Hello,

The toplist issue with the hacking has been resolved. It turned out to be a simple SQL injection and it has been solved with one simple rule I forgot when remaking the toplist in a hurry (yeah, it's a shame).

Anyway, Pie and I have done some research.
The applet on the link (the IP address) turns out to be downloading a file callled Update.exe and afterwards execute it.
It's seems to be some kind of server (maybe a gaming server or something?) because the rest of the Java applet seems to be handling maps.

I have contacted the host of the file and the provider already.
You'll probably hear from me about this next week.

good job, iki, and pie.
i love pie.

Good job, can't blame yourself to be honest.
and Pie` is a legend. Seen a lot of his PHP work etc. <3

good job thanks !

Hey, ik had je nog offline bericht gestuurd daarover.
Kom zo even op msn dan.

Gr Daniël

Hey, ik had je nog offline bericht gestuurd daarover.
Kom zo even op msn dan.

Gr Daniël

This is an English speaking community. I'm going to sleep now.

Oh and an update on the situation; the website hosting the game server files has been suspended by their host. Next step is datacenter my , I'll see what I do.
Whoever this kid is, he messed with the wrong person.

Runelocus isn't the only site facing this, it's pretty much a patern because some Real Time Shooter game was also infected and the source was pretty much proving it's a patern kinda thing.

In case the kid reads this: Nice try, next time try getting rid of my domlogs first. Your injection URLs were too easy to find. I lold pretty hard when I tricked you into my "Something is wrong with your login" error msg/code and you kept re-trying (a.k.a. ruining your cover).
Have fun in life, just don't waste any more time because life is short,

It looks like it was done by a bunch of people, it was released on a public forum, including a list of all the passes. Maybe that was just one person who saw it?

This is an English speaking community. I'm going to sleep now.

Oh and an update on the situation; the website hosting the game server files has been suspended by their host. Next step is datacenter my , I'll see what I do.
Whoever this kid is, he messed with the wrong person.

Runelocus isn't the only site facing this, it's pretty much a patern because some Real Time Shooter game was also infected and the source was pretty much proving it's a patern kinda thing.

In case the kid reads this: Nice try, next time try getting rid of my domlogs first. Your injection URLs were too easy to find. I lold pretty hard when I tricked you into my "Something is wrong with your login" error msg/code and you kept re-trying (a.k.a. ruining your cover).
Have fun in life, just don't waste any more time because life is short,

lmfao at the last part. he fell for it?
if your reading this; FAG FUCK YOU

lmfao at the last part. he fell for it?
if your reading this; FAG FUCK YOU

if he swears it will look like he wants more, and then he will not stop but if he sends a serious text that makes him a bit scared, I think that he will not do any more, he pick the wrong person anyway.

well i know he wont do anything more beacuse he cant! :D<3

by the way, thank you ikiliki for fixed this :)

Don't look fixed to me? Still porn adverts + kids email.

I honestly think it was that one guy who was bitching about being banned/reset on the toplist for cheating. The server sites that we're hacked, we're oddly enough the ones who he tried to bring down.

Don't look fixed to me? Still porn adverts + kids email.

I honestly think it was that one guy who was bitching about being banned/reset on the toplist for cheating. The server sites that we're hacked, we're oddly enough the ones who he tried to bring down.

That's what everyone assumed at first, but this was all done my MySQL injections. I don't think he has the knowledge or the tools to do so, Unless he became a skiddie. Nobody knows who it is until Iki searches further into this.

That's what everyone assumed at first, but this was all done my MySQL injections. I don't think he has the knowledge or the tools to do so, Unless he became a skiddie. Nobody knows who it is until Iki searches further into this.

he can catch him easy, hes ip adress is writed, and he can check if the ip adress is member of runelocus and he can check where he lives and do really much with it.

he can catch him easy, hes ip adress is writed, and he can check if the ip adress is member of runelocus and he can check where he lives and do really much with it.

He can't get his address from a IP unless the ISP is contacted, Only government etc can track the exact location of an IP. Otherwise Pedo's would rule the webs. Lol

Either way, my server isnt affected so im happy so far LOL

Good job Iki, and everyone else who helped in this.
Looking forward to hearing further into this.

