[SHARE] How to "fix" the AuthD exploit.

View previous topic View next topic Go down

[SHARE] How to "fix" the AuthD exploit.

Post  K4rm4l0ver on Fri Jan 16, 2009 10:56 am

Ok guys... Lately a lot of servers got owned by this exploit where you just pick an account ID and pick any chars you want... Lots of servers got corrupted, people getting in GM accounts and summoning items, to sum it up, it's a total CHAOS. Anyways, this is how you should be able to temporarily fix it:

1 - First off, backup your lin2world and lin2db databases, if anything goes wrong, you'll be able to restore your databases and start it over again without being -beep-ed over.

2 - Open your enterprise manager whatsoever in MSSQL, make a new query, put this into it and execute:


Code:
use lin2world
update user_data
set account_id = account_id + 621854

// This is just an example, you could use any other number you want, but with that number the noobs are gonna try to find the account ID's forever.

3 - After you've done that, unlock the lin2db database, make a new query, type this in and execute:


Code:
use lin2db
update user_account
set uid = uid + 621854

// Keep in mind the number should be the same in both, else it won't work.

4 - Reload the server.


Now script kiddies are gonna try to find the account ID's, they'll start by 1, 2, 3, 4, 5, 6, 7, 10k, 20k, 40k, 50k, 60k, 70k, until they go like WHAT THE -beep- and /wrist.

Hope it helps you, thank you Mac for helping me out with this.

Best regards.

_________________

avatar
K4rm4l0ver
Gold Member
Gold Member

Number of posts : 41
Registration date : 2009-01-16

View user profile http://l2xteamtop200.team-talk.net

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum