Author Topic: LADDER ABUSE AND ACCOUNT SECURITY  (Read 49100 times)

Offline EviL~Ryu

  • (ง︡'-'︠)ง "Bitchin!" ®©℗™
  • Dragon
  • **********
  • Posts: 6059
  • "It's going to be Legen-(wait for it......)-DARY!"
    • View Profile
    • Clan EviL Official Page
Re: LADDER ABUSE AND ACCOUNT SECURITY
« Reply #60 on: June 05, 2015, 06:56:31 PM »

Im so fucking happy, all these peoples have what they deserve for supportig hacker.

Rofl stfu, your no better. Ur just too dumb to pull something off as elaborate as this.

Hows that server of yours coming along?? Let me know when it's done so I'll log on and let you "hack" me.



Sent from my Motorola DynaTAC 8000X using Tapatalk

-Administrator of Clan EviL
-Developer (Trivia Development and Analytics)

Offline Nox

  • Death Knight
  • *********
  • Posts: 4133
    • View Profile
Re: LADDER ABUSE AND ACCOUNT SECURITY
« Reply #61 on: June 05, 2015, 07:22:00 PM »
Actually im about to be top 1 at heroes of storm so you can believe i dont really cares while you guys are hacking each everyone of you.

Lol
Mr.120apm aka U8! Best player of the world losing 4v3 against Phillip5256.

Offline SmurfKinG

  • Sappers
  • ******
  • Posts: 991
    • View Profile
Re: LADDER ABUSE AND ACCOUNT SECURITY
« Reply #62 on: June 05, 2015, 07:29:02 PM »
mousey do u have access to reboot the server

in the meantime would be great to do cuz its annoying getting all those ghost games in /games list

Offline Player

  • Axe Thrower
  • ****
  • Posts: 484
    • View Profile
Re: LADDER ABUSE AND ACCOUNT SECURITY
« Reply #63 on: June 05, 2015, 07:39:33 PM »
I never logged into his site, server, etc., and he had my pw. 

Offline EviL~Ryu

  • (ง︡'-'︠)ง "Bitchin!" ®©℗™
  • Dragon
  • **********
  • Posts: 6059
  • "It's going to be Legen-(wait for it......)-DARY!"
    • View Profile
    • Clan EviL Official Page
Re: LADDER ABUSE AND ACCOUNT SECURITY
« Reply #64 on: June 05, 2015, 07:41:56 PM »

Actually im about to be top 1 at heroes of storm so you can believe i dont really cares while you guys are hacking each everyone of you.

Lol

So I'll take that as a no...


Sent from my Motorola DynaTAC 8000X using Tapatalk

-Administrator of Clan EviL
-Developer (Trivia Development and Analytics)

Offline SmurfKinG

  • Sappers
  • ******
  • Posts: 991
    • View Profile
Re: LADDER ABUSE AND ACCOUNT SECURITY
« Reply #65 on: June 05, 2015, 07:45:45 PM »
They logged on to his server, so he grabbed the hashes for passwords and reversed them. He is not an average Joe and loves IT, security, Development. Lance, usa, etc did the same trick.... This should be known by now....


i havent seen frost in what? a year? or maybe more... i doubt he joined that noob server AND
just asked medivh if he ever logged onto archers server, neither did he :P


« Last Edit: June 05, 2015, 07:47:46 PM by SmurfKinG »

Offline Nox

  • Death Knight
  • *********
  • Posts: 4133
    • View Profile
Re: LADDER ABUSE AND ACCOUNT SECURITY
« Reply #66 on: June 05, 2015, 07:54:43 PM »

Actually im about to be top 1 at heroes of storm so you can believe i dont really cares while you guys are hacking each everyone of you.

Lol

So I'll take that as a no...


Sent from my Motorola DynaTAC 8000X using Tapatalk

I already elaborate... They dont protect us good and all this admins are hacking anyway.

Moustopher is the one who get her password caught by joining usa archers website and he get acces to our admin setting on ru.

Wake up your all blind again.

Blid and tk are probably the only ones who dont hacks.
« Last Edit: June 05, 2015, 08:44:36 PM by Equinox »
Mr.120apm aka U8! Best player of the world losing 4v3 against Phillip5256.

Offline EviL~Ryu

  • (ง︡'-'︠)ง "Bitchin!" ®©℗™
  • Dragon
  • **********
  • Posts: 6059
  • "It's going to be Legen-(wait for it......)-DARY!"
    • View Profile
    • Clan EviL Official Page
LADDER ABUSE AND ACCOUNT SECURITY
« Reply #67 on: June 05, 2015, 08:34:33 PM »

Actually im about to be top 1 at heroes of storm so you can believe i dont really cares while you guys are hacking each everyone of you.

Lol

So I'll take that as a no...


Sent from my Motorola DynaTAC 8000X using Tapatalk

I already elaborate... They dont protect us good and all this admins are hacking anyway.

Moustopher is the one who get her password caught by joining evil website and he get acces to our admin setting on ru.

Wake up your all blind again.

Blid and tk are probably the only ones who dont hacks.

No the admins aren't hackers... they are just dimwits besides iL and LB, maybe the rodent when she's not on her period.


Sent from my Motorola DynaTAC 8000X using Tapatalk

-Administrator of Clan EviL
-Developer (Trivia Development and Analytics)

Offline Nox

  • Death Knight
  • *********
  • Posts: 4133
    • View Profile
Re: LADDER ABUSE AND ACCOUNT SECURITY
« Reply #68 on: June 05, 2015, 08:44:14 PM »
Lightbringer hacks, moustopher probably hacks too by supporting archers, and iL probably hacks too by standing all day long on back up server with a hacker like you.

Because yes you hack too and you know it Evil Nerd.
Mr.120apm aka U8! Best player of the world losing 4v3 against Phillip5256.

Offline EviL~Ryu

  • (ง︡'-'︠)ง "Bitchin!" ®©℗™
  • Dragon
  • **********
  • Posts: 6059
  • "It's going to be Legen-(wait for it......)-DARY!"
    • View Profile
    • Clan EviL Official Page
LADDER ABUSE AND ACCOUNT SECURITY
« Reply #69 on: June 05, 2015, 08:58:10 PM »
Lightbringer hacks, moustopher probably hacks too by supporting archers, and iL probably hacks too by standing all day long on back up server with a hacker like you.

Because yes you hack too and you know it Evil Nerd.


Whoa nerd? Someone is a cyberbully.




Sent from my Motorola DynaTAC 8000X using Tapatalk

-Administrator of Clan EviL
-Developer (Trivia Development and Analytics)

Offline mousEtopher

  • Administrator
  • Ogre Mage
  • *****
  • Posts: 2065
    • View Profile
    • War2.me
Re: LADDER ABUSE AND ACCOUNT SECURITY
« Reply #70 on: June 05, 2015, 09:10:46 PM »
I already elaborate... They dont protect us good and all this admins are hacking anyway.

Moustopher is the one who get her password caught by joining usa archers website and he get acces to our admin setting on ru.

Wake up your all blind again.

Blid and tk are probably the only ones who dont hacks.

lol what. I genuinely laughed out loud. Your accusations get more outlandish by the minute!
squeak!

Offline {Lance}

  • Sappers
  • ******
  • Posts: 889
    • View Profile
Re: LADDER ABUSE AND ACCOUNT SECURITY
« Reply #71 on: June 05, 2015, 09:16:42 PM »
Sup forum scrubs :D  I'm back for 1 post ;).  Anyway,  if he had ANY read access to the PVPGN DB (either his own, or war2ru) there is a very well known hash reversal tool that can be used to decrypt ANY pw in that DB and it will take less than 1sec to decrypt even a 128 character pw.  The problem is with PVPGN's attempt to recreate the wheel (AKA they tried to make their own a pw hash rather than use an industry standard one like 99% of all other apps) because it has a bug in it that has NEVER been fixed.  As someone who has done this myself,  I can say without certainty that what I've read here,  he likely has everyone's pw.  He'll continue to be a pain for many years to come as the DB has many inactive accounts that will not have their pw's reset for quite some time.  As for why he's not using administrative accounts,  there is only 1 reason.  He thought he was being stealthy and didnt want it to be obvious that he had the DB and was decrypting pw's.  He knows that once the SQL injection is fixed,  he'll lose access to it.  First order of business should be to check the website's DB, the game's DB, and all the files on the server for anything that looks like a PHP shell or runs a query.

For those that dont believe a word I say......  http://www.tobtu.com/revxsha1.php   <--- this is all you need to read to know that he likely has the entire user db and is simply using this website to decrypt them one or even 10 at a time.  It's childs play to take this guy's work and make your own mass decrypting tool.  I've done it,  so can anyone else.

BTW,  until his access to the DB is cut,  no amount of changing pw's on anyones account is going to stop him from using them.  I did a quick check of the ladder site and the SQL injection vulns that use to be there are not there now.  I do not know when they were patched but they existed for a very very long time.  I suspect he may be using game names OR map names as the injection point.  If game names are not sanitized,  it's completely possible that the server could run any code in it.  Did any of his games begin with a ' or perhaps <?php or something of that nature?  Map names maybe?  All of those are possible SQL injection vector points.  Actually any user input is subject to that which includes game names, map names, passwords, usernames, or any combination of them.  There is also the WP site itself as well.  I havent looked at the game logs myself so IDK what maps he was playing or the game names.  So these are just some best guesses atm.  I dont read these forums very often right now,  been pretty busy lately,  but mousetopher said I should read the forums and now I see why ;)
« Last Edit: June 05, 2015, 09:20:20 PM by {Lance} »
Dk At hall is cause I started with temple at start and didn't need the castle . Not a hack .  I wouldn't bother editing a ss btw

^---- Dellam doesnt hack!  See, even by his own admission, no hack!!  LMFAO.

Offline Certified MENSA Genius Brain (smart)

  • "The Architect"
  • Global Moderator
  • Dragon
  • *****
  • Posts: 5384
    • View Profile
Re: LADDER ABUSE AND ACCOUNT SECURITY
« Reply #72 on: June 05, 2015, 09:27:03 PM »
yah i think he's doing sql injections via the map name in addition to or rather than stealing accounts.
4th post in thread :X
    

Offline Delete mine too

  • Death Knight
  • *********
  • Posts: 2652
  • http://meatspin.com
    • View Profile
    • http://meatspin.com
Re: LADDER ABUSE AND ACCOUNT SECURITY
« Reply #73 on: June 05, 2015, 09:55:43 PM »
Yeah security 101 you learn any input from a user is a threat.
Yep I pretty much summed it all up with out a essay. If he did inject that way owned....

Edit: has iL been contacted to investigate?
What was the account name you guys saw the php code in games lobby.

Why a guy so smart doesn't hide his ass?? That still puzzles me, he knows games are logged, why fail to hide his ass??? I just linked him to the bot the other day he used to do this...
« Last Edit: June 05, 2015, 10:18:32 PM by tupac »

Offline {Lance}

  • Sappers
  • ******
  • Posts: 889
    • View Profile
Re: LADDER ABUSE AND ACCOUNT SECURITY
« Reply #74 on: June 05, 2015, 10:30:50 PM »
http://ladder.war2.ru/reports/gr_20150605151343_030285   <--- example,  he used use-archer I guess.  This is one of the  attempts although its not a mysql injection attempt, its a code execution attempt.  If that game name is used on one of the ladder pages and that code actually ran,  it could result in some bad things if he so pleased.  If you look at the game logs, you'll see a bunch with "" as the game name.  Those are his attempts.  The game logs show the actual game name since those are not PHP pages.

At the very least it does prove that this is an XSS vulnerability since it can run JS and steal cookies.  It could also be much more than that as well.
« Last Edit: June 05, 2015, 10:42:41 PM by {Lance} »
Dk At hall is cause I started with temple at start and didn't need the castle . Not a hack .  I wouldn't bother editing a ss btw

^---- Dellam doesnt hack!  See, even by his own admission, no hack!!  LMFAO.