Jon Van Caneghem wrote on Sep 29^th, 2014 at 9:52am:

tried once about 3 years ago, account got insta banned
in all fairness it was a pretty sloppy attempt just to test if they had any security at all, turns out they did

Jon Van Caneghem wrote on Sep 29^th, 2014 at 9:59am:

it was a throaway account made for the sole purpose of that test anyways so no harm done
in all fairness if you're gonna attempt something like this, using readily available tools you get from the net is not really what you wanna be doing

Yeah, i use Kali linux distro that comes with a lot of "official" tools to get these kind of jobs done. Those still require you to have knowledge of terminal commands and how networking works so they are not tools for the complete script kiddies.

Never download any hacking tools from the net and especialy tools made for windows as all those are guaranteed to have a virus attached to them.

I've only used SQLmap, and succesfully perfomed attacks to restaurants and other small buisnesses in my area.

Some games are vulnerable to those attacks through the in game chat server.  I remember EQ having that at one point.  And wow did even in beta at a point or two.  Most games are completely invulnerable now.  I think SWTOR had it for a short period on live, but I can't remember the reference.

Sim-Sala-Bim wrote on Sep 29^th, 2014 at 10:29am:

that made my laugh so hard i spilt beer on my keyboard, you sir owe me 120 dollars now

Anyway, the database servers are on the backend notwork ( the one in 10.*.*.* ) so you can't reach it.
( there's some that knows where to look for the right addresses here )

The only way to injcet things is from In Game, or by intercepting the game communications and sending bogus datas... and it takes a lot more than standard tools.
Why do you think Turbine act with Exxxxxtreme Prejudice on those that shows that they have been able to look at and understand client/server communications ?

jesus christ how bad is your life and addiction to DDO that you want to sql inject them.

get a new hobby.

FuckThisShit wrote on Sep 29^th, 2014 at 10:35am:


You must have one hell of a keyboard. Mine is like 20 dollars. 

Jon Van Caneghem wrote on Sep 29^th, 2014 at 10:08am:


Why?

DropBear wrote on Sep 29^th, 2014 at 8:03pm:


'cause he's like so bad. so so bad.

Freedom to the people!

Aeolwind wrote on Sep 29^th, 2014 at 5:08pm:


LOL. Noticed now. I was trying to find an IOU picture.

I always see lots of fun stuff happening when I fire up my home server...

Too bad for all the wanabee hackers it's :
- not a PC
- not under Linux
- not under Windows
- not running any PHP system atm. ( that might change once I have FTTH )
- not running any SQL db atm. ( that might change once I have FTTH )

Basically an Ultra 45 Sparc Server under Solaris 10 with just SSH and HTTP opened ( at Router level, via port forwarding and NAT ) is not fun to them.