Al3grab Posted January 26, 2012 Posted January 26, 2012 hi , i know them .. [HD]kSA~S3D~~[Hajwalah^7rb~falah]~S3D~KSA[HD]/999~b7~GTA AR~~al3grb... this server don't belong to their site , the server owner only uses the tag to get more visitors ..
Orange Posted January 26, 2012 Posted January 26, 2012 Putting all resources on admin is a very, very bad idea. lolwat? afaik runcode had admin, but there wasn't a "resource.*" statement
MTA Team qaisjp Posted January 26, 2012 Author MTA Team Posted January 26, 2012 hi ,i know them .. [HD]kSA~S3D~~[Hajwalah^7rb~falah]~S3D~KSA[HD]/999~b7~GTA AR~~al3grb... this server don't belong to their site , the server owner only uses the tag to get more visitors .. Yes, we see. Those guys are nothing more than copy-cats. EDIT: Actually, the server name is : [GTA-AR]!Hajwalah and Drift Ksa Saudi www.Gta-Arab.com~~~, post fixed.
sora+ Posted January 27, 2012 Posted January 27, 2012 Hmm you should also fix your post which has my nick on it as the GTA-AR Moderator lol. Hello once more.We found the hackers which Hacked NPG. iNu9aiF is an owner of GTA - AR, also known as GTA - ARAB ( http://www.gta-arab.com/gt/ ) server or [GTA-AR]!Hajwalah and Drift Ksa Saudi http://www.Gta-Arab.com~~~ and the Sora+ is an Moderator of GTA - AR. We recommend to BAN their serials. Oh, and also: http://www.gta-arab.com/gt/showthread.php?t=33644 and the Owner: http://www.gta-arab.com/gt/showthread.php?t=20827 Also, we recommend not to play on their servers due your own security, Regards, The NPG Team
CapY Posted January 28, 2012 Posted January 28, 2012 UP: CapY's sleeping. Keep in mind I'm not the only one who is logging into NPG account.
Orange Posted January 29, 2012 Posted January 29, 2012 UP: CapY's sleeping. Keep in mind I'm not the only one who is logging into NPG account. I did it.
MTA Team qaisjp Posted February 2, 2012 Author MTA Team Posted February 2, 2012 Well I think the issue is closed now that we realized that http_guest had access to it. :Z Issue closed? I think so. Please close this if it deems necessary.
Phat Looser Posted February 3, 2012 Posted February 3, 2012 Issue not closed. I tried a bit, and found out that a few servers are prone to this problem. Most of them non-"professional", of course, but hacking a server is a bad habit. I think we should think of a way to explain the ACL better.
MTA Team qaisjp Posted February 5, 2012 Author MTA Team Posted February 5, 2012 Issue not closed.I tried a bit, and found out that a few servers are prone to this problem. Most of them non-"professional", of course, but hacking a server is a bad habit. I think we should think of a way to explain the ACL better. Mind explaining a bit more?
Phat Looser Posted February 6, 2012 Posted February 6, 2012 Its common to give all resources admin, thats what I meant. If you find out that a server did that, its easy for a hacker to attack it. I remember doing it myself.
MTA Team qaisjp Posted February 6, 2012 Author MTA Team Posted February 6, 2012 Its common to give all resources admin, thats what I meant. If you find out that a server did that, its easy for a hacker to attack it. I remember doing it myself. How would those infiltrators even know that, after all it was closed and never open ever since we thought of the concept of Neo Playgrounds. (with the small exception of a random selected people for the closed beta) We didn't think there would be any security vulnerability within one of the most commonly used MTA resource, is the http_guest a mistake on the server side or resource side?
Phat Looser Posted February 7, 2012 Posted February 7, 2012 Server side, I would presume. But that discussion is already running on mantis.
MTA Team qaisjp Posted February 8, 2012 Author MTA Team Posted February 8, 2012 Well that's nice to hear. We wish we could join the discussion because afaik we were the first ones to get attacked in this matter.
Phat Looser Posted February 9, 2012 Posted February 9, 2012 I don't want to write a "how to hack a server" for noobs.
Al3grab Posted February 11, 2012 Posted February 11, 2012 they hack servers using resourcebrowser .. xx.xx.xx.xx:22003/resourcebrowser and somehow they go over the firewall , this happened to me when i was on delux-host , so you need to remove resourcebrowser from the default resources @ server config to be more safe
CapY Posted February 11, 2012 Posted February 11, 2012 they hack servers using resourcebrowser ..xx.xx.xx.xx:22003/resourcebrowser and somehow they go over the firewall , this happened to me when i was on delux-host , so you need to remove resourcebrowser from the default resources @ server config to be more safe How come is that ?
MTA Team qaisjp Posted February 15, 2012 Author MTA Team Posted February 15, 2012 they hack servers using resourcebrowser ..xx.xx.xx.xx:22003/resourcebrowser and somehow they go over the firewall , this happened to me when i was on delux-host , so you need to remove resourcebrowser from the default resources @ server config to be more safe Incorrect, the issues has already been pinpointed. It's not that.
Al3grab Posted February 15, 2012 Posted February 15, 2012 well , my server and other servers has been hacked from "resourcebrowser" and i dont know how he did it !
MTA Team qaisjp Posted February 16, 2012 Author MTA Team Posted February 16, 2012 well , my server and other servers has been hacked from "resourcebrowser" and i dont know how he did it ! Maybe a stupid password? It's not that hard to write /login al3grab al3grabftw12212
Al3grab Posted February 25, 2012 Posted February 25, 2012 well , my server and other servers has been hacked from "resourcebrowser" and i dont know how he did it ! Maybe a stupid password? It's not that hard to write /login al3grab al3grabftw12212 , well many servers on the same host i am using have been hacked ( Germany @ "d..-host" ) it's not about my password .. i think they hacked the main server
MTA Team qaisjp Posted February 25, 2012 Author MTA Team Posted February 25, 2012 , well many servers on the same host i am using have been hacked ( Germany @ "d..-host" ) it's not about my password .. i think they hacked the main server Anyway I think you should just sort of 'walk away', cos you are not understanding this. Don't bump again. Please close.
MTA Team qaisjp Posted February 25, 2012 Author MTA Team Posted February 25, 2012 Please close, the relative discussion has been brought up on the bug tracker and made private for security reasons.
Recommended Posts