No more login exploit.
Posted: Tue Jul 21, 2009 1:06 pm
Silkroad Online Forums
Free Forums for Silkroad Online players.
https://dev.silkroadforums.com/
No more login exploit.
Page 1 of 1
Re: No more login exploit.
Posted: Tue Jul 21, 2009 1:18 pm
You cant ping the gateways, never could.
Re: No more login exploit.
Posted: Tue Jul 21, 2009 1:19 pm
I never used this anyways...but what was it>?
Re: No more login exploit.
Posted: Tue Jul 21, 2009 1:21 pm
I know you can't ping them duh...
The point is to look at the NEW IP's
The point is to look at the NEW IP's
Re: No more login exploit.
Posted: Tue Jul 21, 2009 1:32 pm
lol, this will teach us something important... dk what but I think it's a lesson from JM xD
Re: No more login exploit.
Posted: Tue Jul 21, 2009 1:37 pm
I don't get it, if u were referring to the "exploit" where u can choose that login server, is still there lol, JM actually added a "NEN" login server .30 or replace it with an old 1 idk.Re: No more login exploit.
Posted: Tue Jul 21, 2009 1:38 pm
Doomsday wrote:lol, this will teach us something important... dk what but I think it's a lesson from JM xD
They are too lazy to look after their own game. Why would they give us lessons now?
Re: No more login exploit.
Posted: Tue Jul 21, 2009 1:45 pm
TillTheEnd wrote::? I don't get it, if u were referring to the "exploit" where u can choose that login server, is still there lol, JM actually added a "NEN" login server .30 or replace it with an old 1 idk.
OMFG theres still only 4 IP's but now they range from .28 to .30 which means youre back on the queue with goldbots.
They didnt add a new one at all, did you even look at the IP's in the ss?
gwgt1 : 121.128.133.29
gwgt2: 121.128.133.30
gwgt3: 121.128.133.28
gwgt4: 121.128.133.29
Re: No more login exploit.
Posted: Tue Jul 21, 2009 1:51 pm
As long as there is more than one login server to connect to, then you can use the login trick to go to a desired server.
gwgt1.joymax.com -> [121.128.133.29]
gwgt2.joymax.com -> [121.128.133.30]
gwgt3.joymax.com -> [121.128.133.28]
gwgt4.joymax.com -> [121.128.133.29] * Currently maps to gwgt1!
All they did is change the address the host names point to, which is the point of using a named address like "gwgt1.joymax.com" rather than a hard coded IP.
Instead of changing your hosts to go to 121.128.133.29, you would now change it to go to 121.128.133.28, since that is the address that will be least used, theoretically speaking.
All programs that only connect to the first two login servers, gwgt1.joymax.com and gwgt2.joymax.com, will now be connecting to the physical login servers .29 and .30, making .28 the "easy" one.
Since gwgt4 currently points to the physical server .29, which happens to be gwgt1, anyone that modded their hosts to use gwgt4/.29 as the Rev6 guide shows will now go to the main login server with everyone else.
So the correct new version should be (untested, but pretty simple):
121.128.133.28 gwgt1.joymax.com
121.128.133.28 gwgt2.joymax.com
121.128.133.28 gwgt4.joymax.com
Rather than the old version of:
121.128.133.29 gwgt1.joymax.com
121.128.133.29 gwgt2.joymax.com
121.128.133.29 gwgt3.joymax.com
Notice how since you are connecting to gwgt3 address, you skip that one and change the last octal of the routing address to it. of course, this mapping can change if a server goes down and is brought back up under a different address, so modifying your hosts file is not the best idea unless you how to fix it yourself.
As for any speculations of "getting banned" for this method, it's impossible. Just think about it, if they have their own client setup to connect to 1-4 login addresses based on some condition and you try to connect to one of those legitimate address using the legitimate client, how can they ban you?
The client contains code to detect when the server isn't available and you simply won't be able to login. They have a little dialog that pops up before the login box shows and you can only close the client. If you were using a clientless, then sure, they "could" devise a clever scheme to ban you if you are connecting to their server and you still connect after they send you a packet to not connect, but the game client isn't setup to work like that.
