Jump to content
x3w0r

[Exploit, Hack, whatever you want to call it] Flooding the server with a bot to log clients

Recommended Posts

Since I have launched my server, I have been experiencing attacks that a lot of people claim that are coming from mordo.ru developers/owners.

image.png.0f6a018158ffbab6a5877f5f1db51b25.png

 

And this is done due to a bot logging the same account with a lot of clients (I have tested this when they start their crap, I can log my account on two clients)

When the count exceeds 1000 Currently Logged in, the server can no longer let anyone log and disconnects everyone.

GroupServer gets cut out, so if you send a world message or a PM you disconnect.

 

We want to know if somebody can help us, we can not afford to keep our server up with large expenses without solving the issue.

 

  • Like 1

Share this post


Link to post
Share on other sites
1 minute ago, mkhzaleh said:

client should dc you if you login with same account 
image.png.c2cf3424980aa32024334d50019195b7.png

and its shouldn't count it as 

Currently Logged In?

 

It does not DC. It keeps you logged on both clients. Except that the one that was logged first gets everything disappearing besides chat.

Share this post


Link to post
Share on other sites
On 4/6/2019 at 12:45 PM, x3w0r said:

Since I have launched my server, I have been experiencing attacks that a lot of people claim that are coming from mordo.ru developers/owners.

image.png.0f6a018158ffbab6a5877f5f1db51b25.png

 

And this is done due to a bot logging the same account with a lot of clients (I have tested this when they start their crap, I can log my account on two clients)

When the count exceeds 1000 Currently Logged in, the server can no longer let anyone log and disconnects everyone.

GroupServer gets cut out, so if you send a world message or a PM you disconnect.

 

We want to know if somebody can help us, we can not afford to keep our server up with large expenses without solving the issue.

 

 

On 4/6/2019 at 12:45 PM, x3w0r said:

Since I have launched my server, I have been experiencing attacks that a lot of people claim that are coming from mordo.ru developers/owners.

image.png.0f6a018158ffbab6a5877f5f1db51b25.png

 

And this is done due to a bot logging the same account with a lot of clients (I have tested this when they start their crap, I can log my account on two clients)

When the count exceeds 1000 Currently Logged in, the server can no longer let anyone log and disconnects everyone.

GroupServer gets cut out, so if you send a world message or a PM you disconnect.

 

We want to know if somebody can help us, we can not afford to keep our server up with large expenses without solving the issue.

 

Hex gameserver change 1973 for another.

Share this post


Link to post
Share on other sites
2 hours ago, DevMorgan said:

 

Hex gameserver change 1973 for another.

If they do that, they can also change the bot to access another port. It probably wouldn't stop them.

  • Like 1

Share this post


Link to post
Share on other sites
7 hours ago, Angelix said:

If they do that, they can also change the bot to access another port. It probably wouldn't stop them.

Regardless, it can be stopped if the right issue is found on the server executables.

Share this post


Link to post
Share on other sites
On 4/6/2019 at 7:49 PM, x3w0r said:

It does not DC. It keeps you logged on both clients. Except that the one that was logged first gets everything disappearing besides chat.

o.o for me its dc all client's with same account  if its online

Edited by mkhzaleh

Share this post


Link to post
Share on other sites
4 minutes ago, Duduf said:

Try limit connections to GateServer per IP via firewall

It is one IP and one client triggering multiple actions (1k/click) at once.

 

23 hours ago, mkhzaleh said:

o.o for me its dc all client's with same account  if its online

As I stated, this happens under certain circumstances and not always and it is a gateserver/gameserver exploit.

Share this post


Link to post
Share on other sites
10 минут назад, x3w0r сказал:

It is one IP and one client triggering multiple actions (1k/click) at once.

Its one IP with 1k connections. You need limit connections per IP 

  • Like 2

Share this post


Link to post
Share on other sites
9 hours ago, Duduf said:

Its one IP with 1k connections. You need limit connections per IP 

If you do limit connections on this case, you will limit it to one client/IP, because this is happening on one client.

 

Share this post


Link to post
Share on other sites
14 hours ago, Duduf said:

Its one IP with 1k connections. You need limit connections per IP 

how can limit connection per ip sir?

Share this post


Link to post
Share on other sites
13 часов назад, wizel1 сказал:

how can limit connection per ip sir?

Try Kiwi Guard Firewall 2011 (on Windows)

Share this post


Link to post
Share on other sites
6 hours ago, Duduf said:

Try Kiwi Guard Firewall 2011 (on Windows)

on such attacks Kiwi will crash, aint a good choice but its good for small attacks

Share this post


Link to post
Share on other sites
9 hours ago, FapFap said:

on such attacks Kiwi will crash, aint a good choice but its good for small attacks

and its don't do what he want tho,
you maybe try your host firewall 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×