Jump to content

Recommended Posts

Posted

Since a lot of people got problems with account panels and hosting company that doesn't support mssql connection i've made a AP Gateway and Account Panel that should work everywhere.

How it works:

Account Panel got 3 basic functions:

- DBCreateAccount - creates account

- DBChangePassword - changes password for specified account

- DBResetPassword - resets password for specified account and sends it to player's email box

Above functions uses tcp/ip protocol to connect to AP Gateway - that's why no additional library is required at hosting side. The AP Gateway (made in C# uses .Net Framework 4.0) have be run in windows box - can be run in same machine as MS SQL Server, it connects to sql server and handles Account Panel's requests.

 

How to configure:

1. Download and unpack AccountPanel.7z then open and edit config.php:

<?php
$serverName="L2Service";  //Change it to your server name
$serverUrl="http://www.l2service.com"; //Change it to your server's website url
$dbHost = "127.0.0.1";  //APGateway IP - ip of the machine where AP Gateway will be hosted
$dbPort = 1224; //APGateway Port
$captchaType=1; //Captcha Type 1 - Slide , 0 - Text - anti bot system

?>

2. Upload Account Panel to your web host.

3. Create new login in MSSQL for APGateway (it needs read/writie/connect access to lin2db database).

4. Download and unpack APGateway.7z then open and configure APGateway.exe.config in some text editor (ex Notepad2):

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
    <configSections>
        <sectionGroup name="applicationSettings" type="System.Configuration.ApplicationSettingsGroup, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" >
            <section name="APGateway.Properties.Settings" type="System.Configuration.ClientSettingsSection, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false" />
        </sectionGroup>
    </configSections>
    <applicationSettings>
        <APGateway.Properties.Settings>
            <setting name="DbUser" serializeAs="String">
                <value>sa</value>
            </setting>
            <setting name="DbPassword" serializeAs="String">
                <value>123456</value>
            </setting>
            <setting name="DbServer" serializeAs="String">
                <value>(local)\SQLEXPRESS</value>
            </setting>
            <setting name="BannedIpList" serializeAs="String">
                <value>192.168.15.44;120.33.234.11</value>
            </setting>
            <setting name="BanDuration" serializeAs="String">
                <value>300</value>
            </setting>
            <setting name="SafeIpList" serializeAs="String">
                <value>127.0.0.1</value>
            </setting>
            <setting name="ConnectionPerSecond" serializeAs="String">
                <value>10</value>
            </setting>
            <setting name="AcceptSocketDelay" serializeAs="String">
                <value>10</value>
            </setting>
            <setting name="DBTrustedConnection" serializeAs="String">
                <value>False</value>
            </setting>
            <setting name="DBTimeout" serializeAs="String">
                <value>30</value>
            </setting>
            <setting name="SMTPServer" serializeAs="String">
                <value>smtp.gmail.com</value>
            </setting>
            <setting name="SMTPPort" serializeAs="String">
                <value>587</value>
            </setting>
            <setting name="SMTPUseSSL" serializeAs="String">
                <value>True</value>
            </setting>
            <setting name="SMTPLogin" serializeAs="String">
                <value>yourSmtpLogin</value>
            </setting>
            <setting name="SMTPPassword" serializeAs="String">
                <value>yourSmtpPassword</value>
            </setting>
            <setting name="EmailAddress" serializeAs="String">
                <value>support@l2service.com</value>
            </setting>
            <setting name="ServerName" serializeAs="String">
                <value>L2Service</value>
            </setting>
        </APGateway.Properties.Settings>
    </applicationSettings>
</configuration>

 

- DbUser - replace sa with your new login

- DbPassword - repalce 123456 with password for your new login

- DbServer - replace (local)\SQLEXPRESS with your sql server instance

- SafeIpList - add your web host's ip there (separated with ';' )

SMTP server is used to send new passwords to player's email box (Reset Password option)

- SMTPServer - replace smtp.gmail.com with your smtp server

- SMTPPort - replace 587 with your smtp server port

- SMTPLogin - replace yourSmtpLogin with login to your email account

- SMTPPassword - replace yourSmtpPassword with password for your email account

- EmailAddress - replace support@l2service.com with your email address

- ServerName - replace L2Service with your server name

5. Upload APGateway to your server machine and open port 1224 TCP in Firewall (dont forget to add rule that only your web server ip can connect)

6. Open update.sql from AccountPanel.7z and run this query in MSSQL Management Studio - it will add email field to user_account table.

7. Run APGateway and have fun with working account panel.

 

Required files:

AccountPanel.7z

APGateway.7z

.NET Framework 4.0 (Web Installer)

 

Feel free to edit above files as you like to, just don't sell them.

 

Regards

  • 3 weeks later...
  • 9 months later...
  • 2 weeks later...
Posted

If you shared this tool because many have problems with hosters that don't support mssql .

Why you dont release the source code of ApGateway so the users can compile - look on the code and trust this server executable?

Posted

Think that most of the people here, don't have any codding knowledge, so even if they will have the source, they won't have any idea how to use it or work with it.

 

Use it and then cry for being hacked.

I think Vanganth knows what he is doing.

Posted

Think that most of the people here, don't have any codding knowledge, so even if they will have the source, they won't have any idea how to use it or work with it.

I think Vanganth knows what he is doing.

Correct, but this panel is vulnerable if its used by default settings.

A minor tweak can be a of great use tho.

Posted

Correct, but this panel is vulnerable if its used by default settings.

A minor tweak can be a of great use tho.

