HELP Hacker

[Deleted member 12419]

Hi I need help fast. I got a guy in my server that is crashing my server. He says its SQL injection.
And he says if Ip ban him he will "spamm crash it".

Idk how to solve this matter. How can I make so he cant crash it anymore.

He also says that he can make himself god. and give himself uber items.

I dont believe him in that part but I dont wanna test it.

Please help!

I really dont wanna shutdown my OT because of one man.

He is realy cocky also. Telling me if I change mysql port from 3306 to something else noob hackers wont be able to hack me. But he says he use a tool to see what open ports I have.

This is really sad. Why does he have to do this I havent done anything wrong. :S no power abuser here.

 

[GreeNDiZeR]

ip?>
drop pma.bye

 

[Deleted member 12419]

ip?>
drop pma.bye

you want my ip?

where I find pma.bye

 

[GreeNDiZeR]

pma is on database, yes i want ip :O to check

 

[Onizuka]

read this.


http://otland.net/f14/warning-everyone-whos-running-xampp-15321/

 

[Deleted member 12419]

read this.


http://otland.net/f14/warning-everyone-whos-running-xampp-15321/

I have done what it says in first post there. and it went successful no errors. I tried to login with pma user and no password. and it not worked.

Does this mean its fixed?

This "hacker" seems not like a noob hacker.

 

[Onizuka]

right now what you should do is check if "hacker" made any more users in your xampp. If he did not then change your password to database for a new one. then restart appache. and he won't do shit anymore to ya ^^ but i doubt he even hacked your database, bcz he would not tell you about it if he did hack it.


^^

 

[Noxsia]

Hi I need help fast. I got a guy in my server that is crashing my server. He says its SQL injection.
And he says if Ip ban him he will "spamm crash it".

Idk how to solve this matter. How can I make so he cant crash it anymore.

He also says that he can make himself god. and give himself uber items.

I dont believe him in that part but I dont wanna test it.

Please help!

I really dont wanna shutdown my OT because of one man.

He is realy cocky also. Telling me if I change mysql port from 3306 to something else noob hackers wont be able to hack me. But he says he use a tool to see what open ports I have.

This is really sad. Why does he have to do this I havent done anything wrong. :S no power abuser here.

He CAN make himself a GM, he can do whatever he want.. almost. Since he can access the /phpmyadmin... Make phpmyadmin to a localconnection. Its somewhere in this forum

 

[Cazar]

Some Server could crashed by some commands that you can do in your run.exe

Fix Telnet (Disable TelNet) ask your Provider~ or your Dedicated hosts~

 

[Deleted member 12419]

He has done it again. I ip ban him because of it. I dropped pma so Idk how he is doing it. He cant login to pma anymore.

But somehow he is managing to crash server. And it shows no error message when he does it
Please help!

 

[wlj]

firewall?

 

[Deleted member 12419]

firewall?

I have firewall on. And opened the neccesary ports to use server like 7171 7172. 3306. 80.

 

[Don Daniello]

check if you don't have remote protocol enabled (XML/admin.xml) without password...

 

[Kiman]

Deny connections to phpMyAdmin except localhost or remote computer

Use this if you have xampp 1.7.1 or older

Rep if useful

 

[Deleted member 12419]

check if you don't have remote protocol enabled (XML/admin.xml) without password...

I have edited there and this is how it looks like

<?xml version="1.0" encoding="UTF-8"?>
<otadmin enabled="0">
	<security onlylocalhost="1" maxconnections="0" loginrequired="1" loginpassword="I have my password here"/>
	<encryption required="0">
		<!-- key type="RSA1024XTEA" file="rsakey.private"/ -->
	</encryption>
</otadmin>

 

[Don Daniello]

Ok, it's disabled, so it's not that. Provide your IP adress so I can take a look.

 

[Deleted member 12419]

Deny connections to phpMyAdmin except localhost or remote computer

Use this if you have xampp 1.7.1 or older

Rep if useful

I have xamp 1.7.2.. so cant use it.


DROP USER 'pma'@'localhost'; and it was successful so I think he cant login there anymore.

Ok, it's disabled, so it's not that. Provide your IP adress so I can take a look.

I have sent u a PM

 

[Onizuka]

he probably found a buy and is abusing it to crash your ot.

i already fucki** posted that before, mby a map bug or some shit in your ot.

people post here without reading other posts and it leads to misses.

 

[Deleted member 12419]

he probably found a buy and is abusing it to crash your ot.

i already fucki** posted that before, mby a map bug or some shit in your ot.

people post here without reading other posts and it leads to misses.

since I ip banned him. I dont see how it can be a map bug since he cant
be on the map? :huh:

And I read your post and dit what it say there but if you had read mine. You would have seen that didnt help. He still able to crash it.

 

[Don Shotta]

He is proberly just using dos program lol