Mr-Scripts Posted May 17, 2013 Posted May 17, 2013 Hello mwg users I currently have a game that keeps gets hacked I've got a url logger in place to track the pages but I've been through the logs without luck nothing out of the ordinary so my only conclusion is to rebuild the database from scratch or. To research further to see if it's a SQL injection if not pay some one to look and correct it as I dont have much time at the moment any suggestions or people that want to look inbox me Quote
sniko Posted May 17, 2013 Posted May 17, 2013 Could you post your game link (or a mirror of your game) so we can test for the flaws? Quote
BlackScorp Posted May 17, 2013 Posted May 17, 2013 check your code for $id = mysql_real_escape_string($_GET['id']); mysql_query(somquery which uses the ID) cause this can be used for SQL Injections, to prevent this you have to cast the id to integer like $id = (int) $_GET['id'] Quote
Bennyh789 Posted May 17, 2013 Posted May 17, 2013 Could you post your game link (or a mirror of your game) so we can test for the flaws? I am having the same trouble Could anyone please test my site for flaws http://www.endoftimez.info Username: emailtest Password: reloaded There are no crons running on the game so don't get put in hosp or jail lol Thanks in advance I have credited the account with 10 million and 50 zombie heads in case they are needed Have fun hacking!! Quote
Mr-Scripts Posted May 17, 2013 Author Posted May 17, 2013 Could you post your game link (or a mirror of your game) so we can test for the flaws? personal messaged you Quote
Dominion Posted May 17, 2013 Posted May 17, 2013 What did they actually do, you mention rebuilding the database so did they drop it? What kind of site is it, and is it based of preexisting software? If so there could be a flaw in it others have found before. Quote
Mr-Scripts Posted May 17, 2013 Author Posted May 17, 2013 What did they actually do, you mention rebuilding the database so did they drop it? What kind of site is it, and is it based of preexisting software? If so there could be a flaw in it others have found before. its a texted based mafia game and ill send you link in private message Quote
Serin Posted May 17, 2013 Posted May 17, 2013 its pocketmafia.com it gets hacked on a daily basis due to the owners been money hungry idiots Quote
SRB Posted May 17, 2013 Posted May 17, 2013 Yes, the domain is www.pocketmafia.com. The problem is information disclosure via sql tampering. Meaning... You need to be updating the code and checking every variable and where it goes. Enjoy :) Quote
Serin Posted May 17, 2013 Posted May 17, 2013 oh and before i forget the same owners of that site sold me a lottory mod for $50 when i recieved it, it was a free mod made for these forums // Created, and released for free for the MWG (makewebgames.io) community by Kieran-R Quote
Mr-Scripts Posted May 17, 2013 Author Posted May 17, 2013 Yes, the domain is www.pocketmafia.com. The problem is information disclosure via sql tampering. Meaning... You need to be updating the code and checking every variable and where it goes. Enjoy :) every variable of my site Quote
Serin Posted May 17, 2013 Posted May 17, 2013 every variable of my site no comment on the fact that you sold me a script for 50$ that was made and released free for these forums? imo you owe me 50$ selling other peoples work Quote
Mr-Scripts Posted May 17, 2013 Author Posted May 17, 2013 no comment on the fact that you sold me a script for 50$ that was made and released free for these forums? imo you owe me 50$ selling other peoples work i have never sold you files i have never sold anything on mwg ? Quote
Mr-Scripts Posted May 17, 2013 Author Posted May 17, 2013 its pocketmafia.com it gets hacked on a daily basis due to the owners been money hungry idiots funny thing is that not even my site i own a different game so i think you owe me a sorry Quote
Dominion Posted May 17, 2013 Posted May 17, 2013 Yes, the domain is www.pocketmafia.com. This is not the web address he sent to me via PM. Quote
JohnGato Posted May 17, 2013 Posted May 17, 2013 oh and before i forget the same owners of that site sold me a lottory mod for $50 when i recieved it, it was a free mod made for these forums // Created, and released for free for the MWG (makewebgames.io) community by Kieran-R Well i guess you should have done some investigating before spending the money on the mods Quote
Mr-Scripts Posted May 17, 2013 Author Posted May 17, 2013 This is not the web address he sent to me via PM. thank you dominion im only seeking advice so please do not make Allegations Quote
Mr-Scripts Posted May 17, 2013 Author Posted May 17, 2013 Well i guess you should have done some investigating before spending the money on the mods very true johngato :) Quote
Serin Posted May 17, 2013 Posted May 17, 2013 Well i guess you should have done some investigating before spending the money on the mods i didnt even know about this forum until i boiught the scripts, and mr scripts you have lots of games, you take a copy of pocketmafia rename it do some tweaks and sell, do not try take me for an idiot again Quote
Mr-Scripts Posted May 17, 2013 Author Posted May 17, 2013 (edited) i didnt even know about this forum until i boiught the scripts, and mr scripts you have lots of games, you take a copy of pocketmafia rename it do some tweaks and sell, do not try take me for an idiot again you are a idiot cause you have no proof and your making false claims which you cant back up and if you cross check my name/domain/personal information it will tell you i own only one domain. so can we get back on topic and this is not a topic to slag people off and make claims and lie this topic was created for the purpose of help and only that. Edited May 17, 2013 by Mr-Scripts Quote
SRB Posted May 17, 2013 Posted May 17, 2013 thank you dominion im only seeking advice so please do not make Allegations Send me the URL. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.