Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
VenomDev7166yWas just quickly reviewing this, and realized I messed up on the first part. Sadly outta the edit time also.
Instead of "He decided to..." it should've been "My friend decided to..." -
C0D4681386yI enjoy those responses when using custom APis 😂
But seriously that’s one secure dB, if it ain’t got records there’s nothing to Leak 😍😅 -
VenomDev7166y@C0D4
Exactly! To be honest, this was most likely his thought process behind this.
@Bitwise
Yep, I didn't understand what was happening. It was dropping server tables and was deleting rows, it looked like it was randomly selecting between dropping the table or deleting the row accessed. But I did notice a trend, if it was player data, it dropped the row. If it server data, it dropped the table. Was an interesting find for sure.
At least the server makes weekly backups, but players would hate a week rollback. -
nzeetee4116yIs this a serious defence mechanism? Start deleting your own database if you get hacked??!
Reminds of a scene in Blade 2.... -
VenomDev7166y@nzeetee I’m hoping when he comes back and I ask him, he responds with it’s a meme. But for now, yea it appears so.
Related Rants
Welp, this made my night and sorta ruined my night at the same time.
He decided to work on a new gaming community but has limited programming knowledge, but has enough to patch and repair minor issues. He's waiting for an old friend of his to come back to start helping him again, so this leads to me. He needed a custom backend made for his server, which required pulling data from an SQL/API and syncing with the server, and he was falling behind pace and asked for my help. He's a good friend that I've known for a while, and I knew it wouldn't take to long to create this, so I decided to help him. Which lead to an interesting find, and sorta made my night.
It wasn't really difficult, got it done within an hour, took some time to test and fix any bugs with his SQL database. But this is where it get's interesting, at least for me. He had roughly a few hundred people that did beta testing of the server, anyways, once the new backend was hooked in and working, I realized that the other developer he works with had created a 'custom' script to make sure there are no leaks of the database. Well, that 'custom' script actually begins wiping rows/tables (Depends on the sub-table, some get wiped row by row, some just get completely dropped), I just couldn't comprehend what had happened, as rows/tables just slowly started disappearing. It took me a while of checking, before checking his SQL query logs (At least the custom script did that properly and logged every query), to realize it just basically wiped the database.
Welp, after that, it began to restrict the API I was using, and due to this it identified the server as foreign access (Since it wasn't using the same key as his plugin, even though I had an API key created just so it could only access ranks and such, to prevent abuse) and begin responding not with denied, but with a lovely "Fuck you hacker!" This really made my night, I don't know why, but I was genuinely laughing pretty hard at this response.
God, I love his developer. Luckily, I had created a backup earlier, so I patched it and just worked around the plugin/API to get it working. (Hopefully, it's not a clusterfuck to read, writing this at 2 am with less than an hour of sleep, bedtime! Goodnight everyone.)
rant
api
dumb dev
sql