Silkroad Online Forums

Welcome to the 6th revolution Server Statistics

(November 27, 2007)
[Silkroad Exploit confirmed]
Yes it's possible to hack with just an Account name. So, there are a group of steps that make possible to change the password of one account with just an Account name. Joymax website is not safe. Is not simple and I will not say how it is. I just know the the bug, I know who find it, but I am not toilet.

carhartt

This morning, I have personaly received an email claiming that the exploit was true. I denied it and claimed he was lying. He requested me to give him an account name, I gave him the account name sexpro the old password was 123456, he changed the password to channel at 11h30AM GMT-5.

Please request Joymax to investigate that account at this time and to figure out how the password was modified if they claim such a thing can't be possible.

I would believe that Joymax will do a rollback on Tibet and probably a few other server depending on where the people are complaining.
Please make sure to ask then to investigate this as soon as possible.


<copied from http://www.rev6.com>

rollback Olympus, than my friend gets back his account, i havent done much in the last month, so go nuts and do a rollback

if u have a registered email, u cant get hacked, unless they know it, so idk why poeple would be giving thier id's and emails to someone, unless they really trusted them

Do a rollback on Olympus do one on every server.

Think of the people on Venus.

umm, you can still have ur account stolen, with only the id, they can change ur pw, and also force a new email verification request and voila, ur account is really gone, no chance for getting it back unless you can hack it back

also, if a rollback does happen, do we get silk refunds for that time frame, and ya, sux for Venus, all back to lvl 1

you cant change your pw unless u put in the registered email., and you cant change the email unless u know that pw

they should email the people the time of roll back so few people actually know about it and what if someone found and seal of sun he probably be mad they got to think about that ass well hell i be pissed if i found an sos because i haven't found any in 7 months

they have been informed about it and they said it is not their fault (personally heard the live phone conversation with certain GM ) , they will 99% do nothing about it as before.
the exploit is there , they are looking at bug forums on their site and constantly deleting any post related to the subject. they DO NOT WANT to fix it. period.

The exploit is real and for those of you who have been around for a while it is the same exploit as before. After september joymax started removing security measures to reduce bandwith usage. They unpatched said exploit 2 weeks ago.

So those of you who have that certain program laying around. Your time for cyber-terrorism has returned.

~Naigasaki
[former sinless-fury member]

Nader, obviously this is a little more complicated than just changing the password normally....

Seems as though the next few weeks of SRO is going to be risky business x)

You are usually good about this.

http://www.silkroadforums.com/viewtopic.php?t=68808

And also more details can be found out at rev6.com

lol. silkroads gone to hell, but venus pwns

i feel sad for all the hacked, but a rollback would pwn my venus guild / friends. rollback 2 weeks and we done exist anymore

Well, as long as they don't roll back greece.....


seems as if it has nothing to do with keyloggers and such, but just through a known acct name. So if you bought your acct, you're fk'd cause it can be taken back...


thank god i have an extremely random ID

doesnt matter, they use packet sniffers to get ur id, probably through partying, stalling, possibly even walking past you in town, they all might result in you sending ur id to them via the game

shit.