Forum :: Announcements :: EO Server Backdoor Warnings

Apollo posted: (9th Jan 2012, 09:19 am)

And I doubt you would have had a problem with 1-10 players online. Ele was trying to sucker BU into using EOSource. Just had someone that Elefag wouldn't think would rat him out do just that. I will screenie my MSN.

maori posted: (9th Jan 2012, 09:16 am)

jinga posted: (9th Jan 2012, 08:59 am)

Apollo posted: (9th Jan 2012, 08:28 am)

I'm sorry, Sordie had a user exploiting backdoor? Sordie told you upfront that Seose had commands she could access were she to log in. And wait, didn't Sausage flat out write Seose to EOSERV conversion when the special hidden commands were made public and suggest no seriousservercontinueusingSeose just as he has done in this case. If you are still too dumb to see that command for what it is go ahead and use it. If you aren't an idiot, there is a clean open source code on this site that you can use and learn from just as the ones that compiled the modified versionwiththebackdoordid.

Well i havn't had a problem with my EOSource server so far until Sausage started attacking servers with this "backdoor".

Also the SEOSE2EOSERV application its not even fixed on Sausages download page it still doesn't transfer the map id's of the character which, hollow fixed and recompiled on the EOSource website so i think Sausage has done a great job fixing that nope? instead he's too busy"exposingeosource".

here why DON'T YOU FIX IT YOURSELF and you properly  won't even know what a compiler is cause your using a closed sourced server with a backdoor to it

Edit when does SEOSE2EOSERV become Warning: Do not use EOSource or Seose

I know what a compiler is and i even know how to fix the SEOSE2EOSERV problems but for some reason it wasn't compiling for me. And that does not excuse the fact that the download link to the SEOSE2EOSERV on the eoserv.net/download page is still broken does it? I like how sausage expect every1 to convert from seose to eoserv yet he can't even fix this own bug in his program he make?? that stupid.

All that hard work for nothing because its broken and doesn't transfer over the map id's of characters.

jinga posted: (9th Jan 2012, 09:22 am)

maori posted: (9th Jan 2012, 09:16 am)

jinga posted: (9th Jan 2012, 08:59 am)

Apollo posted: (9th Jan 2012, 08:28 am)

I'm sorry, Sordie had a user exploiting backdoor? Sordie told you upfront that Seose had commands she could access were she to log in. And wait, didn't Sausage flat out write Seose to EOSERV conversion when the special hidden commands were made public and suggest noseriousservercontinueusingSeose just as he has done in this case. If you are still too dumb to see that command for what it is go ahead and use it. If you aren't an idiot, there is a clean open source code on this site that you can use and learn from just as the ones that compiled the modifiedversionwiththebackdoordid.

Well i havn't had a problem with my EOSource server so far until Sausage started attacking servers with this "backdoor".

Also the SEOSE2EOSERV application its not even fixed on Sausages download page it still doesn't transfer the map id's of the character which, hollow fixed and recompiled on the EOSource website so i think Sausage has done a great job fixing that nope? instead he's toobusy"exposingeosource".

here why DON'T YOU FIX IT YOURSELF and you properly  won't even know what a compiler is cause your using a closed sourced server with a backdoor to it

Edit when does SEOSE2EOSERV become Warning: Do not use EOSource or Seose

I know what a compiler is and i even know how to fix the SEOSE2EOSERV problems but for some reason it wasn't compiling for me. And that does not excuse the fact that the download link to the SEOSE2EOSERV on the eoserv.net/download page is still broken does it? I like how sausage expect every1 toconvert from seose to eoserv yet he can't even fix this own bug in his program he make?? that stupid.

All that hard work for nothing because its broken and doesn't transfer over the map id's of characters.

unlike sausage he a lazy fuck like everyone says he is.

maori posted: (9th Jan 2012, 09:27 am)

jinga posted: (9th Jan 2012, 09:22 am)

maori posted: (9th Jan 2012, 09:16 am)

jinga posted: (9th Jan 2012, 08:59 am)

Apollo posted: (9th Jan 2012, 08:28 am)

I'm sorry, Sordie had a user exploiting backdoor? Sordie told you upfront that Seose had commands she could access were she to log in. And wait, didn't Sausage flat out write Seose to EOSERV conversion when the special hidden commands were made public and suggestnoseriousservercontinueusingSeose just as he has done in this case. If you are still too dumb to see that command for what it is go ahead and use it. If you aren't an idiot, there is a clean open source code on this site that you can use and learn from just as the ones that compiled themodifiedversionwiththebackdoordid.

