vampireduff Posted October 15, 2009 Posted October 15, 2009 I have had my game hacked, although the guy that did it did not do too much damage and I am not sure how he did what he did, but I have learned that he has do this on many games. so I have copied his name and his IP and those of you that owns a game can keep a look out for him. incase he signs up to your game and hacks into it. his name is: Markwick and is IP is: 70.87.103.182 and host: b6.67.5746.static.theplanet.com (these could be fake though) he signs up with games and within his first 5mins of being a new member he will gain Billions of game money both on hand and in his bank. he will also give non active users mass amounts of cash for others to mug. Hope no one else gets hacked from this looser. and hopefully we can all work together to stop these people from hacking our game. if we all post there names and what there do up in here. As well as a way to stop them if anyone knows. I fedded, Markwick and also banned his IP, of course I know that if he wanted to he could still find ways to get onto my game, but I am keeping a close look out now. hope he doesn't hack anyone else Quote
gurpreet Posted October 15, 2009 Posted October 15, 2009 Yeh he came onto my game. I had an insecure Cmarket.php up, it's fixed now, so he's off my game...Just secure your cmarket and you should be alright. Quote
The Chaotic Banana Posted October 16, 2009 Posted October 16, 2009 Thanks for the information this user will now be under LOG on my game if you want to talk to this user whihc i doubght he plays my game WHICH is secre to a certain extent before any of you quote me on this I have his messenger and he even said to me my game is secure he tried to hack my game im aware of it but i Have secured everything on my game well most things. -> IP Addresses Removed <- Apologies my game is http://www.criminal-madness.co.uk and his user is 124 :) hope this helps if you needs tips on securing im sure there are plenty in the forum thanks Quote
AlabamaHit Posted October 16, 2009 Posted October 16, 2009 I understand you want to help. but you can 'not' give peoples IP out like that, It is against privacy. Making it illegal. I'm sure you didn't know that..but you really can't give out IP address' Quote
a_bertrand Posted October 16, 2009 Posted October 16, 2009 Honestly I'm unsure about this, I didn't found any law preventing you to post IP addresses, and I don't think it's YET considered a private information. Specially if you don't give a link between a real name and IP. So no I don't think an isolated IP is a sensitive information. Now, to block an "hacker", just an IP like that makes nothing, as anybody with a little bit of knowledge could use ways to change his/her IP. For example the first IP reported is certainly a proxy as it ends up by a hosting provider and a server ;) Quote
CrackTheCoder Posted October 16, 2009 Posted October 16, 2009 none You can put the GET and POST secure function in globals and sglobals to secure a few things. and my suggestion is for the forums... get rid of ingame forums and jus get a free phpBB forum. its better looking and its already secure. 8) Quote
Danny696 Posted October 16, 2009 Posted October 16, 2009 But then you need to intergtae it, something not alot of people can do Quote
Djkanna Posted October 16, 2009 Posted October 16, 2009 Or just secure the forum provided for you :) Quote
The Chaotic Banana Posted October 16, 2009 Posted October 16, 2009 Ive removed ip addresses from my other post just not to cause any arguments :) Look around the forum people have made secure forums My forums are secure I have MTGS forums Quote
plintu Posted October 17, 2009 Posted October 17, 2009 Yeah I ran across the same person trying that crud on my game also check for this user Milly they seem to even log into each game with the same name! LOL And I wouldn't even really care about this persons rights and being nice and not posting his IP address do you think that he is not gonna use an exploit on your game if he finds it because you were nice and didn't post his IP? These guys are jerks going around looking for mccodes games to try to ruin them so I say to hell with these guys! they have no idea how much time and effort we all put into our games to try to make them good then he trys to ruin it in a few swipes well markwick logged into my game and attempted to hack it also but he messed up and used his home computer and I got this ip address 92.235.150.88 92-235-150-88.cable.ubr20.aztw.blueyonder.co.uk so if this helps anyone prevent a hacker from ruining their game there you go! but I also got the 70.87.103.182 b6.67.5746.static.theplanet.com address from him he used that one to sign up then he also signed up using a markwick123 name, so he uses both ip's often! Now the milly one uses 82.25.183.36 client-82-25-183-36.brnt.adsl.virginmedia.com! I hope this helps someone out! I even chatted with milly for a bit about it and milly was a 15 year old boy who said he just wanted to be strong in a game and kept pushing asking to be admin but I told him he was a loon and banned him and blocked ip.:D :thumbsup: Quote
Strats Posted October 18, 2009 Posted October 18, 2009 He got me too with something in inventory. I am glad he didn't do too much just gave himself some more donator days Quote