Good job Iki, and everyone else who helped in this.
Looking forward to hearing further into this.
Still happening, not fixed yet LOL kids messing around with top 20 servers.

Uh, How is this resolved, Look at the toplist..

Good jobs guys!

Uh, How is this resolved, Look at the toplist..

you noob, your late.
he posted this when he did fix it, but they got it again.

He easily could use a proxy. Hell- I can connect from my neighbors net, and my IP gets reassigned to one that actually lists to their home/IP.

(Cause everyone behind the router has the same one.)

Ikiliki, I have a lot of information on who did it, and I personally have a copy of the Toplist database from the person. I do not plan on doing anything with it, however, I advise everyone change their emails, and passwords for the toplist, since that's what the database shows. The SQL injections only took place once, as far as I'm concerned, unless there is another person doing it. If you would like to speak to me about it, please PM me. I will not be releasing any information publicly, I will only tell Ikiliki if he wishes to PM me.

lulz another one, I'll take a look.
Glad it's the end of the month anyway.

Edit:
No SQL injections. It's just obvious he has either a backup or just many passwords of important servers.
It's almost the end of the month, so I'll just do an early toplist reset. The big servers should re-add, WITH A NEW PASSWORD.

Ummm... That's not all. Only the registered members can see the link.

I got this in a email that came from here. It has everything about the website old users and password. It's alot and messed up.

Ummm... That's not all. Only the registered members can see the link.

I got this in a email that came from here. It has everything about the website old users and password. It's alot and messed up.

It has a virus.. I loaded the java, my antivirus(Kasperski, detected it right away..) running a full scan over night though.

Edit, if you look.. The homepage is fake. It's not real java, and it redirects you to index2.html.

it has a virus.. I loaded the java, my antivirus(kasperski, detected it right away..) running a full scan over night though.

Edit, if you look.. The homepage is fake. It's not real java, and it redirects you to index2.html.


do not click on the run! Its a rat,

do not click on the run! Its a rat,

A rat?

A rat?

its a virus as i got when i runned frostiescape client he can se your screen, passwords evrything he took my email, paypal, evrything, but the police catched him after he took the paypal so i sue him for like 987 or it was 879 dont remember usd.

its a virus as i got when i runned frostiescape client he can se your screen, passwords evrything he took my email, paypal, evrything, but the police catched him after he took the paypal so i sue him for like 987 or it was 879 dont remember usd.

Ouch, because I ran it O.o, but my virus scanner caught it?

Everyone just report the website and don't go to it.

Ouch, because I ran it O.o, but my virus scanner caught it?

dont really know, hope you didnt get the rat. check your computer files now and search if you find something you downloaded.

dont really know, hope you didnt get the rat. check your computer files now and search if you find something you downloaded.

Were should I look?
P.S. My scanner found something in temp internet files.

Full Scan: running (events: 3, objects: 187427, time: 00:20:29)
6/26/2010 1:08:16 AM Detected: Trojan-Downloader.VBS.Psyme.rn C:\Documents and Settings\Josh\AppData\Local\Temp\winconfig.vbs
6/26/2010 1:08:23 AM Deleted: Trojan-Downloader.VBS.Psyme.rn C:\Documents and Settings\Josh\AppData\Local\Temp\winconfig.vbs

ohman33@live.com


I sold him my injecting tools, he said he was the one doing it and to "look at" runelocus about 2 seconds before it went down.

Have fun,

His phone number is
443-307-6283
John


Most dox I could pull on him, enjoy.

A Free scooter for Ikiliki and Pie`.

Nice job.

Thanks for fixing the Issue !

Thanks for fixing the Issue !

it's not fixed yet.

The nightmare is not over yet and also if you use same pass as toplist i suggest changing immediately.

My server has been deleted from the toplist. I had over 350 votes. whats going to happen....

Good job iki.

It is really funny hwo you left a SQL injection vulnerability, here it is if you want to fix it: Only the registered members can see the link.
And not saving passwords like a MD% hash is quite stupid, you really think this just goes to your website?
People in the internet are stupid enough to use the same password for everything, I have email addresses, I have their passwords, I can even go ahead and go into their websites and hack them.

And Forthelolz, I have your IP, I will not rest until I have searched for every single 3rd party vulnerability, until every single meterpreter session hijacking is tested, I will MSN reverse your email, I will hack every single thing you own on the internet.