By default settings you mean port ? lol

Posted

By default settings you mean port ? lol

Using it on default port is simply vulnerable and it was proven already.

Its simple to change it tho :)

  • 1 month later...
  • 3 years later...
  • 4 months later...
Guest
This topic is now closed to further replies.


  • Posts

    • 🏰 L2EXALTA LEGACY — Interlude x45 📅 Grand Opening: 31/07/2026 — 21:30 (GMT+3) 🌐 Website: https://l2exalta.org/ 💬 Discord: https://discord.gg/zNTCZD4AcT 📌 Wiki: https://l2exalta.org/en/wiki.html#progression   ⚙️ MAIN INFO Chronicle : Interlude Rates : x45 Adena : x50 Spoil : x1 Drop : x5 Safe Enchant : +3 Files : L2OFF   💰 ECONOMY EX Coin : dynamic market currency, mined from monsters, Raid Bosses and Grand Bosses value fluctuates over time Exalta Vouchers : premium currency used for store, donations and EX Coin exchange Exchange : convert EX Coin into Exalta Vouchers Investment options : choose safer or riskier market strategies with EX Coin   ⚔️ PROGRESSION & GEAR Exalta Armors : signature top-tier gear line Forge System : upgrade weapons, armor and jewels with risk/reward mechanics Raid Boss progression tied to materials and prestige   🤖 AUTOFARM Access : Auto Hunting button, bottom-right UI Duration : controlled via tickets or in-game currency Route Mode : record custom farm routes Support Mode : healer/support builds auto-follow, heal and assist party Smart targeting logic with class-specific behavior (mage/archer/melee/support) Captcha designed not to interrupt legitimate AutoFarm sessions   🧪 BUFFER Exalta Buffer NPC/interface Scheme Buffer : save multiple buff loadouts Class presets for mage, fighter, support, PvP   🛠️ SMART GADGETS / QOL Autoloot filter Drop value tracker Boss timer tools Farm stats tracker Auto-consume system In-game server assistant   🗺️ DUNGEON FINDER / PVE Party matching with roles (Tank / Healer / DPS) Ready-check before teleport Monastery of Silence custom PvE zone Party-based reward structure   🎟️ DAILY PROGRESS / EXALTA PASS Daily and weekly tasks (farm, PvP, boss, check-in) Premium Pass track with extra rewards Monastery Daily Quest Reward boards for claiming progress   🏠 HOUSING & EXPEDITIONS Player residences with service NPCs Exalta Spirit Expeditions to themed territories Rewards vary by territory Owner-only access   🏆 PVP / TOURNAMENT Scheduled Tournament system Ranking points from wins/participation Spectator Mode for watching live matches PvP Statues for top-ranked players Anti-feed protections   🛡️ CLAN CONTENT Clan Civil War battlefield event Clan Dungeon Raid content DPS Meter for contribution tracking Support Credit system Classic siege/clan politics preserved   🏪 AUCTION / SHOPS Auction House with seller fee Black Market Dealer (limited-time special offers) Custom shops and multisells Confirmation prompts on purchases/sales   💳 DONATIONS / VIP Donation rewards linked to Exalta Vouchers VIP tiers with comfort/cosmetic bonuses Premium store Gift/promo codes for events   🎥 STREAMER / COMMUNITY Streamer Panel with visible stream links Viewer rewards system Streamer Points for cosmetics/vouchers In-game voice chat (global/party/clan/alliance/command)   🔒 FAIR PLAY Strong Anti-Bot protection Reward protection tied to valid client state Captcha on suspicious activity Staff investigation tools No bots, packet tools or modified clients allowed   👑 GRANDBOSS SPAWNS Orfen : 1 day + 1h random Core : 1 day + 1h random Queen Ant : 1 day 6h + 1h random Zaken : 2 days 12h + 1h random Baium : 5 days + 1h random Antharas : 8 days + 1h random Valakas : 11 days + 1h random   🏅 OLYMPIAD Runs Thursday, Friday, Saturday Heroes change monthly Balanced and fair matchmaking
    • yup basically another one just in case https://drive.google.com/file/d/1UtccbD9e50x3WEnQBab2PTZnBHwpcGYM/view?usp=sharing LineageWarrior.FMagic (CollideActors = True; > False) LineageWarrior.FOrc (CollideActors = True; > False) LineageWarrior.FShaman (CollideActors = True; > False) LineageWarrior.MDarkElf (CollideActors = True; > False) LineageWarrior.MDwarf (CollideActors = True; > False) LineageWarrior.MElf (CollideActors = True; > False) LineageWarrior.MFighter (CollideActors = True; > False) LineageWarrior.MMagic (CollideActors = True; > False) LineageWarrior.MOrc (CollideActors = True; > False) LineageWarrior.MShaman (CollideActors = True; > False) LineageWarrior.FDwarf (CollideActors = True; > False) LineageWarrior.FElf (CollideActors = True; > False) LineageWarrior.FFighter (CollideActors = True; > False)
    • @l2naylondev Requiring a player to log in just for the sake of logging  seems exploitable. Someone could log in only to claim the reward and immediately leave, or repeatedly change their ip. So i guess  are there are additional protections in place ? such as locking the reward by account, character , and ip. It would also be useful to add a playtime requirement. For example, after logging in, the player would need to remain active for at least x playtime  before getting the reward or other parameters configurable by the xml.  I suggest improving the system before selling it. 
  • Topics

×
×
  • Create New...

Important Information

This community uses essential cookies to function properly. Non-essential cookies and third-party services are used only with your consent. Read our Privacy Policy and We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue..