SRO HACK INVESTIGATION: Hacked ones, post here!

[Crni_Vatreni]

Okay, really weird things happening here. We are all aware of the joymax bugged portal site, and it's possible to hack with knowledge of id only - pw can be changed easily.

What I'm trying to do is to compare the latest hacks.

The questions for all the hacked ones, or their friends who know what happened:

1. Did u type in ur id and pw at joymax email verification at portal site?
2. Did u visit rev6 website? (some guys claim rev6 is involved)
3. Did u visit any of the URLs which spambots have been spamming in towns?
4.Did u use any kind of bot and/or multiclient?
5. Is there any chance u got jacked by a buddy who knows ur id/pw?
6. Do you have a fully updated anti virus?
7. Did u have any Seal of Sun items?

Try answering as close as possible. By doing this, maybe we can see some similarities and/or differences, so we see where's the catch.

Also, any other smart questions would be included, I'll gladly edit the post to add more, so try n help out!

[Nitro]

Okay, really weird things happening here. We are all aware of the joymax bugged portal site, and it's possible to hack with knowledge of id only - pw can be changed easily.

What I'm trying to do is to compare the latest hacks.

The questions for all the hacked ones, or their friends who know what happened:

1. Did u type in ur id and pw at joymax email verification at portal site?
2. Did u visit rev6 website? (some guys claim rev6 is involved)
3. Did u visit any of the URLs which spambots have been spamming in towns?
4.Did u use any kind of bot and/or multiclient?
5. Is there any chance u got jacked by a buddy who knows ur id/pw?
6. Do you have a fully updated anti virus?
7. Did u have any Seal of Sun items?

Try answering as close as possible. By doing this, maybe we can see some similarities and/or differences, so we see where's the catch.

Also, any other smart questions would be included, I'll gladly edit the post to add more, so try n help out!

Sumljam da ce ti ovo itko reci )
Pozz =D

[HellsAdvocate]

wow this thread is sooooo useless, I can tell you HOW and WHY EVERYONE was hacked.


Okay how did they get hacked? same ign as acc username or a rev6 bot was in thier party.

Now, why were they hacked? because they decided to make a silkroad account, guess what, sro hackers dont discriminate sosun or no sosun.

[Crni_Vatreni]

I think there are ppl who didnt get hacked that way. Can u prove ur sayings?

[Vandango]

Packet Sniffer + This Exploit = Heaven For Hackers

[Crni_Vatreni]

Packet Sniffer + This Exploit = Heaven For Hackers

Err... right. So what do I do in order to protect my account?

[Jazba]

make a new account for a timebeing n transfer all ur shit to that account.
username muz be diff from IGN (ign = in game name)
stop playing sro for a month ^_^
come back and Njoy

[Crumpets]

Okay how did they get hacked? same ign as acc username or a rev6 bot was in thier party.

Oh yes cause a rev6 LadderBot can hack you.

if you are going to insult this thread by calling it useless you should try and at least provide FACTS when you flame.

[Driver]

First I have to say that this is BY FAR THE MOST IMPORTANT topic that I have see here in this forum for a long time... CRNI is trying to help all to understand this problem, shame on the flamers really...

1. Did u type in ur id and pw at joymax email verification at portal site?
2. Did u visit rev6 website? (some guys claim rev6 is involved)
3. Did u visit any of the URLs which spambots have been spamming in towns?
4.Did u use any kind of bot and/or multiclient?
5. Is there any chance u got jacked by a buddy who knows ur id/pw?
6. Do you have a fully updated anti virus?
7. Did u have any Seal of Sun items?

Let me try to give details from people that I know in union/guild/friends/msn and have given me answers to this:

FIRST ONE:

1-yes, but in the first days that they implement this
2- No
3- No
4- Yes
5- Yes
6- Yes

SECOND ONE:

1-Yes, but only 2 weeks ago
2- Yes
3- No
4- No
5- No
6-Yes (Nod32 he have said...)
7-Yes

THIRD ONE:

1- Yes, but only in the past few days
2- Yes
3- No
4- Yes
5- No
6- Yes
7- Yes

One more thing: All three of this guys have IGN = ID ... However one of them as a really badass password (I mean a 100% random one, not word or something)

Hope that this helps

OF: When you can come to msn, I have news about my chargeback

[n00bzZ]

Don't see why botters are whining about it.

[MrFudge]

Don't see why botters are whining about it.

cuz a month goes down the drain when your lvl 80 gets hacked.

[Midori]

Don't see why botters are whining about it.

cuz a month goes down the drain when your lvl 80 gets hacked.

+1

[ericxdeath]

botters are people too..

[DarkJackal]

Ppl that sro would be good without~ Along with pretty much every other game.

[Midori]

botters are people too..

get out, now.

[Rainigul]

1. Did u type in ur id and pw at joymax email verification at portal site?
2. Did u visit rev6 website? (some guys claim rev6 is involved)
3. Did u visit any of the URLs which spambots have been spamming in towns?
4.Did u use any kind of bot and/or multiclient?
5. Is there any chance u got jacked by a buddy who knows ur id/pw?
6. Do you have a fully updated anti virus?
7. Did u have any Seal of Sun items?

I was playing for a long time with none of those, so I dunno what it was.

I think people just wanted my leet character.

[tomiotar]

1. Did u type in ur id and pw at joymax email verification at portal site?
2. Did u visit rev6 website? (some guys claim rev6 is involved)
3. Did u visit any of the URLs which spambots have been spamming in towns?
4.Did u use any kind of bot and/or multiclient?
5. Is there any chance u got jacked by a buddy who knows ur id/pw?
6. Do you have a fully updated anti virus?
7. Did u have any Seal of Sun items?

1. yes
2. yes
3. no
4. no
5. no
6. yes
7. no


Cya all my char was hacked.

[MrFudge]

tomio, omg
the face of the 70:70 bow gone =/

[Mage Pker]

rev6 has posted a detailed way of hacking. has nothing to do with email verification..

literally. all you need to do is have someones acc name and change it on the URL...

[Axeoo7]

1. YES
2. YES
3. NO
4. NO 100% LEGIT NO GOLD BUYING OR EVER VISTED BOT SITES EVEN JUST TO LOOK.
5. NO PW WAS CHANGED SHOULD NOT BE POSSIBLE
6. YES
7. NO ALL GEARS + 4 NOTHING SPECIAL GLAVIE + 7

[skandal]

Oh yes cause a rev6 LadderBot can hack you.

Yah sure...a rev6 bot can bring the plague back, and botters are in fact martians....

First of all, most of you who talk bout hacking here don't know jack about it...i read pages of threads in which everybody was sure its this, or that...from rev6 to mysql injection, to packet sniffers, to the fact that one has formatted his hard drive...Non-sense...

It's true in this domain called IT there are alot of scientific terms, all which sound better than the other...But that doesn't mean you have to pour them down here claiming you actually know something...

Let's start : rev6...that bot only gathers info bout your equips and gear, how the hell is it supposed to hack you? that's just a scapegoat for the ignorants...

MySQL injection : again, nobody knows what this is, except a few...it is not possible on joymax's site, or at least not directly, so stop bshiting...

Packet sniffer ... well crumpets, to give you, and those @ srf an idea what a packet sniffer is, ima make a comparison...

Packets being sent back and forth are like cars runnin on a highway...let's assume their info is the license plate...one of theese cars has the info : your id and your password...that's the car the hacker wants, not the others...a packet sniffer is like one standing next to the road writing down all license numbers he sees...now problem with this is obvious...how can he write down your id and pass if he is like miles away from the highway? Answer : he cannot...That's right, a packet sniffer needs to be on a pc which is in the route of your packets towards Joymax...

This may be your router, your ISP's router or an international router...now i doubt bush really wants your id/pass,and prolly your isp doesnt need a new SRO acc also...so the only way to get hacked by this method is if youre leeching interent off your neighbour's through a router/insecure wireless LAN and your neighbour is pissed off at your sun wep...pretty clear...

Oh, one more thing, hacking the DB is not an option to get passwords, since they are hashed...they can at most be modified, which wuld be almost the same thing, but not read...Not even joymax knows your damn password...

What has happened is that it appears there is an exploit on the joymax.com site which allows one to change an id's password w.o knowing the present one/any other info...so for you safety, do not give even id's away to nobody.and for fu.ck's sake
DO NOT POST ON THE SILKROADONLINE.NET FORUM WITH YOUR MAIN CHAR'S ID...it can be read very easily.Now hope nobody here gets hacked...have a pleasant day...

[the_wicked]

Oh yes cause a rev6 LadderBot can hack you.

Yah sure...a rev6 bot can bring the plague back, and botters are in fact martians....

First of all, most of you who talk bout hacking here don't know jack about it...i read pages of threads in which everybody was sure its this, or that...from rev6 to mysql injection, to packet sniffers, to the fact that one has formatted his hard drive...Non-sense...

It's true in this domain called IT there are alot of scientific terms, all which sound better than the other...But that doesn't mean you have to pour them down here claiming you actually know something...

Let's start : rev6...that bot only gathers info bout your equips and gear, how the hell is it supposed to hack you? that's just a scapegoat for the ignorants...

MySQL injection : again, nobody knows what this is, except a few...it is not possible on joymax's site, or at least not directly, so stop bshiting...