Joshua Posted October 20, 2009 Posted October 20, 2009 I beleive he just got me on my game as well, though he just credited himself and nothing more. I am curious as to just how he did this I have the following SECURED. Header---Abs@intval and $ip secured as well as viewforum/forumreply. Registration--All $_GET and $_POST secured as well as $IP secured. Authenticate--Same as Register. Cmarket---Done by MagicTallguy--I'd assume that's as secure as it gets :P Forums----Done by MagicTallguy--Again..secure as it gets. Userslist---Found on Dev-forum and also approved to be secure. Staffpanel--Not only have the names of all files been changed to something Only I know, but I also have a Staff-Password.---Wasnt through there. Viewuser---MagicTallguy made--Secure. Usersonline---Karlos made, should be secure. Creategane--Sniko secured. Login--Secured. Bank---Made by Karlos or Magictallguy---Secured. --EDit--Crystaltemple--Made by magictallguy--secured I do not know how he bypassed and got the money. I don't know what more I am missing, but this guy had 400b Crystals, Cash and 3 donator days from my crystaltemple.php---I"M THINKING this was where the leak was, that or Gang Panel. --EDIT-- Scratch that, the Crystaltemple was also made my MagicTallguy so it shouldntt have any leaks-- Appears to have same info. Last Login 92.235.150.88 92-235-150-88.cable.ubr20.aztw.blueyonder.co.uk Quote
rulerofzu Posted October 20, 2009 Posted October 20, 2009 Strats mentioned his inventory code. Have you checked that? Quote
gurpreet Posted October 20, 2009 Posted October 20, 2009 There was a hole in MTG's Cmarket. I got another one I had before (cant remeber which) and the exploits stopped. Quote
Joshua Posted October 20, 2009 Posted October 20, 2009 Hmm Bizzare. I'll have to go through it and see if i cant find a leak :\ Quote
Bwerk01 Posted October 20, 2009 Posted October 20, 2009 Yeah he was on my game trying to do all sorts of stuff. He wasn't successful at anything. He tried to gain access to the staff panel, adjust his user level, even tried some stuff with javascript but he didn't get a thing. I let him go at it for a bit to see if he could find a bug or anything but finally just banned him after he didn't get anything. Quote
Joshua Posted October 20, 2009 Posted October 20, 2009 How do you know what all he was doing on your site? I'm curious as to how you log things of that nature. I have the log malicious users script, but it only tells me when they attempt to access my staff panel. Is their some sort of keylogger type program that works in-game telling you what the user is doing? Quote
Djkanna Posted October 21, 2009 Posted October 21, 2009 Error logs work nicely to see what errors have been generated. Still a little concerned about this inventory exploit could it be a query that can be commented out and extra things added in to gain all this stuff ? I must have a looksy later on :P DJK Quote
rulerofzu Posted October 21, 2009 Posted October 21, 2009 Maybe not the actual inventory code but take a look at the links leading off there. Your itemsend use and market files all have get and post values that could be exploited if they are not secured. Quote
vampireduff Posted October 21, 2009 Author Posted October 21, 2009 I have another guy trying to hack my site, he never got far but thanks to all the replies on here I now know where else to check my security. I also know that some say not to post IP's and others say it is ok, so I'm going out on a limb here and I'm going to post them anyway....... if this is not allowed then I would like the site staff to message me and I will then remove them.... but until then I hope this help in the fight to keep out sites safe. hackers info name: jonoh (he could use others) IP's are: 62.193.236.96 and 86.160.148.157 His E-mail is: [email protected] this one did get into my staff panel and change is user level to admin. and even change the paypal thing in the basic settings now I check these each and every time I go online hope this helps someone :) Quote
rulerofzu Posted October 21, 2009 Posted October 21, 2009 You could take steps to prevent access to the staff files Create a .htaccess file and place in the root of your game AuthName "Restricted Area" AuthType Basic AuthUserFile /home/user/.htpasswd AuthGroupFile /dev/null <Files staff.php> require valid-user </Files> Then create a .htpasswd file containing a username:password (make sure you use some type of encryption for the password!) If your uploading the files they need to be in ASCII mode not binary and the .htpasswd needs to out of your webroot You can add to the files to be protected for example <Files staff.php, staff_users.php> And your done.....now when you need to access the staff file you will be prompted for a user / pass. Add to the htpasswd list usernames and passwords for all your staff. Again making sure the passwords are done using an encryption. Now if anyone gets into your staff area its either you used a crappy password or your staff gave it out in which case one or both of you should be shot! Quote
vampireduff Posted October 22, 2009 Author Posted October 22, 2009 thanks I will try that will this also stop the attacks some use by using a firefox addon? I don't know too much about this add on or what it is or does but that Jonoh guy messaged me before I banned his IP saying that is what he uses to hack games and gain control of there paypal...... so what out for this guy everyone and keep an eye on your paypal thingy Quote
rulerofzu Posted October 22, 2009 Posted October 22, 2009 lol.....did he message you saying he can fix it too? usually they do. For a nominal fee of course. Firefox add ons there are a few that are for sql injection testing. People like this use them to seek out ways into your website and then get in from there. htaccess is an apache webserver security method. Someone correct me if im wrong but im pretty sure that bruteforce attacks on the server is the only way around it. So make sure you pick a password that isnt easy and encrypt it. As for paypal. Well dont use the stock mc2 donator code or IPN unless you have made sure its secure first. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.