Amazing Collection of online role playing games for your website!

Free Registration!

Home
Play Games
Discussion
Categories

Badges
Categories
Forums
Latest Discussion

General Gaming

854 Hits 0 Votes 0 Replies

Jack M.

General Gaming Discussion

Posted on Wednesday, 17 December 2025

What are you playing lately? Give me some recommendations before I keep playing the same two games for the rest of my life.
Downloads
Categories

All Categories
All Downloads
Most Rated Game Downloads

(25 votes)

#1

Crusades Age 0.001

2008 122

(15 votes)

#2

Civilization - Age o...

2009 132

(12 votes)

#3

Backyard Boxin

2008 124

(11 votes)

#4

Dirty Life

2003 121
Notes

RPG 2 Kill

HOT

Only registered and logged in users can download this file.

Rating

(0 votes)

Technical Details

Filename rpg_2_kill.zip

Size 4.65 MB

Downloads 94

Author Unknown

Created 2008-12-31

Changed 2025-12-16

Price $0.00

2 Kill

2 KILL is a feature-packed Dutch-language crime RPG where you rise from street hustler to underworld kingpin. Commit daring crimes, steal and race cars, deal drugs, and gamble across multiple casino games—then expand into businesses, stocks, and land to build your criminal empire. Team up in clans for coordinated warfare, shared banks, garages, and upgrades.

A massive content set powers every corner of play: court and prison systems, missions, training and sports, marriage and social features, VIP monetization, and banner-driven events. It’s an ambitious, richly interactive mafia world designed to keep players battling, scheming, and climbing the ranks.

File Verification

MD5 Checksum

3f0eaf3daed9103ecca770ec3dc6849b

SHA1 Checksum

d02872c187e72b618e41ad7db3aca004bce5917b

2 KILL - Dutch Language Crime/Mafia Game - Game Analysis Report

1. IDENTITY & METADATA

Name: 2 KILL (also: 2Kill.NL)

Tagline: "Can u handle it?"

Genre: Crime/Mafia text-based browser game

Type: Web-based multiplayer crime simulator

Developer: TONY (creator/owner)

Language: Dutch (Nederlands)

Website: www.2KILL.nl (defunct), www.voetbalgevecht.com (alternate domain)

Copyright: © 2KILL.NL MADE BY TONY!

Based On: "War of the Worlds" (referenced in handboek.php)

Date: April 4, 2007 (Beta version per home page news)

Active Development: ~2006-2007

Status: Beta version when archived

CRITICAL SECURITY BREACH - EXPOSED CREDENTIALS!

Database user: jordy
Database password: 951357x12x
Database name: jordy

Game Concept: Dutch language crime game where players commit crimes, deal drugs, steal cars, gamble in casinos, and fight other criminals. Players can recruit friends and strangers to fight for them in clan wars.

2. CODEBASE STATISTICS

File Composition

Massive Codebase: At 29,417 lines of PHP, this is the 4th largest codebase in the entire collection, with 649 total files including extensive graphics (407 images + 5 Flash files).

216 PHP files (29,417 total lines) - MASSIVE CODEBASE (4th largest!)
291 GIF files (2,181 KB) - Extensive graphics
94 JPG files (1,690 KB)
13 PNG files (75 KB)
11 CSS files (35 KB) - Multiple themes
9 BMP files (1,143 KB)
5 SWF files (102 KB) - Flash content!
4 TXT files (92 KB)
2 URL files (0.22 KB)
1 HTML file (7 KB)
1 HTM file (0.27 KB)
1 CUR file (2 KB) - Custom cursor
1 no-extension file (35 KB) - db.txt
Total: 649 files

Code Metrics

29,417 PHP lines ranks as:

4th largest codebase in collection after:
Orodin (107K lines)
MCCodes v2.0 (67K lines)
(Unknown 40-50K range games)
3.9x larger than Promisance Enhanced (8.3K)
3.9x larger than Promisance v4.3 (7.5K)

Largest/Notable PHP Files

Admin files (17 admin-*.php):

admin-basic.php
admin-clanown.php
admin-dubbel.php (double account detection)
admin-geld.php (money admin)
admin-link.php
admin-msg.php
admin-poll.php
admin-power.php
admin-profiel.php
admin-rechtbank.php (court system)
admin-search.php
admin-spelers.php (players)
admin-userinfo.php
admin-vip.php
admin.php
adminstats.php
adminmail.php

Crime files:

misdaden.php (crimes)
orgcrime.php (organized crime)
zakkenrollen.php (pickpocketing)
auto_stelen.php, auto_stelen2.php (car theft)
bankoverval.php (bank robbery)
overval.php (robbery)
kraak.php (breaking/cracking)
moord.php (murder)
vermoorden.php (killing)
gijzelen.php (kidnapping)
breek-uit.php (break out)

Gambling files:

casino.php
roulette.php (by wavoe v1.4)
lottery.php, lotery.php, lotto.php (3 versions!)
daily_lottery.php
getallenspel.php (number game)
getallenspelstats.php
nummerspel.php (number game v2?)
nummerspelstats.php
hogerlager.php (higher/lower)
kopofmunt.php (heads or tails)

Drug files:

drugs.php
drugsnew.php
dealen.php (dealing)
djoint.php (joint - marijuana)
djointmaken.php (make joint)
djointverkoopen.php (sell joint)

Car files:

autos.php (cars)
automarkt.php (car market)
autoopties.php (car options)
autorace.php (car racing)
garage.php
carsel.php

Clan files:

clan.php, clan1.php, clan2.php
clanbank.php
clanbezit.php (clan property)
clandonate.php
clanhq.php, clanhq2.php
clanlog.php, clanlogs.php
clanmail.php
clanmsg.php
clanprofile.php
clanshop.php (7 shop variants!)
clanstats.php
clanwar.php
clan-bezitting.php
clan-garage.php
clan-misdaad.php

Economic files:

bank.php
beurs.php (stock market)
bedrijven.php (businesses)
aandelen.php (stocks/shares)
markt.php (market)
shop.php
koop.php (buy)

VIP/Premium files:

betaald.php, betaald1.php through betaald10.php (11 paid feature files!)