Packet sniffer ... well crumpets, to give you, and those @ srf an idea what a packet sniffer is, ima make a comparison...

Packets being sent back and forth are like cars runnin on a highway...let's assume their info is the license plate...one of theese cars has the info : your id and your password...that's the car the hacker wants, not the others...a packet sniffer is like one standing next to the road writing down all license numbers he sees...now problem with this is obvious...how can he write down your id and pass if he is like miles away from the highway? Answer : he cannot...That's right, a packet sniffer needs to be on a pc which is in the route of your packets towards Joymax...

This may be your router, your ISP's router or an international router...now i doubt bush really wants your id/pass,and prolly your isp doesnt need a new SRO acc also...so the only way to get hacked by this method is if youre leeching interent off your neighbour's through a router/insecure wireless LAN and your neighbour is pissed off at your sun wep...pretty clear...

Oh, one more thing, hacking the DB is not an option to get passwords, since they are hashed...they can at most be modified, which wuld be almost the same thing, but not read...Not even joymax knows your damn password...

What has happened is that it appears there is an exploit on the joymax.com site which allows one to change an id's password w.o knowing the present one/any other info...so for you safety, do not give even id's away to nobody.and for fu.ck's sake
DO NOT POST ON THE SILKROADONLINE.NET FORUM WITH YOUR MAIN CHAR'S ID...it can be read very easily.Now hope nobody here gets hacked...have a pleasant day...

edit read it, crumps was still being sarcastic

[Matrixman__]

Oh yes cause a rev6 LadderBot can hack you.

Yah sure...a rev6 bot can bring the plague back, and botters are in fact martians....

First of all, most of you who talk bout hacking here don't know jack about it...i read pages of threads in which everybody was sure its this, or that...from rev6 to mysql injection, to packet sniffers, to the fact that one has formatted his hard drive...Non-sense...

It's true in this domain called IT there are alot of scientific terms, all which sound better than the other...But that doesn't mean you have to pour them down here claiming you actually know something...

Let's start : rev6...that bot only gathers info bout your equips and gear, how the hell is it supposed to hack you? that's just a scapegoat for the ignorants...

MySQL injection : again, nobody knows what this is, except a few...it is not possible on joymax's site, or at least not directly, so stop bshiting...

Packet sniffer ... well crumpets, to give you, and those @ srf an idea what a packet sniffer is, ima make a comparison...

Packets being sent back and forth are like cars runnin on a highway...let's assume their info is the license plate...one of theese cars has the info : your id and your password...that's the car the hacker wants, not the others...a packet sniffer is like one standing next to the road writing down all license numbers he sees...now problem with this is obvious...how can he write down your id and pass if he is like miles away from the highway? Answer : he cannot...That's right, a packet sniffer needs to be on a pc which is in the route of your packets towards Joymax...

This may be your router, your ISP's router or an international router...now i doubt bush really wants your id/pass,and prolly your isp doesnt need a new SRO acc also...so the only way to get hacked by this method is if youre leeching interent off your neighbour's through a router/insecure wireless LAN and your neighbour is pissed off at your sun wep...pretty clear...

Oh, one more thing, hacking the DB is not an option to get passwords, since they are hashed...they can at most be modified, which wuld be almost the same thing, but not read...Not even joymax knows your damn password...

What has happened is that it appears there is an exploit on the joymax.com site which allows one to change an id's password w.o knowing the present one/any other info...so for you safety, do not give even id's away to nobody.and for fu.ck's sake
DO NOT POST ON THE SILKROADONLINE.NET FORUM WITH YOUR MAIN CHAR'S ID...it can be read very easily.Now hope nobody here gets hacked...have a pleasant day...

didnt read all that, but crumpets was being sarcastic

ya, he was being sarcastic...also, if you havent noticed, you cannot post on the official forums without using one of ur IGN's, your id isnt shown nemore, that was fixed months ago

about ur packet sniffing analogy, think of it more like this, you are running a packet sniffer is like standing on the side of a highway, and other players happen to travel on that same road you are standing on, all you have to do is write down the ones that pass you. its not like ur can only stand on ur own highway, infact all of the highways are public owned, we (players) just travel along them...hope that make sense lol

[ping_lo]

MySQL injection : again, nobody knows what this is, except a few...it is not possible on joymax's site, or at least not directly, so stop bshiting...