It is really funny hwo you left a SQL injection vulnerability, here it is if you want to fix it: Only the registered members can see the link.
And not saving passwords like a MD% hash is quite stupid, you really think this just goes to your website?
People in the internet are stupid enough to use the same password for everything, I have email addresses, I have their passwords, I can even go ahead and go into their websites and hack them.

And Forthelolz, I have your IP, I will not rest until I have searched for every single 3rd party vulnerability, until every single meterpreter session hijacking is tested, I will MSN reverse your email, I will hack every single thing you own on the internet.

Someone really has a rage-quit going on don't they?

It is really funny hwo you left a SQL injection vulnerability, here it is if you want to fix it: Only the registered members can see the link.
And not saving passwords like a MD% hash is quite stupid, you really think this just goes to your website?
People in the internet are stupid enough to use the same password for everything, I have email addresses, I have their passwords, I can even go ahead and go into their websites and hack them.

And Forthelolz, I have your IP, I will not rest until I have searched for every single 3rd party vulnerability, until every single meterpreter session hijacking is tested, I will MSN reverse your email, I will hack every single thing you own on the internet.

You Mofo i know its you who did it . Only the registered members can see the link. its all there XD

It is really funny hwo you left a SQL injection vulnerability, here it is if you want to fix it: Only the registered members can see the link.
And not saving passwords like a MD% hash is quite stupid, you really think this just goes to your website?
People in the internet are stupid enough to use the same password for everything, I have email addresses, I have their passwords, I can even go ahead and go into their websites and hack them.

And Forthelolz, I have your IP, I will not rest until I have searched for every single 3rd party vulnerability, until every single meterpreter session hijacking is tested, I will MSN reverse your email, I will hack every single thing you own on the internet.

you're pointless, as you know now as you have posted this you ip is writed, be careful on the internet idiot, dont do shit you dont know what is gonna happen in the future. only 1 thing to say.

Good Game.

It is really funny hwo you left a SQL injection vulnerability, here it is if you want to fix it: Only the registered members can see the link.
And not saving passwords like a MD% hash is quite stupid, you really think this just goes to your website?
People in the internet are stupid enough to use the same password for everything, I have email addresses, I have their passwords, I can even go ahead and go into their websites and hack them.

And Forthelolz, I have your IP, I will not rest until I have searched for every single 3rd party vulnerability, until every single meterpreter session hijacking is tested, I will MSN reverse your email, I will hack every single thing you own on the internet.

i lold so hard, fail hacker is fail.

you're pointless, as you know now as you have posted this you ip is writed, be careful on the internet idiot, dont do shit you dont know what is gonna happen in the future. only 1 thing to say.

Good Game.

He wouldn't of left his IP. He would of used a proxy or a VPN. He has some common sense. Lol

He wouldn't of left his IP. He would of used a proxy or a VPN. He has some common sense. Lol

No, I was speaking with a friend of mine that was helping marc with the problem.
He uses a dynamic Ip.

No, I was speaking with a friend of mine that was helping marc with the problem.
He uses a dynamic Ip.

ffs :/ oh well, its not impussible catch him.

He used a proxy to make that post.

He used a proxy to make that post.

damn, but hes ip adress is writed on quatrax website if we just ask a staff from there to give us or whatever?

Every single packet sent by my network is encrypted by a 512 byte algorythm and then send to a VPS to which I connect via SSL, my hard drives are encrypted on a 256bit encryption, I can delete everything on them with one click.
You are not going t catch me, my signal bounces to South America, USA, Africa and Russia

My IP at QuarterX has always been a proxied IP from some South American country

Every single packet sent by my network is encrypted by a 512 byte algorythm and then send to a VPS to which I connect via SSL, my hard drives are encrypted on a 256bit encryption, I can delete everything on them with one click.
You are not going t catch me, my signal bounces to South America, USA, Africa and Russia

lol, i swear you cant remove evrything..

What has runelocus done to you?

What has runelocus done to you?

a really good question you asked now.

He reminds me of this movie I saw ages ago, Forgot what it was called, Thing it was Kill with me or something, signal bouncing. Wonder which group he's a part of.

