Mr-Scripts Posted May 17, 2013 Share Posted May 17, 2013 Hello mwg users I currently have a game that keeps gets hacked I've got a url logger in place to track the pages but I've been through the logs without luck nothing out of the ordinary so my only conclusion is to rebuild the database from scratch or. To research further to see if it's a SQL injection if not pay some one to look and correct it as I dont have much time at the moment any suggestions or people that want to look inbox me Quote Link to comment Share on other sites More sharing options...
sniko Posted May 17, 2013 Share Posted May 17, 2013 Could you post your game link (or a mirror of your game) so we can test for the flaws? Quote Link to comment Share on other sites More sharing options...
BlackScorp Posted May 17, 2013 Share Posted May 17, 2013 check your code for $id = mysql_real_escape_string($_GET['id']); mysql_query(somquery which uses the ID) cause this can be used for SQL Injections, to prevent this you have to cast the id to integer like $id = (int) $_GET['id'] Quote Link to comment Share on other sites More sharing options...
Bennyh789 Posted May 17, 2013 Share Posted May 17, 2013 Could you post your game link (or a mirror of your game) so we can test for the flaws? I am having the same trouble Could anyone please test my site for flaws http://www.endoftimez.info Username: emailtest Password: reloaded There are no crons running on the game so don't get put in hosp or jail lol Thanks in advance I have credited the account with 10 million and 50 zombie heads in case they are needed Have fun hacking!! Quote Link to comment Share on other sites More sharing options...
Mr-Scripts Posted May 17, 2013 Author Share Posted May 17, 2013 Could you post your game link (or a mirror of your game) so we can test for the flaws? personal messaged you Quote Link to comment Share on other sites More sharing options...
Dominion Posted May 17, 2013 Share Posted May 17, 2013 What did they actually do, you mention rebuilding the database so did they drop it? What kind of site is it, and is it based of preexisting software? If so there could be a flaw in it others have found before. Quote Link to comment Share on other sites More sharing options...
Mr-Scripts Posted May 17, 2013 Author Share Posted May 17, 2013 What did they actually do, you mention rebuilding the database so did they drop it? What kind of site is it, and is it based of preexisting software? If so there could be a flaw in it others have found before. its a texted based mafia game and ill send you link in private message Quote Link to comment Share on other sites More sharing options...
Serin Posted May 17, 2013 Share Posted May 17, 2013 its pocketmafia.com it gets hacked on a daily basis due to the owners been money hungry idiots Quote Link to comment Share on other sites More sharing options...
SRB Posted May 17, 2013 Share Posted May 17, 2013 Yes, the domain is www.pocketmafia.com. The problem is information disclosure via sql tampering. Meaning... You need to be updating the code and checking every variable and where it goes. Enjoy :) Quote Link to comment Share on other sites More sharing options...
Serin Posted May 17, 2013 Share Posted May 17, 2013 oh and before i forget the same owners of that site sold me a lottory mod for $50 when i recieved it, it was a free mod made for these forums // Created, and released for free for the MWG (makewebgames.io) community by Kieran-R Quote Link to comment Share on other sites More sharing options...
Mr-Scripts Posted May 17, 2013 Author Share Posted May 17, 2013 Yes, the domain is www.pocketmafia.com. The problem is information disclosure via sql tampering. Meaning... You need to be updating the code and checking every variable and where it goes. Enjoy :) every variable of my site Quote Link to comment Share on other sites More sharing options...
Serin Posted May 17, 2013 Share Posted May 17, 2013 every variable of my site no comment on the fact that you sold me a script for 50$ that was made and released free for these forums? imo you owe me 50$ selling other peoples work Quote Link to comment Share on other sites More sharing options...
Mr-Scripts Posted May 17, 2013 Author Share Posted May 17, 2013 no comment on the fact that you sold me a script for 50$ that was made and released free for these forums? imo you owe me 50$ selling other peoples work i have never sold you files i have never sold anything on mwg ? Quote Link to comment Share on other sites More sharing options...
Mr-Scripts Posted May 17, 2013 Author Share Posted May 17, 2013 its pocketmafia.com it gets hacked on a daily basis due to the owners been money hungry idiots funny thing is that not even my site i own a different game so i think you owe me a sorry Quote Link to comment Share on other sites More sharing options...
Dominion Posted May 17, 2013 Share Posted May 17, 2013 Yes, the domain is www.pocketmafia.com. This is not the web address he sent to me via PM. Quote Link to comment Share on other sites More sharing options...
JohnGato Posted May 17, 2013 Share Posted May 17, 2013 oh and before i forget the same owners of that site sold me a lottory mod for $50 when i recieved it, it was a free mod made for these forums // Created, and released for free for the MWG (makewebgames.io) community by Kieran-R Well i guess you should have done some investigating before spending the money on the mods Quote Link to comment Share on other sites More sharing options...
Mr-Scripts Posted May 17, 2013 Author Share Posted May 17, 2013 This is not the web address he sent to me via PM. thank you dominion im only seeking advice so please do not make Allegations Quote Link to comment Share on other sites More sharing options...
Mr-Scripts Posted May 17, 2013 Author Share Posted May 17, 2013 Well i guess you should have done some investigating before spending the money on the mods very true johngato :) Quote Link to comment Share on other sites More sharing options...
Serin Posted May 17, 2013 Share Posted May 17, 2013 Well i guess you should have done some investigating before spending the money on the mods i didnt even know about this forum until i boiught the scripts, and mr scripts you have lots of games, you take a copy of pocketmafia rename it do some tweaks and sell, do not try take me for an idiot again Quote Link to comment Share on other sites More sharing options...
Mr-Scripts Posted May 17, 2013 Author Share Posted May 17, 2013 (edited) i didnt even know about this forum until i boiught the scripts, and mr scripts you have lots of games, you take a copy of pocketmafia rename it do some tweaks and sell, do not try take me for an idiot again you are a idiot cause you have no proof and your making false claims which you cant back up and if you cross check my name/domain/personal information it will tell you i own only one domain. so can we get back on topic and this is not a topic to slag people off and make claims and lie this topic was created for the purpose of help and only that. Edited May 17, 2013 by Mr-Scripts Quote Link to comment Share on other sites More sharing options...
SRB Posted May 17, 2013 Share Posted May 17, 2013 thank you dominion im only seeking advice so please do not make Allegations Send me the URL. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.