RingSec Shield

[AsiaGenius]

Help us improve our project. Contribute to our project!

Test, find problems, create issues in our repository (github)... Let's make a good shield!

License: Free
Emulator: rAthena, bRathena, Herc, eAmod, rAmod and other
Hexed: 2013 until the most recent (2016)
Technology: C# / C++ / Pascal

Features

Security Options
Multiple Heuristic Methods
Sandboxing Method
Signature Method
Threat Method
Packet Encryption
Cyclic Redundancy

Administrative Options.
Hack Logs
Feed and Updates
HWID Options
Panel Admin and Tools

1 - An extensive database constantly updated.
2 - All bug report and all reporting hack are processed and archived.
3 - We are free. Help us to become better.

 

If you need help, check me out at DiscordApp.

[@Secrets] Links removed

Thanks and Enjoy.

Edited February 15, 2017 by Secrets

[Jezu]

This is really awesome. A shield just like Gepard and it's totally FREE!. Nice one bruh!  +1 rep

[Zell]

Oh, I will try this one. Thanks! +1

[Haziel]

Hello @AsiaGenius.
A nice project you have there.

I would love to see a test of it against the well known cheating softwares of RO.
The best of luck!

[GHul]

Looking forward for this project and good luck !!

[Darknessfmy]

Wooow!!!! good proyect!!!!

You have very future

[Dev Blaze]

Thanks I will try Awesome anti cheat 

[Dissidia]

Thank you so much for this <3

[Hnomkeng]

support all client ?

[Rynbef]

"Hexed: 2013 until the most recent (2016)"

 

Rynbef~

[shatowolf]

NICE, gonna test this, and will update you mate.

[AsiaGenius]

Thanks! 

[shankar00]

hello can you make any guide video? 

@AsiaGenius and Thanks for this awesome project.

Got it on git thanks...

Edited December 27, 2016 by shankar00

[Jezu]

Any live server using this? I'm applying this to my server but I wanted to make a test with some 3PP. Thanks!

[Fily]

Any news about this project?

[Christopher Freitas]

very nice !!!!

[Klutz]

I can't seems to add the dll to the client and make it work.

I tried to add it from Nemo and also using LordPe.

But the client won't start after i add the dll it just crash.

 

[Zigara]

I would recommend staying away from this "shield".

• The only server change is a custom login packet that includes your hardware id + mac + a static key. There is no packet encryption or server-side logging.
• They are distributing a pirated copy of exe/dll packing software (Molebox) https://github.com/AsiaGenius/ring-0/tree/master/Tools/MoleBox (portable)/INSTALL LICENSE
• The client dll connects to their web server to verify everything, if their web server is down; you won't be able to use your client.
• Their website / report server is vulnerable to SQL injection, there is 0 input validation.
• ... etc

If they can't do basic input validation on their web server, I really doubt they're capable of doing advanced cheat detection, or delivering many of the features they claim to support.

 

Here is a snippet from the report server (http://guard.ringsec.net/) after passing a bit of invalid data. You could compromise all of their accounts / data / etc, and based on the register form showing the password in plaintext; I highly doubt they actually hash your account passwords.

Quote

Error: INSERT INTO logs (hwid, date, cod, descript, ip) VALUES ('wat', 'Monday 13th of February 2017 11:56:25 PM', 'wat', 'wat', '' OR 1=1 --')
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '')' at line 1

 

Please stay far away from this software until they resolve all of these issues. Do not use it in production.

[Klutz]

We need feedback regarding Zigara post as soon as possible!

[Hijirikawa]

Took a look at their reset.php from their repo link~

There is no sign of any prepared statements or any input validation. Basically this certain function on their website is a vulnerability.

Whatever query you input doesnt get cleaned out, going directly into the server and is very dangerous.

I don't have the best PHP knowledge, but I know a vulnerable script when I see one.

The solution would have been quite easy and having prepared statements could have made it a lot harder to hack.

Unless they give provide a solution to this issue, I highly suggest not to use their services until they secure their files. As Zigara has expressed, he can help in fixing this so I hope they will do something.

P.S: I'm not sure if they closed down their Discord channel, because it has disappeared from my joined channels.

[Zigara]

I did a bit more digging around, and I can confirm; ringsec.net stores all passwords in plain text.

If you signed up at ringsec.net using a password you've used for other services; change all your passwords NOW!

[Secrets]

Dear rAthena users who may have used this so-called hackshield,

It has become known that the site of this hackshield has a major security vulnerability that allows malicious attacker to read and/or change
the data on its database. In addition, the creator of this hackshield, who should have been someone with knowledge in field of computer security,
should know that passwords should not be stored in plain-text. Yet, your passwords are stored as plain-text in ringsec.net.

We don't have any evidence that the data has been leaked, although if you use the same password as the one you used on RingSec somewhere else, change your password now!

As a side note, rAthena does not encourage or support any attacking attempt at a third party site.

Regards,

Secret.