Page 3 of 3 FirstFirst 123
Results 25 to 30 of 30

Thread: I got hacked

  1. #25
    Master Sorcerer Bobotov's Avatar
    Join Date
    Feb 2013
    Location
    Florida
    Posts
    1,045

    Default

    Quote Originally Posted by annesizpic View Post
    Then what else it could be? bruteforce or dictionary attacks arent really viable on growtopia since it would take millions of years. Since he has the aap enabled, a keylogger or a random virus shouldnt be able to hack him. It has to be something advanced like a save.dat stealer which is written by some sort of specialist. Plus the database breach you are talking about is not really viable since nearly all the info is probably crypted.Which means there is no use for them (i assume that the aap is enabled)
    Good reply. Perhaps I am wrong about how the password cracking methods I mentioned

    I do recall some Growtopia cheat creators having save.dat stealers(as a type of backdoor programmed in the cheat, Not a feature itself.). I don’t know how they work though. My guess is that they connect to some host and look for the file in the %localappdata% where the file is stored. Maybe I’ll test this when I get home with fiddler or wireshark. This sounds very interesting. Thanks for this!

    I’ve also talked to a private server owner about what he can do. Turns out he can do quite a lot. He can log IP addresses, Mac addresses, and execute files to your computer if he wants to. He Talked to me about how if it’s possible he can force RDP to your computer. I said it may be possible, but the user would have to have Windows enterprise or professional version of Windows, have RDP protocol enabled, and/or port 3389 open. Here’s something I said in a thread related to this.

    Edit: I saw some people talking about the breach who’s had access to it, and it turns out they are in fact able to see what was compromised in the breach.

    I talked to my I.T teacher about all this last week. He said that websites, if they have the feature or if they want, can log MAC address. Same with private servers as well. Honestly, I played a couple one time, and I eventually found out that moderators of them and the owner can log IP addresses and MAC addresses as well, and the owner can execute .exe files or other things to your computer. It’s also very easy to spoof your Mac address as well. I don’t think you even need a program, you can also do it via windows' "change adapter settings." (i think)

    I did also talk with an owner of a private server on all this. We had an interesting conversation about if it's possible that the owner can force RDP (Remote Desktop Protocol) and take control of your computer. I said that it might be possible, but the person has to have windows professional or enterprise versions of windows and have RDP enabled and/or port 3389 open.

    (These are screenshots of Windows defender firewall i took)

    https://i.imgur.com/sqtPUoo.png
    https://i.imgur.com/hmnVbYd.png

    When I found out that people were getting hacked even with AAP on, my main theory was that the person hijacking the account was using a new or old database breach that happened to the forum some time ago, or they’re using brute forcing techniques followed by spoofing their MAC address. (There are most likely other ways that someone can get a mac address of someone else that I don't know about)

    Someone else in this thread already pointed that one out.

    And I found out that they (private server owners and growtopia cheat creators) can also steal certain file as well. Specifically the save.dat file, which contains your username and password and can be easily decrypted.

    (I have a high interest in security and i'm into all this stuff )

    Please do correct me on things if I am wrong.

  2. #26

    Default

    Quote Originally Posted by Bobotov View Post
    Good reply. Perhaps I am wrong about how the password cracking methods I mentioned

    I do recall some Growtopia cheat creators having save.dat stealers(as a type of backdoor programmed in the cheat, Not a feature itself.). I don’t know how they work though. My guess is that they connect to some host and look for the file in the %localappdata% where the file is stored. Maybe I’ll test this when I get home with fiddler or wireshark. This sounds very interesting. Thanks for this!

    I’ve also talked to a private server owner about what he can do. Turns out he can do quite a lot. He can log IP addresses, Mac addresses, and execute files to your computer if he wants to. He Talked to me about how if it’s possible he can force RDP to your computer. I said it may be possible, but the user would have to have Windows enterprise or professional version of Windows, have RDP protocol enabled, and/or port 3389 open. Here’s something I said in a thread related to this.

    Edit: I saw some people talking about the breach who’s had access to it, and it turns out they are in fact able to see what was compromised in the breach.
    I suggest you to reverse engineer up to date stealers that people posts on youtube using a virtual machine. (They most likely are stealers but give it a try) Also even if they saw the database, the email, the date of birth,the password,the username wouldnt be enough if the person has his aap enabled.

  3. #27
    Master Sorcerer Bobotov's Avatar
    Join Date
    Feb 2013
    Location
    Florida
    Posts
    1,045

    Default

    Quote Originally Posted by annesizpic View Post
    I suggest you to reverse engineer up to date stealers that people posts on youtube using a virtual machine. (They most likely are stealers but give it a try) Also even if they saw the database, the email, the date of birth,the password,the username wouldnt be enough if the person has his aap enabled.
    I do not have reverse engineering abilities.
    Last edited by Bobotov; 12-30-2019 at 01:00 AM.

  4. #28
    Master Sorcerer Rimuoi's Avatar
    Join Date
    May 2019
    Location
    Arrivederci
    Posts
    2,877

    Default

    Wow so many pep got hack

  5. #29
    Lesser Wizard
    Join Date
    Jul 2018
    Location
    Philippines
    Posts
    144

    Default

    I just want to put an update. Before requesting for this thread to be closed again.

    So basically, my account issue isn't solved yet, but my brother just saw my account being used and even did a super broadcast.

    Once again, I would like to request for an authority to close this thread and also hoping to get answers why the hacker can still use my account.
    GrowID: ProdigyDawn
    IG: @prodigydawn

  6. #30
    Lesser Wizard
    Join Date
    Sep 2016
    Posts
    100

    Default

    so you're saying that in two weeks you're still missing a response from GT support?
    ***?

Bookmarks

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •