd[0], db_db[0], mysql_db_port[0]);
            isPlayerSQL = true;
            continue;
        }

Next is:

TOKEN("common_sql")

Original looks like:
 

Quote

TOKEN("common_sql")
        {
            const char * line = two_arguments(value_string, db_host[1], sizeof(db_host[1]), db_user[1], sizeof(db_user[1]));
            line = two_arguments(line, db_pwd[1], sizeof(db_pwd[1]), db_db[1], sizeof(db_db[1]));

            if (NULL != line[0])
            {
                char buf[256];
                one_argument(line, buf, sizeof(buf));
                str_to_number(mysql_db_port[1], buf);
            }

            if (!*db_host[1] || !*db_user[1] || !*db_pwd[1] || !*db_db[1])
            {
                fprintf(stderr, "COMMON_SQL syntax: logsql <host user password db>\n");
                exit(1);
            }

            char buf[1024];
            snprintf(buf, sizeof(buf), "COMMON_SQL: %s %s %s %s %d", db_host[1], db_user[1], db_pwd[1], db_db[1], mysql_db_port[1]);
            isCommonSQL = true;
            continue;
        }

Next is:

TOKEN("log_sql")
Original looks like:
 

Quote

TOKEN("log_sql")
        {
            const char * line = two_arguments(value_string, log_host, sizeof(log_host), log_user, sizeof(log_user));
            line = two_arguments(line, log_pwd, sizeof(log_pwd), log_db, sizeof(log_db));

            if (NULL != line[0])
            {
                char buf[256];
                one_argument(line, buf, sizeof(buf));
                str_to_number(log_port, buf);
            }

            if (!*log_host || !*log_user || !*log_pwd || !*log_db)
            {
                fprintf(stderr, "LOG_SQL syntax: logsql <host user password db>\n");
                exit(1);
            }

            char buf[1024];
            snprintf(buf, sizeof(buf), "LOG_SQL: %s %s %s %s %d", log_host, log_user, log_pwd, log_db, log_port);
            continue;
        }

And check last one:

if (!isPlayerSQL)
    {
        puts("LOAD_PLAYER_SQL_INFO_FAILURE:");
        puts("");
        puts("CONFIG:");
        puts("------------------------------------------------");
        puts("PLAYER_SQL: HOST USER PASSWORD DATABASE");
        puts("");
        exit(1);
    }

after this :

AccountDB::instance().Connect(db_host[1], mysql_db_port[1], db_user[1], db_pwd[1], db_db[1]);

these things is same, with originals?

Edited September 12, 2022 by [007]DawisHU

[Maseda 2]

8 minutes ago, [007]DawisHU said:

Are you sure? hidden?

From virgin source, if not same, the hidden user name are found

DB side,
 

Game side:

 

these things is same, with originals?

Yes is the same....

[Maseda 2]

Anyone can help me ???