It is really funny hwo you left a SQL injection vulnerability, here it is if you want to fix it: Only the registered members can see the link.
And not saving passwords like a MD% hash is quite stupid, you really think this just goes to your website?
People in the internet are stupid enough to use the same password for everything, I have email addresses, I have their passwords, I can even go ahead and go into their websites and hack them.

And Forthelolz, I have your IP, I will not rest until I have searched for every single 3rd party vulnerability, until every single meterpreter session hijacking is tested, I will MSN reverse your email, I will hack every single thing you own on the internet.
I had to remake the toplist in a hurry, wasn't bothered encrypting and obviously left a simple part as injectable.

The accounts of servers on RuneLocus are safe. I'm not responsible if they use the emails for other things. I have told them to use other passwords, I can't be blamed if they ignore that.

Anyway, I can't blame you but only myself. You actually reminded me.

He reminds me of this movie I saw ages ago, Forgot what it was called, Thing it was Kill with me or something, signal bouncing. Wonder which group he's a part of.

he is a wanna be hacker who is a new hacker who learned couple mysql injections big deal everyone acting like he is someone he just found a glitch and abused it.

he is a wanna be hacker who is a new hacker who learned couple mysql injections big deal everyone acting like he is someone he just found a glitch and abused it.

I'm not sure so sure if he's a 'wannabe' hacker but to me, he did alot, but I'm not sure if he really did or not:O

Every single packet sent by my network is encrypted by a 512 byte algorythm and then send to a VPS to which I connect via SSL, my hard drives are encrypted on a 256bit encryption, I can delete everything on them with one click.
You are not going t catch me, my signal bounces to South America, USA, Africa and Russia

Did google teach you all that?

Did google teach you all that?

fucking clean comment.

Ahahaha, I am a wannabe hacker?
You know very little about me, I would love to hack you but I do not have the time to deal with 8 years old that do not know what hacking actually is.
The whole point of hacking is finding flaws in the system and abusing them.

Ahahaha, I am a wannabe hacker?
You know very little about me, I would love to hack you but I do not have the time to deal with 8 years old that do not know what hacking actually is.
The whole point of hacking is finding flaws in the system and abusing them.

are you proud?

Servers are going to start falling. 1 by 1.

Servers are going to start falling. 1 by 1.

what about servers that do not use the toplist?

BTW Pedo shut the hell up you sound like such a fag.

what about servers that do not use the toplist?

Owned...He can't do shit about those.

Well, with this over 700 sites list should be enough for me

Servers are going to start falling. 1 by 1.

I have a feeling you use the name Eduardo from the film V For Vendetta? The face of anonymous; well, put it this way; you're much different to the usual 'hackers' who visit such as H0rn, TX, etc.. I've got a d0x on H0rn actually, quite big. But meh. If you're so advanced why are you using the skiddie method's? i.e. MySql Injections, RATs. I would think someone of you're "intelligence" would be able to expand to more advanced area's.

Well, with this over 700 sites list should be enough for me

oh ok. do you play a p server?

Servers are going to start falling. 1 by 1.

It's funny how you think you can hack runelocus. There was 1 flaw in the system and now it's fixed. And at the moment your just bragging how much your going to hack runelocus and i haven't seen nothing happen. So stop bragging about how much you can hack when it probly wasen't even you who did the sql injection.

RAT? are you kidding me? I would never use a RAT, well it is not my fault that such a stupid vulnerability was left open. I was searching for fuzz LFI vulnerabilities when I found it. Was also looking into creating meterpreter sessions with the host, but I could not get into the kernel of the server to be able to root the site.

RAT? are you kidding me? I would never use a RAT, well it is not my fault that such a stupid vulnerability was left open. I was searching for fuzz LFI vulnerabilities when I found it. Was also looking into creating meterpreter sessions with the host, but I could not get into the kernel of the server to be able to root the site.

Ahh, someone mentioned RAT before; also I think I found you're rltoplist.txt logs. :)

And how do we know this isn't fake? Just stop posting and leave runelocus and carry on "Hacking" with a basic sql injection. You realy need to grow up. NO ONE HERE CARES IF YOU CAN HACK

It's not fake, I've found the entire log list.

Yes, I have published the backup in several places

Yes, I have published the backup in several places

You must feel very proud that you know how to Sql inject. A 9 year old kid can research it and do it within 24 hours.

This thread is out of hand.