Well i havn't had a problem with my EOSource server so far until Sausage started attacking servers with this "backdoor".

Also the SEOSE2EOSERV application its not even fixed on Sausages download page it still doesn't transfer the map id's of the character which, hollow fixed and recompiled on the EOSource website so i think Sausage has done a great job fixing that nope? instead he'stoobusy"exposingeosource".

here why DON'T YOU FIX IT YOURSELF and you properly  won't even know what a compiler is cause your using a closed sourced server with a backdoor to it

Edit when does SEOSE2EOSERV become Warning: Do not use EOSource or Seose

I know what a compiler is and i even know how to fix the SEOSE2EOSERV problems but for some reason it wasn't compiling for me. And that does not excuse the fact that the download link to the SEOSE2EOSERV on the eoserv.net/download page is still broken does it? I like how sausage expect every1toconvert from seose to eoserv yet he can't even fix this own bug in his program he make?? that stupid.

All that hard work for nothing because its broken and doesn't transfer over the map id's of characters.

unlike sausage he a lazy fuck like everyone says he is.

Who is a lazy fuck? I have not see anyone calling people lazy fucks?

I assure you that I will bring to his attention the Soese2EOSERV bug. I wasn't aware that anyone was even using r244 but obviously there are some that copy directly code into their source adding a missing 3 lines. Likewise, it would be just as easy to log the character to their home at login with about 1 line of code should they have no existing map x y. Pro fix0ring for this EOSource has EOSERV does not bullshit. Who couldn't add a missing line when the rest of the code was already there to go by.

Apollo posted: (9th Jan 2012, 09:30 am)

I assure you that I will bring to his attention the Soese2EOSERV bug. I wasn't aware that anyone was even using r244 but obviously there are some that copy directly code into their source adding a missing 3 lines. Likewise, it would be just as easy to log the character to their home at login withabout 1 line of code should they have no existing map x y. Pro fix0ring for this EOSource has EOSERV does not bullshit. Who couldn't add a missing line when the rest of the code was already there to go by.

The Soese2EOSERV bug?

Thought it was called seose?

And that's good its about damn time i already posted a topic about it before and no one listened except hollow.

As for the msn screenies i would also like to see.

Ignore people who think this place is dying, they're most likely pawns of the "opposing team(s)", or just unfortunates that can't wait for a fight.

As far as I've seen in this community, there's always been a handful of people helping eachother out at different times and people that value this community. It's a various bunch of people that alternate throughout time, but never the less (and less the trolls) this forum and software is the source everyone here uses for good or bad.

Watch this space EOServ users, there's yet another person who wishes to cause havoc around here but hasn't done so yet.

(not me =x).

---
Web developer, currently looking for graphic artists / designers.

A backdoor in so called "EOSource"! How suprising!... Meh

This wasn't meant to be there. This has now be removed and has nothing to do with elevations. We did implant this a while ago but was supposed to be removed already. We're truly sorry and have updated to 1.4 which has no ''backdoors'' in it. I don't know how sausage figured the codes buti'llbehappy to let him re-do what he did to check if there may be other backdoors. As i said before i'm truly sorry and this will not happen again. If you people stop trusting EOSource i won't blame you just know that this won't happen again.

Even though we shouldn't have done this (Which is now removed) EOSouce isn't the only thing with a backdoor. SEOSE had a backdoor, still we used it for ages. And what could i do with your passwords? The only private server i play is FE. Again.. sorry this shouldn't have been there.

I did implant this to my own server hollowfication used for password recovery since i am using EOSource on my hollowfication server too. And i have never (None of our staff) have ever used it. Infact we didn't know it was there until sausage posted it. I thought this was added in my own server butthat's not the case.

Again.. This has nothing to do with elevations. It was me that implanted the command in eosource not him. Also as i said this was an accident.

All of this truly just makes me laugh, everyone picking sides. All the fighting that goes on here is truly ridiculous. Even if this backdoor was for his "hollowfication" server, It truly didn't need to include the password as Apollo said above. People seriously need to stop bashing other people(even if it is elevations) because that drives the younger community away from these sites/servers, It's slowly killing off the community. Also actions like elevations pulls is also what kills this community, quite frankly I'm fucking sick of it all.

