Hacking Game Servers with The1Domo

 




Hi, this is a 2014 an exploit called heart bleed was just released. 


I'm in a TeamSpeak 3 server hanging out with a couple of my friends, and then we read about heart bleed being released, and then we found out that you could use it on git repositories to scrape the buffer to get the usernames and passwords of people who have logged in that day.


So we're just going through an attacking random get repositories, but then we get the random hair up our asses. We say we should try it on the dayZ Repository. Bada bing, bada boom, we do a little bit of reconnaissance on Bohemia Interactive Studio. After we Brute Forced seen subdomains, we found a list of subdomains, one of which hosted their git, and in there we find the source code to dayZ.


We then proceeded to use heartly to scrape the buffer for the login credentials.

Then we were inside of the get repository for Bohemia, and in there we fou
nd the source code to dayZ. Arma 1, 2, and 3, and attack on helicopter simulator. Then, I proceeded to back everything up and then went to brag about it on IRC.



Here is an article from the hack.

https://segmentnext.com/report-dayz-source-code-allegedly-hands-hackers/

https://www.ownedcore.com/forums/fps/dayz/476335-dayz-source-code-sale.html

https://forum.ragezone.com/threads/release-dayz-sa-full-source-code.1216036/

https://x.com/UnKnoWnCheaTs/status/466683896051273728

https://www.unknowncheats.me/forum/downloads.php?do=file&id=11665

https://forum.ragezone.com/community/dayz.862/

https://forum.ragezone.com/threads/release-arma-i-ii-iii-full-source-code.1216037/


They got so much information wrong in their report, but also that's because in IRC I claimed it was from an FTP exploit, lol. 




So then, I proceeded to dump all of the Arma 1, 2, and 3 source code onto a game site called RageZone and unknowncheats, lol.  I found a lot of stuff in that get repository which I released publicly, which led to someone else hacking with tand, then doing sheisty things with the band log which was hilarious. He SSH keys that I released in the git repositories, which led to other people getting into the battleeye servers.

and then doing sheisty things with the band log which was hilarious!


- the1Domo

Comments

Popular Posts