• There is NO official Otland's Discord server and NO official Otland's server list. The Otland's Staff does not manage any Discord server or server list. Moderators or administrator of any Discord server or server lists have NO connection to the Otland's Staff. Do not get scammed!
  • 2026 staff recruitment is open! Check it out and consider applying!

Windows ZnoteAAC X Hack :(

magmaguz

magmaguz

New Member
Joined
Jan 17, 2009
Messages
53
Reaction score
1
Location
Governador Valadares -MG - Brasil
I have a server online using ZnoteAAC

Znote got any error to invade the site? because hack change "admin_painel_acess" and deleted all news website, later change acc for acess 6 and logged in server and fucked my ot :(

what i do to protect this?
 
Sort by date Sort by votes
Give us more info. What version of Znote's aac are you using? maybe try another template check you access logs, maybe someone has access to the server or the database and they where able to get your password or set their account as admin.
 
Upvote 0 Downvote
magmaguz said:
I have a server online using ZnoteAAC

Znote got any error to invade the site? because hack change "admin_painel_acess" and deleted all news website, later change acc for acess 6 and logged in server and fucked my ot :(

what i do to protect this?
Click to expand...

Znote AAC do not even use table "admin_panel_access" as far I know.
Are you sure you use ZnoteAAC? If yes, where have you download it? Did anyone send it for you?
 
Upvote 0 Downvote
PM me with your website and Ill sort it for you.

I dont believe you use a genuine version of ZnoteAAC, what version are you using?
 
Upvote 0 Downvote
They changed $config['page_admin_access']?
Which custom scripts are you using on Znote AAC?

There are several sites who have used Znote AAC for a long time now, for instance http://dalerium.net/
They havent reported any security threats to me. And all default Znote AAC code is sanitized.

Who have you been working with on this OT? Have trusted anyone enough to give them access to your computer?

All official versions of Znote AAC, even the first released one (Znote AAC 1.0) is still considered secure.

Your domain is tibiaclassic.com? Am I right to assume you are using a custom Znote AAC version for client 7.4-7.72?
These versions are not released by me, and I am not responsible for any security holes those versions contain.
 
Upvote 0 Downvote
Znote said:
They changed $config['page_admin_access']?
Which custom scripts are you using on Znote AAC?

There are several sites who have used Znote AAC for a long time now, for instance http://dalerium.net/
They havent reported any security threats to me. And all default Znote AAC code is sanitized.

Who have you been working with on this OT? Have trusted anyone enough to give them access to your computer?

All official versions of Znote AAC, even the first released one (Znote AAC 1.0) is still considered secure.

Your domain is tibiaclassic.com? Am I right to assume you are using a custom Znote AAC version for client 7.4-7.72?
These versions are not released by me, and I am not responsible for any security holes those versions contain.
Click to expand...

Znote got skype?
 
Upvote 0 Downvote
Windows server. Are you using XAMPP? in that case the vulnerability might not be in the AAC itself but maybe a WebDav accesspage or PhpMyAdmin.
 
Upvote 0 Downvote
He's using default encryption "Plain" goto config.lua and change encryption from plain to "sha1". dont forget to completly reinstall your website just to be sure it will work correctly.
 
Upvote 0 Downvote
Mokerhamer said:
He's using default encryption "Plain" goto config.lua and change encryption from plain to "sha1". dont forget to completly reinstall your website just to be sure it will work correctly.
Click to expand...

Welp. Its great that you are trying to help but this wont help at all.

As Ive already told you in PM, just send me the info and Ill show you the vulnerabilities. If it's related to ZnoteAAC (which I highly doubt) I will also fix it for you and make sure Znote knows about it.
 
Upvote 0 Downvote
Back
Top