Learn More
Resend Email
11
VenomDev
6y

Welp, this made my night and sorta ruined my night at the same time.

He decided to work on a new gaming community but has limited programming knowledge, but has enough to patch and repair minor issues. He's waiting for an old friend of his to come back to start helping him again, so this leads to me. He needed a custom backend made for his server, which required pulling data from an SQL/API and syncing with the server, and he was falling behind pace and asked for my help. He's a good friend that I've known for a while, and I knew it wouldn't take to long to create this, so I decided to help him. Which lead to an interesting find, and sorta made my night.

It wasn't really difficult, got it done within an hour, took some time to test and fix any bugs with his SQL database. But this is where it get's interesting, at least for me. He had roughly a few hundred people that did beta testing of the server, anyways, once the new backend was hooked in and working, I realized that the other developer he works with had created a 'custom' script to make sure there are no leaks of the database. Well, that 'custom' script actually begins wiping rows/tables (Depends on the sub-table, some get wiped row by row, some just get completely dropped), I just couldn't comprehend what had happened, as rows/tables just slowly started disappearing. It took me a while of checking, before checking his SQL query logs (At least the custom script did that properly and logged every query), to realize it just basically wiped the database.

Welp, after that, it began to restrict the API I was using, and due to this it identified the server as foreign access (Since it wasn't using the same key as his plugin, even though I had an API key created just so it could only access ranks and such, to prevent abuse) and begin responding not with denied, but with a lovely "Fuck you hacker!" This really made my night, I don't know why, but I was genuinely laughing pretty hard at this response.

God, I love his developer. Luckily, I had created a backup earlier, so I patched it and just worked around the plugin/API to get it working. (Hopefully, it's not a clusterfuck to read, writing this at 2 am with less than an hour of sleep, bedtime! Goodnight everyone.)

rant

api

dumb dev

sql
Favorite
Ranter
Comments
  • 2
    6y
    Was just quickly reviewing this, and realized I messed up on the first part. Sadly outta the edit time also.

    Instead of "He decided to..." it should've been "My friend decided to..."
  • 4
    6y
    I enjoy those responses when using custom APis 😂

    But seriously that’s one secure dB, if it ain’t got records there’s nothing to Leak 😍😅
  • 2
    6y
    @C0D4

    Exactly! To be honest, this was most likely his thought process behind this.

    @Bitwise

    Yep, I didn't understand what was happening. It was dropping server tables and was deleting rows, it looked like it was randomly selecting between dropping the table or deleting the row accessed. But I did notice a trend, if it was player data, it dropped the row. If it server data, it dropped the table. Was an interesting find for sure.

    At least the server makes weekly backups, but players would hate a week rollback.
  • 1
    6y
    Is this a serious defence mechanism? Start deleting your own database if you get hacked??!

    Reminds of a scene in Blade 2....
  • 0
    6y
    @nzeetee I’m hoping when he comes back and I ask him, he responds with it’s a meme. But for now, yea it appears so.
  • 1
    6y
    @RickyBGamez I'm going to be recommending this to all my clients....
  • 0
    6y
    @nzeetee Oh god 😂 They’ll love it!
Related Rants
devRant © 2021 Hexical Labs LLC
Privacy Policy  |  Terms of Service
Add Comment