Directly or indirectly it is possible. It is not hard to come up with a script or some small little app to feed a page on the server with an escaped sequence followed by an SQL querry to be executed in place of the intended one. Though you are correct this could not be used to dump the passwords as plain text. Hell even if you dumped the whole database there is nothing to say that you will be able to tell what all the fields are. It would however with a few assumptions the user ID and a little ingenuity to use said same sequence to update the password field with a new hash of your choice. Though reading the info on the rev6 site it seems something a bit more simple was done.

ya, he was being sarcastic...also, if you havent noticed, you cannot post on the official forums without using one of ur IGN's, your id isnt shown nemore, that was fixed months ago

about ur packet sniffing analogy, think of it more like this, you are running a packet sniffer is like standing on the side of a highway, and other players happen to travel on that same road you are standing on, all you have to do is write down the ones that pass you. its not like ur can only stand on ur own highway, infact all of the highways are public owned, we (players) just travel along them...hope that make sense lol

Er..... no that made no sense as he knows what he is talking about as do I and you do not. Your PC and your modem is a culdesac at the arse end of a residential neighborhood. The only way you are getting anyones license is to have them practically park in your yard.

Depending on your ISP some may see more than others. Cable modems are notorious. I can see most everyone on my node. Anything on the other side of that node I can only see if it is sent to me etc. So this means I can sniff their email, FTP, ICQ, and AIM info just fine. But not the info of someone else in another neighborhood in another state in another country on the other side of the planet etc. Dial up and phone line DSL are even more isolated. The bandwidth to the node is yours and not shared. You see what is yours only.

So what wicked said is correct. Unless you have a sniffer on one of the border routers to joymax's network or access to a major telecom backbone most of which require extensive background checks and clearance by the FBI sniffing will get you squat.

[Itonami]

1. Did u type in ur id and pw at joymax email verification at portal site?
Yes

2. Did u visit rev6 website? (some guys claim rev6 is involved)
Yeah

3. Did u visit any of the URLs which spambots have been spamming in towns?
Nopers

4.Did u use any kind of bot and/or multiclient?
nope

5. Is there any chance u got jacked by a buddy who knows ur id/pw?
eh, doubtful

6. Do you have a fully updated anti virus?
None whatsoever =X, but sometimes im at a cafe on a shared network thingy?

7. Did u have any Seal of Sun items?
No sox whatsoever.. just fuly pimped stuff

[LordOffWar]

verification at portal site?
no i bought silk nothing else

2. Did u visit rev6 website? (some guys claim rev6 is involved)
Yep

3. Did u visit any of the URLs which spambots have been spamming in towns?
Nope

4.Did u use any kind of bot and/or multiclient?
nop

5. Is there any chance u got jacked by a buddy who knows ur id/pw?
hell no^^

6. Do you have a fully updated anti virus? yep Norton
7. Did u have any Seal of Sun items? yep alot

[Bg_DrEaM]

I write for an acc that's a frined of mine's so i'm not comlitely sure...but
1. Did u type in ur id and pw at joymax email verification at portal site?
Not before the hack...and after that it was too late...
2. Did u visit rev6 website? (some guys claim rev6 is involved)
Yes
3. Did u visit any of the URLs which spambots have been spamming in towns?
Yes
4.Did u use any kind of bot and/or multiclient?
No
5. Is there any chance u got jacked by a buddy who knows ur id/pw?
Not really,but...
6. Do you have a fully updated anti virus?
Not sure,i think so
7. Did u have any Seal of Sun items?
No, but 2 sets fully pumped 7 and 8 d...

[chickenfeather]

Mebbe you should add a poll too, so you don't have to manually count the posts

[Crni_Vatreni]

As much as I noticed, most of the ppl hacked visited the joymax.com portal. Still, I'm very happy to see there are ppl who actually know things about hacking.

Oh, one thing I noticed.
I'm in a 100% legit guild. Since most of them are my real life friends, I can guarantee for that. Whenever I type a legit's name at rev6. it displays info 6 months old or more! I checked myself, and it says I am lvl64. I was 64 loooong time ago ¬¬ same thing for my legit buddies. Everyone's info is very very old. On the other side, I checked some of my botting buddies. They always have fully updated info... wth?

Guys keep posting. Btw, hhow to make poll? There are 7 questions ¬¬

[Nyahgis]

As much as I noticed, most of the ppl hacked visited the joymax.com portal. Still, I'm very happy to see there are ppl who actually know things about hacking.

Oh, one thing I noticed.
I'm in a 100% legit guild. Since most of them are my real life friends, I can guarantee for that. Whenever I type a legit's name at rev6. it displays info 6 months old or more! I checked myself, and it says I am lvl64. I was 64 loooong time ago ¬¬ same thing for my legit buddies. Everyone's info is very very old. On the other side, I checked some of my botting buddies. They always have fully updated info... wth?

Guys keep posting. Btw, hhow to make poll? There are 7 questions ¬¬

You guys are most likely not on when the rev6 packet bots are ran. [Or whatever ya wanna call em.] Bots are on most of the day.