Hacking into emulator

Resubmitted · Jun 18, 2017

Our hotel keeps getting 'hacked' (I'm using that phrase because there is no other way that they can actually do it as far as I'm aware).

You might have already heard this, but I'll explain it again. Someone (we don't even know who) keeps getting into staff accounts without entering the password or even going through the website first. The IP wasn't even recorded, and the only thing that was recorded was the hacker's machine ID.

Our hotel is a small one, averaging about 30-40 users, but we used to get much more until the hacking happened.

The hacker claims there is a massive issue with the 'emulator' and that apparently we, or any of the developers, will never be able to find it or fix it.

We checked everything, and fixed all the fixes that was available on devbest, including SSO ticket etc. However, they still keep doing it. This has also happened to another hotel, and we can't see anything similar, we are both using different emulators and are with different hosting providers.

If anyone knows how to fix it, please do get in contact. Please note that we are very paranoid at the minute and are hesitant in giving out our emulator to random people, so we would rather if anyone was going to help us, help us via teamviewer only.

Wickd · Jun 18, 2017

You sure they didn't get access some other way? XD

Sledmore · Jun 18, 2017

Judging by this thread, the CMS is out of the question? If the CMS has an exploit, it'd be super easy to just grab any SSO as you please, or update values then boot up a client with that SSO in. Safest way to stay anonymous whilst doing it.

Alternatively, is there a shell hidden in the SWF pack or something? The other thing would be (don't know if it's still possible), you used to be able to put malicious code in furniture SWFs, such as what PeJump and Joopie did way back when, and gained access to files / data.

Would count it fully on your emulator without knowing much, but I guess it depends on what the emulator is capable of (mus wise, or any external system), so many ways to exploit a hotel. Hard to bask the answer on such limited info.

Resubmitted · Jun 18, 2017

LOLno said:
You sure they didn't get access some other way? XD

Nope. The owner was on the VPS while the hacking was happening. There is no other way.

MasterJiq · Jun 18, 2017

Give me your hotel link, let me check if ur cms have any exploit ?

Resubmitted · Jun 19, 2017

Sledmore said:
Judging by this thread, the CMS is out of the question? If the CMS has an exploit, it'd be super easy to just grab any SSO as you please, or update values then boot up a client with that SSO in. Safest way to stay anonymous whilst doing it.

Alternatively, is there a shell hidden in the SWF pack or something? The other thing would be (don't know if it's still possible), you used to be able to put malicious code in furniture SWFs, such as what PeJump and Joopie did way back when, and gained access to files / data.

Would count it fully on your emulator without knowing much, but I guess it depends on what the emulator is capable of (mus wise, or any external system), so many ways to exploit a hotel. Hard to bask the answer on such limited info.

Would you be able to look at it over join.me or teamviewer or something?

I feel that you might be able to get a better picture of the server by doing that.

I must say that I'll be very surprised if anyone finds a fix.

Sledmore said:
Judging by this thread, the CMS is out of the question? If the CMS has an exploit, it'd be super easy to just grab any SSO as you please, or update values then boot up a client with that SSO in. Safest way to stay anonymous whilst doing it.

Alternatively, is there a shell hidden in the SWF pack or something? The other thing would be (don't know if it's still possible), you used to be able to put malicious code in furniture SWFs, such as what PeJump and Joopie did way back when, and gained access to files / data.

Would count it fully on your emulator without knowing much, but I guess it depends on what the emulator is capable of (mus wise, or any external system), so many ways to exploit a hotel. Hard to bask the answer on such limited info.

EDIT: I spoke with the owner, there was also a file called Joopie or something along those lines in the emulator folder. However, we already deleted it, and they still managed to hack us?

Sledmore · Jun 19, 2017

Resubmitted said:
EDIT: I spoke with the owner, there was also a file called Joopie or something along those lines in the emulator folder. However, we already deleted it, and they still managed to hack us?

Restore it, that is the encryption library which is needed with the emulator.

Resubmitted · Jun 19, 2017

Sledmore said:
Restore it, that is the encryption library which is needed with the emulator.

It's being restored.

Would you be able to teamviewer us and take a look at the server for us please?

Sledmore said:
Restore it, that is the encryption library which is needed with the emulator.

Also, we are using PlusEmu. Our swfs date back to 2016. I can get you the exact production if needbe.

What we know so far is the hacker was boasting about how he can do something with group furni to 'drop' the database. He also manages to get into accounts without even typing the password, and we can't see his IP either, as it doesn't get recorded. The only thing recorded is the machine id.

SOUL · Jun 20, 2017

Resubmitted said:
It's being restored.

Would you be able to teamviewer us and take a look at the server for us please?

Also, we are using PlusEmu. Our swfs date back to 2016. I can get you the exact production if needbe.

What we know so far is the hacker was boasting about how he can do something with group furni to 'drop' the database. He also manages to get into accounts without even typing the password, and we can't see his IP either, as it doesn't get recorded. The only thing recorded is the machine id.

In R1 there was a exploit where you use a packet logger and can execute a query upon a bot changing clothes

JayC · Jun 24, 2017

SOUL said:
In R1 there was a exploit where you use a packet logger and can execute a query upon a bot changing clothes

Flux doesn't have available bots for users so this isn't the issue - however good thing to look into to fix.

Pinkman · Jun 24, 2017

I believe this is a SWF issue. Maybe shell exploit

Hacking into emulator

Resubmitted

Member

Wickd

The first member of the Knights of the Pink Table

Sledmore

Chaturbate Livestreamer

Resubmitted

Member

MasterJiq

Member

Resubmitted

Member

Sledmore

Chaturbate Livestreamer

Resubmitted

Member

SOUL

┼ ┼ ┼

JayC

Well-Known Member

Pinkman

Posting Freak

Users who are viewing this thread

Latest posts

Connect with us

Newest members