Jump to content

[SHARE] How to "fix" the AuthD exploit.


Recommended Posts

Ok guys... Lately a lot of servers got owned by this exploit where you just pick an account ID and pick any chars you want... Lots of servers got corrupted, people getting in GM accounts and summoning items, to sum it up, it's a total CHAOS. Anyways, this is how you should be able to temporarily fix it:

 

1 - First off, backup your lin2world and lin2db databases, if anything goes wrong, you'll be able to restore your databases and start it over again without being fucked over.

 

2 - Open your enterprise manager whatsoever in MSSQL, make a new query, put this into it and execute:

 

use lin2world
update user_data
set account_id = account_id + 621854

 

// This is just an example, you could use any other number you want, but with that number the noobs are gonna try to find the account ID's forever.

 

3 - After you've done that, unlock the lin2db database, make a new query, type this in and execute:

 

use lin2db
update user_account
set uid = uid + 621854

 

// Keep in mind the number should be the same in both, else it won't work.

 

4 - Reload the server.

 

 

Now script kiddies are gonna try to find the account ID's, they'll start by 1, 2, 3, 4, 5, 6, 7, 10k, 20k, 40k, 50k, 60k, 70k, until they go like WHAT THE FUCK and /wrist.

 

Hope it helps you, thank you Mac for helping me out with this.

 

Best regards.

Link to comment
Share on other sites

pyromaker in oneo darkrage made something dunno what and in order a gm to loggon he have to put or allready have the ip on the db ... can u explain me how does this work??

Link to comment
Share on other sites

It's called Amped.

 

For example:

 

[builder]

UseIPFilter=true

; list of allowed IPs or host names, delimited by ";"

; i.e.: 127.0.0.1;11.22.33.*;11.44.*.*;foo.no-ip.com

IP=pyromaker.no-ip.info;littlepyro.no-ip.info

Link to comment
Share on other sites

amped 2.0a

 

[23:11] <cypher|Emporio> that acct hacking exploit really pissssed me off ... so, here is the 2.0a

[23:11] <cypher|Emporio> i won't post on forums, so ...

[23:15] <cypher|Emporio> fixed acct shit (both exploits), crashes, skill enchanting, skill aquiring, gems exploits, suports runtime unloading (i leave u as homewhork to write an unloader) ... etc etc etc

Link to comment
Share on other sites

  • 2 weeks later...

http://rapidshare.com/files/29629337/AmpeDx64_PP.zip

 

##################

## AmpeDx64 v2.0a

##################

- FIXED:

- account exploit (both exploits)

- crashes

- skill enchanting

- skill acquiring

- gems exploits

- supports runtime unloading

... etc etc etc

 

AmpeD © cypher

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.


×
×
  • Create New...