SA-MP Forums Archive
Server got hacked [HELP] - Printable Version

+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Server (https://sampforum.blast.hk/forumdisplay.php?fid=6)
+--- Forum: Server Support (https://sampforum.blast.hk/forumdisplay.php?fid=19)
+--- Thread: Server got hacked [HELP] (/showthread.php?tid=254394)


Server got hacked [HELP] - Medal Of Honor team - 10.05.2011

We were playing in a server, until a guy name "unknown" entered and threaten to hack the server. We thought it was some kind of prank. But after few mins, he take control of the rcon admin and banned all players. How did he hacked?

Re: Server got hacked [HELP] - WarServers - 10.05.2011

No security your end.

Disable rcon if you know need to use it, EG if you have a Admin script.

Re: Server got hacked [HELP] - Jochemd - 10.05.2011

You just have used too simple passwords. Look in your RCON what he tried and how much times and the time, on that you can determine if he used a program or just tried by himself.

Re: Server got hacked [HELP] - Medal Of Honor team - 11.05.2011

Quote:
Originally Posted by Jochemd
Посмотреть сообщение
You just have used too simple passwords. Look in your RCON what he tried and how much times and the time, on that you can determine if he used a program or just tried by himself.
Nobody tries to log in to the rcon in server log. But there had been many incoming connections.

Re: Server got hacked [HELP] - Medal Of Honor team - 11.05.2011

Incredible hacker. I have change the RCON pass today morning. When I got back home and see the server files, there are 17 people banned in the banlist

Re: Server got hacked [HELP] - alpha500delta - 11.05.2011

Quote:
Originally Posted by Medal Of Honor team
Посмотреть сообщение
Incredible hacker. I have change the RCON pass today morning. When I got back home and see the server files, there are 17 people banned in the banlist
It was probably "1234" I guess?

Try something like this: cv%R6BGGHji**n&559NBf5

Re: Server got hacked [HELP] - Medal Of Honor team - 11.05.2011

Quote:
Originally Posted by alpha500delta
Посмотреть сообщение
It was probably "1234" I guess?
I have once gave that password when I was 3 years old and was in a quick skip.



Quote:
Originally Posted by alpha500delta
Посмотреть сообщение
Try something like this: cv%R6BGGHji**n&559NBf5
Thanks for your suggestion, but we have changed it twice and still the "Unknown" guy hack. His IP is dynamic and he have tried range ban, hostname ban, ip ban, but no success

Re: Server got hacked [HELP] - Vince - 11.05.2011

Looks like a brute force attack. Any kid can do it with some simple tools found on the net. Be sure to not use any words that can be found in a dictionary or obvious combinations like 123456 or 654321 (you'd be surprised if you'd know how many people actually use these). Example of a good password that you can remember:

R4ndomP@ssw0rd!

Re: Server got hacked [HELP] - Medal Of Honor team - 11.05.2011

well our old password was "aazyuuxx.exE" which they have found and the next old password was "HoWoNEarthZ"

Re: Server got hacked [HELP] - dugi - 11.05.2011

Then it looks like that person has gained access to the ftp server or your servers control panel. You need to contact your server host about this.