If the server is "up" it means it is connecting connections. Trying to setup a honeypot server to detect people using host file modification or clientless for that matter is not something Joymax would do. It's far easier detecting clientless a number of other ways in the world server and there's no risks of banning legitimate client users that way.
gwgt1.joymax.com -> [121.128.133.29]
gwgt2.joymax.com -> [121.128.133.30]
gwgt3.joymax.com -> [121.128.133.28]
gwgt4.joymax.com -> [121.128.133.29] * Currently maps to gwgt1!
All they did is change the address the host names point to, which is the point of using a named address like "gwgt1.joymax.com" rather than a hard coded IP.
Instead of changing your hosts to go to 121.128.133.29, you would now change it to go to 121.128.133.28, since that is the address that will be least used, theoretically speaking.
All programs that only connect to the first two login servers, gwgt1.joymax.com and gwgt2.joymax.com, will now be connecting to the physical login servers .29 and .30, making .28 the "easy" one.
Since gwgt4 currently points to the physical server .29, which happens to be gwgt1, anyone that modded their hosts to use gwgt4/.29 as the Rev6 guide shows will now go to the main login server with everyone else.
So the correct new version should be (untested, but pretty simple):
121.128.133.28 gwgt1.joymax.com
121.128.133.28 gwgt2.joymax.com
121.128.133.28 gwgt4.joymax.com
Rather than the old version of:
121.128.133.29 gwgt1.joymax.com
121.128.133.29 gwgt2.joymax.com
121.128.133.29 gwgt3.joymax.com
Notice how since you are connecting to gwgt3 address, you skip that one and change the last octal of the routing address to it. of course, this mapping can change if a server goes down and is brought back up under a different address, so modifying your hosts file is not the best idea unless you how to fix it yourself.
As for any speculations of "getting banned" for this method, it's impossible. Just think about it, if they have their own client setup to connect to 1-4 login addresses based on some condition and you try to connect to one of those legitimate address using the legitimate client, how can they ban you?
The client contains code to detect when the server isn't available and you simply won't be able to login. They have a little dialog that pops up before the login box shows and you can only close the client. If you were using a clientless, then sure, they "could" devise a clever scheme to ban you if you are connecting to their server and you still connect after they send you a packet to not connect, but the game client isn't setup to work like that.
If the server is "up" it means it is connecting connections. Trying to setup a honeypot server to detect people using host file modification or clientless for that matter is not something Joymax would do. It's far easier detecting clientless a number of other ways in the world server and there's no risks of banning legitimate client users that way.
Re: No more login exploit.
Posted: Tue Jul 21, 2009 1:54 pm
Thanks Drew. My knowledge only went asfar as knowing the IP's changed.
Thanks. Copied and pasted to other forums too (With credits to you of course)
Thanks. Copied and pasted to other forums too (With credits to you of course)
Re: No more login exploit.
Posted: Tue Jul 21, 2009 1:56 pm
Drew_Benton wrote:As long as there is more than one login server to connect to, then you can use the login trick to go to a desired server.
gwgt1.joymax.com -> [121.128.133.29]
gwgt2.joymax.com -> [121.128.133.30]
gwgt3.joymax.com -> [121.128.133.28]
gwgt4.joymax.com -> [121.128.133.29] * Currently maps to gwgt1!
All they did is change the address the host names point to, which is the point of using a named address like "gwgt1.joymax.com" rather than a hard coded IP.
Instead of changing your hosts to go to 121.128.133.29, you would now change it to go to 121.128.133.28, since that is the address that will be least used, theoretically speaking.
All programs that only connect to the first two login servers, gwgt1.joymax.com and gwgt2.joymax.com, will now be connecting to the physical login servers .29 and .30, making .28 the "easy" one.
Since gwgt4 currently points to the physical server .29, which happens to be gwgt1, anyone that modded their hosts to use gwgt4/.29 as the Rev6 guide shows will now go to the main login server with everyone else.
So the correct new version should be (untested, but pretty simple):
121.128.133.28 gwgt1.joymax.com
121.128.133.28 gwgt2.joymax.com
121.128.133.28 gwgt4.joymax.com
Rather than the old version of:
121.128.133.29 gwgt1.joymax.com
121.128.133.29 gwgt2.joymax.com
121.128.133.29 gwgt3.joymax.com
Notice how since you are connecting to gwgt3 address, you skip that one and change the last octal of the routing address to it. of course, this mapping can change if a server goes down and is brought back up under a different address, so modifying your hosts file is not the best idea unless you how to fix it yourself.
As for any speculations of "getting banned" for this method, it's impossible. Just think about it, if they have their own client setup to connect to 1-4 login addresses based on some condition and you try to connect to one of those legitimate address using the legitimate client, how can they ban you?
The client contains code to detect when the server isn't available and you simply won't be able to login. They have a little dialog that pops up before the login box shows and you can only close the client. If you were using a clientless, then sure, they "could" devise a clever scheme to ban you if you are connecting to their server and you still connect after they send you a packet to not connect, but the game client isn't setup to work like that.
If the server is "up" it means it is connecting connections. Trying to setup a honeypot server to detect people using host file modification or clientless for that matter is not something Joymax would do. It's far easier detecting clientless a number of other ways in the world server and there's no risks of banning legitimate client users that way.
so add this?, just asking to make sure.
121.128.133.28 gwgt1.joymax.com
121.128.133.28 gwgt2.joymax.com
121.128.133.28 gwgt4.joymax.com
instead of the .29 one? on the host file?
Re: No more login exploit.
Posted: Tue Jul 21, 2009 2:06 pm
lolololol wrote:TillTheEnd wrote::? I don't get it, if u were referring to the "exploit" where u can choose that login server, is still there lol, JM actually added a "NEN" login server .30 or replace it with an old 1 idk.
OMFG theres still only 4 IP's but now they range from .28 to .30 which means youre back on the queue with goldbots.
They didnt add a new one at all, did you even look at the IP's in the ss?
gwgt1 : 121.128.133.29
gwgt2: 121.128.133.30
gwgt3: 121.128.133.28
gwgt4: 121.128.133.29
.27 still appears if you check by netstat -n after opening the client, I get .26 .27 .28 .29 .30 ....
Re: No more login exploit.
Posted: Tue Jul 21, 2009 2:51 pm
Maybe gwgt5 lol
I've always wondered if the bots use host name to connect or IP to connect. Someone enlighten me?
I've always wondered if the bots use host name to connect or IP to connect. Someone enlighten me?
Re: No more login exploit.
Posted: Tue Jul 21, 2009 2:56 pm
Thanks a lot Drew, so the exploit still works, I'm glad to hear it ^_^
Re: No more login exploit.
Posted: Tue Jul 21, 2009 3:14 pm
thread failure... i already connected to .26 and .27 today...
screenshot attatched.
screenshot attatched.
- netstats.joymax1.jpg (68.42 KiB) Viewed 4939 times
Re: No more login exploit.
Posted: Tue Jul 21, 2009 3:31 pm
NuclearSilo wrote:Maybe gwgt5 lol
I've always wondered if the bots use host name to connect or IP to connect. Someone enlighten me?
im pretty sure they search server once they are in game. so it doesnt matter what the server is. just like ours.
they can change the host files and we just follow the location. bot just autoselects location i assume.
no need to configure
Re: No more login exploit.
Posted: Tue Jul 21, 2009 5:50 pm
dorkus wrote:thread failure... i already connected to .26 and .27 today...
screenshot attatched.
Only the bots connects to the .26 and .27 actually, both still exists, just Joymax quit the DNS on them, if you are still connected on them when you are login probably you are using a 3rd party program, because them connects to the IP's, not to the DNS. So self-pwned IMHO...
/ONTOPIC
So actually we have...
- gwgt1/4.joymax.com ------> .29
- gwgt2.joymax.com -------> .30
- gwgt3.joymax.com -------> .28
And gateways servers without DNS:
121.128.133.26 \
XXXXXXXXXXXXXX|-----> Used only by bots who connects to Silkroad via IP, not DNS.
121.128.133.27 /
Both of them are online when I send the ping, so are still working.
Re: No more login exploit.
Posted: Tue Jul 21, 2009 7:42 pm
So can anyone make a clean explanation about that?, i mean as simple as before just add 123.456.789 gwgc.blabla.com to hosts thats all. please? 
Re: No more login exploit.
Posted: Tue Jul 21, 2009 7:49 pm
dorkus wrote:thread failure... i already connected to .26 and .27 today...
screenshot attatched.
running 4 clients? wheeee.
EDIT: Now that I look at it, it is actually only 2. Still. Nice One. ^^
Re: No more login exploit.
Posted: Tue Jul 21, 2009 8:05 pm
Selfpwn
Re: No more login exploit.