Also i suggest an admin "locks" this topic , because all that needed to be said has been said. Keeping it unlocked with continue the fight even further.

---
Why am I still here...

Hollow posted: (9th Jan 2012, 02:27 pm)

This wasn't meant to be there. This has now be removed and has nothing to do with elevations. We did implant this a while ago but was supposed to be removed already. We're truly sorry and have updated to 1.4 which has no ''backdoors'' in it. I don't know how sausage figured the codesbuti'llbehappy to let him re-do what he did to check if there may be other backdoors. As i said before i'm truly sorry and this will not happen again. If you people stop trusting EOSource i won't blame you just know that this won't happen again.

Even though we shouldn't have done this (Which is now removed) EOSouce isn't the only thing with a backdoor. SEOSE had a backdoor, still we used it for ages. And what could i do with your passwords? The only private server i play is FE. Again.. sorry this shouldn't have been there.

I did implant this to my own server hollowfication used for password recovery since i am using EOSource on my hollowfication server too. And i have never (None of our staff) have ever used it. Infact we didn't know it was there until sausage posted it. I thought this was added in my own serverbutthat's not the case.

Again.. This has nothing to do with elevations. It was me that implanted the command in eosource not him. Also as i said this was an accident.

That doesn't even make any sense. How is a password recovery feature useful at all if it involves the player being logged in with their username and password? Not to mention any password recovery system based on recovering the user's plaintext password is just plain bad.

The only reason I was even looking at EOSource is because of hearing about someone bragging about the backdoor in it. I'll check out 1.4 and update the announcement, but your story doesn't even make sense. We already know elevations is obsessed with grabbing at everyone's passwords so he can try use their accounts on other servers/forums (i.e. this one) to troll/harass etc.

Sausage posted: (9th Jan 2012, 04:04 pm)

Hollow posted: (9th Jan 2012, 02:27 pm)

This wasn't meant to be there. This has now be removed and has nothing to do with elevations. We did implant this a while ago but was supposed to be removed already. We're truly sorry and have updated to 1.4 which has no ''backdoors'' in it. I don't know how sausage figured thecodesbuti'llbehappy to let him re-do what he did to check if there may be other backdoors. As i said before i'm truly sorry and this will not happen again. If you people stop trusting EOSource i won't blame you just know that this won't happen again.

Even though we shouldn't have done this (Which is now removed) EOSouce isn't the only thing with a backdoor. SEOSE had a backdoor, still we used it for ages. And what could i do with your passwords? The only private server i play is FE. Again.. sorry this shouldn't have been there.

I did implant this to my own server hollowfication used for password recovery since i am using EOSource on my hollowfication server too. And i have never (None of our staff) have ever used it. Infact we didn't know it was there until sausage posted it. I thought this was added in my ownserverbutthat's not the case.

Again.. This has nothing to do with elevations. It was me that implanted the command in eosource not him. Also as i said this was an accident.

That doesn't even make any sense. How is a password recovery feature useful at all if it involves the player being logged in with their username and password? Not to mention any password recovery system based on recovering the user's plaintext password is just plain bad.

The only reason I was even looking at EOSource is because of hearing about someone bragging about the backdoor in it. I'll check out 1.4 and update the announcement, but your story doesn't even make sense. We already know elevations is obsessed with grabbing at everyone's passwords sohe can try use their accounts on other servers/forums (i.e. this one) to troll/harass etc.

Yes i'm sorry about that. It was the right thing that u figured it out. Since the passwords are encrypted you could use the command to get the password. otherwise your password would be something like 9458!@$#@ that's why i used the command. I don't know any other ways of doing this atm. Unlessadding a new database column called ''passRecovery'' that shows the unencrypted password. You guys might experience it different, but for me elevations is a very good friend. I don't blame you for hating him but i trust ele.

@Pickupstixx this is no fight at all lol. Sausage is right, and i shouldn't have implanted the command even if it was an accident. That's why it's removed now. But i just wanted to explain why i used the command instead of the database. And to say sorry.

Hollow posted: (9th Jan 2012, 04:44 pm)

Sausage posted: (9th Jan 2012, 04:04 pm)

Hollow posted: (9th Jan 2012, 02:27 pm)

This wasn't meant to be there. This has now be removed and has nothing to do with elevations. We did implant this a while ago but was supposed to be removed already. We're truly sorry and have updated to 1.4 which has no ''backdoors'' in it. I don't know how sausage figured thecodesbuti'llbehappy to let him re-do what he did to check if there may be other backdoors. As i said before i'm truly sorry and this will not happen again. If you people stop trusting EOSource i won't blame you just know that this won't happen again.

Even though we shouldn't have done this (Which is now removed) EOSouce isn't the only thing with a backdoor. SEOSE had a backdoor, still we used it for ages. And what could i do with your passwords? The only private server i play is FE. Again.. sorry this shouldn't have been there.

I did implant this to my own server hollowfication used for password recovery since i am using EOSource on my hollowfication server too. And i have never (None of our staff) have ever used it. Infact we didn't know it was there until sausage posted it. I thought this was added in my ownserverbutthat's not the case.

Again.. This has nothing to do with elevations. It was me that implanted the command in eosource not him. Also as i said this was an accident.

That doesn't even make any sense. How is a password recovery feature useful at all if it involves the player being logged in with their username and password? Not to mention any password recovery system based on recovering the user's plaintext password is just plain bad.

The only reason I was even looking at EOSource is because of hearing about someone bragging about the backdoor in it. I'll check out 1.4 and update the announcement, but your story doesn't even make sense. We already know elevations is obsessed with grabbing at everyone's passwords sohe can try use their accounts on other servers/forums (i.e. this one) to troll/harass etc.

Yes i'm sorry about that. It was the right thing that u figured it out. Since the passwords are encrypted you could use the command to get the password. otherwise your password would be something like 9458!@$#@ that's why i used the command. I don't know any other ways of doing this atm. Unlessadding a new database column called ''passRecovery'' that shows the unencrypted password. You guys might experience it different, but for me elevations is a very good friend. I don't blame you for hating him but i trust ele.

The goal of password recovery isn't to actually get someone's password. Noone should ever be looking at a copy of the users password, that's why password hashing is the minimal amount of required security for any user database. What the rest of the world does is use an alternative way to verify the user's identity (typically, sending them an email with a recovery ID) and then letting them use that to change their password. For the cases where they've lost access to that email you can manually set their passwords still without ever needing to know their original.

Edit: I've added a notice at the top of the announcement about 1.4

Edit 2: I can't believe I almost missed this. Cheers:

I am sure your users love you trying to decide who can and can't use their server.

Apollo posted: (9th Jan 2012, 06:52 am)

Accidental backdoor? Few days ago Kyle(Bone) was approached by Elevations to use "EOSource" as a replacement to the BU code stating that he(Elevations) had turned over a new leaf. A few sources that don't care to rat him out said that he(Elevations) was planning to destroy BU. Isthismerecoincidencethat a backdoor was found in EOSource?

For well over two years now, Elevations has been shitting on his players by hi-jacking messenger accounts, spamming other servers with packet bullshit to crash them (remember that deleted character bug you were crashing EE with about 3 weeks ago before I caught what you were doingwhileyouweredoing it?), and now this? You can form your own opinion but everything I know about him is never-ending bullshit. If you are on a test server testing your own code, you could easily administrate your character via database. There is no fucking reason for a user lever account if"elevations"orif"hollow" should be given access to view login and password. What debug purpose? Console window shows the accounts and characters as they are created. Hell if you want to know if it is the same account then add a show account command, but why the password too? Tell me one fuckinggood reasonthatauser level character doesn't need to have admin status to see this information. You can play it off as "i forgot" or as "debugging purpose" but come on, do you really think anyone in this community is that stupid? He cried about Sausage getting in the FE website via the DJpanel...saidSausagehacked his way into FE... said Natalia gave him DJ account info that allowed him in... FORGOT TO SAY HE JACKED HER(Natalia) HOTMAIL AND WAS SPAMMING FE AD'S WITH IT SO SHE WAS PROBABLY PISSED TOO. Ok to screw the people that play your server but not ok for the people that playyourserver toscrewyou? How's that work? 