Posted: Tue Jul 21, 2009 8:37 pm
Thomas42 wrote:Doomsday wrote:lol, this will teach us something important... dk what but I think it's a lesson from JM xD
They are too lazy to look after their own game. Why would they give us lessons now?
That's why I said "dk what".
I think they just have changed the ip address.
Re: No more login exploit.
Posted: Tue Jul 21, 2009 10:46 pm
ezos wrote:dorkus wrote:thread failure... i already connected to .26 and .27 today...
screenshot attatched.
running 4 clients? wheeee.
bayum
Re: No more login exploit.
Posted: Wed Jul 22, 2009 4:15 am
kaperucito wrote:dorkus wrote:thread failure... i already connected to .26 and .27 today...
screenshot attatched.
Only the bots connects to the .26 and .27 actually, both still exists, just Joymax quit the DNS on them, if you are still connected on them when you are login probably you are using a 3rd party program, because them connects to the IP's, not to the DNS. So self-pwned IMHO...
/ONTOPIC
So actually we have...
- gwgt1/4.joymax.com ------> .29
- gwgt2.joymax.com -------> .30
- gwgt3.joymax.com -------> .28
And gateways servers without DNS:
121.128.133.26 \
XXXXXXXXXXXXXX|-----> Used only by bots who connects to Silkroad via IP, not DNS.
121.128.133.27 /
Both of them are online when I send the ping, so are still working.
If that's true. Let's say bye bye to whoever connected to .26 and .27 in advance.
Edit: anyone's knows what's the IP of bot servers?
Re: No more login exploit.
Posted: Wed Jul 22, 2009 12:56 pm
ezos wrote:dorkus wrote:thread failure... i already connected to .26 and .27 today...
screenshot attatched.
running 4 clients? wheeee.
EDIT: Now that I look at it, it is actually only 2. Still. Nice One. ^^
You're an idiot for a number of reasons.
1. It wasn't 4
2. It wasn't 2, either. It was 3.
3. You got another great forum member banned.
EB ftw.
Re: No more login exploit.
Posted: Wed Jul 22, 2009 1:26 pm
a great forum member?
sorry a forum member that secretly bots is NOT a great forum member
sorry a forum member that secretly bots is NOT a great forum member
Re: No more login exploit.
Posted: Wed Jul 22, 2009 1:33 pm
penfold1992 wrote:a great forum member?
sorry a forum member that secretly bots is NOT a great forum member
hahahahahha wow
Re: No more login exploit.
Posted: Wed Jul 22, 2009 3:40 pm
zShared wrote:ezos wrote:dorkus wrote:thread failure... i already connected to .26 and .27 today...
screenshot attatched.
running 4 clients? wheeee.
EDIT: Now that I look at it, it is actually only 2. Still. Nice One. ^^
You're an idiot for a number of reasons.
1. It wasn't 4
2. It wasn't 2, either. It was 3.
3. You got another great forum member banned.
EB ftw.
You are a douchebag for a number of reasons...
1. Its actually 2. He has established connections to 121.128.113.27:15779 and 121.128.113.28:15779.
2. You should of put items 1 and 2 in the same sentence as they were related.
3. I didn't get anyone banned. I just LOL'ed at someones stupidity. I didn't report or any of that shit. I could give a rat's ass if he bots, multi-clients, runs his own gold farming business. This game is dead, who cares really?
4. You write stupid lists like this.
5. His screenshot was proof of multi-clienting only, it was not proof that he bots. So it should just be a 7 day ban.
6. You made ME write a stupid list like this.
Good Day Sir.
Re: No more login exploit.
Posted: Sun Aug 09, 2009 2:07 pm
ezos wrote:You are a douchebag for a number of reasons...
1. Its actually 2. He has established connections to 121.128.113.27:15779 and 121.128.113.28:15779.
2. You should of put items 1 and 2 in the same sentence as they were related.
3. I didn't get anyone banned. I just LOL'ed at someones stupidity. I didn't report or any of that shit. I could give a rat's ass if he bots, multi-clients, runs his own gold farming business. This game is dead, who cares really?
4. You write stupid lists like this.
5. His screenshot was proof of multi-clienting only, it was not proof that he bots. So it should just be a 7 day ban.
6. You made ME write a stupid list like this.
Good Day Sir.
ZOMG ZOMG LOL!!!!!!
YOU JUST OWNED EVERYONE IN LIVE HAHAHHAHA<3