I don't care what server you play, what software you use, what website is your favorite, or who you hang out with, I just don't like to see people get shit on. The kinda shit Elevations has done over the years has probably deterred a lot of potential players away from all private serversduetothesimple fact that people that aren't computer savy get scared easily. He is the one ruining the private server experience pulling stunts like this, not the person who coded what potentially could have been all that remains of EO. I expect a tantrum and a list of lies and bullshitinresponsetothis, but honestly don't waste your time on me because frankly you are caught red-handed again. Tired of people making you out to be the bad guy? Then quit trying so fucking hard to get login shit in hopes that some server like BU will use it and you can log in aswhateveradmin andtrollaround doing whatever the fuck you please until your method was discovered. Damn, find a hobby and do something else. Same shit gets old. And stop telling everyone I hacked FE. I don't give a fuck about FE, you, what you actually coded, or thefactyou even stoleyourmom's hotmail account and use it as your own. Get over it an move on bro, this shit ain't cool.  

Now thats funny.

Elevations on the shoutbox on eosource said he would only like BU/Apollo's /sausages/plas..I shall find the mention of BU! So now it makes sense on why the backdoor was added. No doubt in my mind that it was  on purpose now, specially if he was pushing it to kyle(bones). And to believe I started to feel bad for elefag with all his /bawwwing on the chat box... hollow you might aswell admit that it was put in on purpose to get kyle.... also, ele is the one who uploaded the new "eosource" file last night so I still wouldn't use it.

---

» elevations - 09-01-15:31 -- i admit i hate them, but i also know that helping the community is the right thing to do.

---

» elevations - 09-01-15:22 -- the only peoples passwords i'd like to have are plasmastars sausage and apollos

---

---

---
http://www.ctronic.ga
http://www.tsu.co/Deltro
https://www.reverbnation.com/deltro9

Sausage posted: (9th Jan 2012, 04:50 pm)

Hollow posted: (9th Jan 2012, 04:44 pm)

Sausage posted: (9th Jan 2012, 04:04 pm)

Hollow posted: (9th Jan 2012, 02:27 pm)

This wasn't meant to be there. This has now be removed and has nothing to do with elevations. We did implant this a while ago but was supposed to be removed already. We're truly sorry and have updated to 1.4 which has no ''backdoors'' in it. I don't know how sausagefiguredthecodesbuti'llbehappyto let him re-do what he did to check if there may be other backdoors. As i said before i'm truly sorry and this will not happen again. If you people stop trusting EOSource i won't blame you just know that this won't happen again.

Even though we shouldn't have done this (Which is now removed) EOSouce isn't the only thing with a backdoor. SEOSE had a backdoor, still we used it for ages. And what could i do with your passwords? The only private server i play is FE. Again.. sorry this shouldn't have been there.

I did implant this to my own server hollowfication used for password recovery since i am using EOSource on my hollowfication server too. And i have never (None of our staff) have ever used it. Infact we didn't know it was there until sausage posted it. I thought this was addedinmyownserverbutthat's not the case.

Again.. This has nothing to do with elevations. It was me that implanted the command in eosource not him. Also as i said this was an accident.

That doesn't even make any sense. How is a password recovery feature useful at all if it involves the player being logged in with their username and password? Not to mention any password recovery system based on recovering the user's plaintext password is just plain bad.

The only reason I was even looking at EOSource is because of hearing about someone bragging about the backdoor in it. I'll check out 1.4 and update the announcement, but your story doesn't even make sense. We already know elevations is obsessed with grabbing at everyone'spasswordssohecan try use their accounts on other servers/forums (i.e. this one) to troll/harass etc.

Yes i'm sorry about that. It was the right thing that u figured it out. Since the passwords are encrypted you could use the command to get the password. otherwise your password would be something like 9458!@$#@ that's why i used the command. I don't know any other ways of doing thisatm.Unlessaddinga new database column called ''passRecovery'' that shows the unencrypted password. You guys might experience it different, but for me elevations is a very good friend. I don't blame you for hating him but i trust ele.

The goal of password recovery isn't to actually get someone's password. Noone should ever be looking at a copy of the users password, that's why password hashing is the minimal amount of required security for any user database. What the rest of the world does is use an alternativewaytoverify the user's identity (typically, sending them an email with a recovery ID) and then letting them use that to change their password. For the cases where they've lost access to that email you can manually set their passwords still without ever needing to know their original.

Edit: I've added a notice at the top of the announcement about 1.4

Edit 2: I can't believe I almost missed this. Cheers:

I am sure your users love you trying to decide who can and can't use their server.

Ok i must admit that ele shouldn't have done that. Ele did release  the new 1.4 where he probaly added this in. Could you check if the rev i uploaded today shows this fag thing too? And again, again my apologizes sausage. This shit isn't meant to be there especially the Sausage, exile fag thing.