Other systems:

gevangenis.php, gevangenis1.php, jail.php (prison)
training.php, training1.php, training2.php
huwelijk.php, marriage.php (marriage)
sport.php
werken.php (working)
escort.php
missie.php (missions)
bannermissie.php (banner mission)
singlejob.php
click.php, clicksbuy.php
ticket.php, ticketadmin.php

Database Schema (db.sql.txt, 1,102 lines)

Core tables:

Verbannen - Banned IPs
[auto] - Cars (id, soort, schade, owner, land, fast, verkoop, tekoop, waarde)
[beurs] - Stock market (id, beurstijd, waarde, positie)
[casino] - Casinos (spel, land, tijd, vw, maximum, owner, bank, code)
[clanban] - Clan bans
[clans] - Clans (extensive 30+ columns)
[cron] - Cron jobs (hour, day, week, month)

Clan table columns (30+):

name, owner, started, type, info, clicks, clickstoday, cash, bank,
bankleft, bankmax, attwins, attlosses, defwins, deflosses, land,
homes, money_lvl1/2/3, def_lvl1/2/3, IPs, afbeelding, veiling,
pimp, kleur, pimpkleur, autosnu, maxautos, maxkogels, crush,
clanmisdaad

3. CORE ARCHITECTURE

Entry Point (index.php, 572 lines)

login}'");

Features:

Cookie validation on every page load
24-hour cookie expiration
Updates online status
JavaScript clock (Dutch months/days)
Error suppression: window.onerror = blockError;
Custom cursor (cursor.cur)
Multiple CSS themes (css-v1.css, css-v2.css, css-v4.css, css-grey.css)
Default status: 'Welkom op The World Is Yours'

Footer:

Configuration (_include-config.php, 220 lines)

/ Global Settings /
$title  = Voetbalgevecht;  // Soccer fight?
$url    = www.voetbalgevecht.com;
include("ubb.inc.php");  // UBB code parsing
if(!(@mysql_connect("localhost","database","pass") && @mysql_select_db("database"))) {
print <<
Wij hebben momenteel een database probleem wij zullen dit zo snel mogelijk oplossen Mvg 2KILL.NL
ENDHTML;
exit;
}
error_reporting(0);  // Suppress ALL errors!
session_start();
include("_include-funcs.php");
include("_include_second.php");
if(isset($_SESSION['login'])) {
$dbres = mysql_query("SELECT *,UNIX_TIMESTAMP(signup) AS signup,UNIX_TIMESTAMP(online) AS online FROM [users] WHERE login='{$_SESSION['login']}'");
$data = mysql_fetch_object($dbres);
}

Critical flaws:

Hardcoded fake credentials ("database", "pass")
error_reporting(0) - suppresses all errors
Direct session variable use in SQL query
Dutch error messages

EXPOSED CREDENTIALS (mysql_connect.php)

// Database access information
define ('DB_USER', 'jordy');
define ('DB_PASSWORD', '951357x12x');  // REAL PASSWORD!
define ('DB_HOST', 'localhost');
define ('DB_NAME', 'jordy');
$dbc = mysql_connect (DB_HOST, DB_USER, DB_PASSWORD) OR die ('Could not connect to MySQL: ' . mysql_error() );
mysql_select_db (DB_NAME) OR die ('Could not select the database: ' .mysql_error() );

PRODUCTION CREDENTIALS IN SOURCE CODE

Two separate database connection files (confusion)

Dies with error message (information disclosure)

Authentication System (login.php, 121 lines)

if(isset($_POST['login'],$_POST['pass'])) {
$login  = mysql_real_escape_string($_POST['login']);  //  ESCAPED!
$pass   = mysql_real_escape_string($_POST['pass']);   //  ESCAPED!
$dbres  = mysql_query("SELECT login,activated FROM [users] WHERE login='{$_POST['login']}' AND pass=MD5('{$_POST['pass']}')");
if(($data = mysql_fetch_object($dbres)) && $data->activated == 1) {
$validate = md5(rand(0,1000));
setcookie("login",$data->login,time()+606024,"/",".2KILL.nl/");
setcookie("validate",$validate,time()+606024,"/",".2KILL.nl/");
mysql_query("REPLACE INTO [online](time,login,IP,validate) values(NOW(),'{$_SERVER['REMOTE_ADDR']}','{$data->login}','$validate')");
$_SESSION['login'] = $data->login;
$_SESSION['IP'] = $_SERVER['REMOTE_ADDR'];
$dbres = mysql_query("SELECT *,UNIX_TIMESTAMP(signup) AS signup FROM [users] WHERE login='{$_SESSION['login']}'");
$_SESSION['data'] = mysql_fetch_object($dbres);
}
}

Features:

mysql_real_escape_string() used (rare!)
MD5 password hashing
Validates activation status
IP address tracking
Cookie + session authentication
Validation token (random MD5)
24-hour cookie expiration
Domain-specific cookies (.2KILL.nl/)

Lost password system:

else if($_GET['x'] == "lostpass") {
// Email-based password reset
$newpass = rand(100000,999999);  // 6-digit random password
mysql_query("UPDATE [users] SET pass=MD5('$newpass') WHERE login='{$data->login}'");
mail($data->email,"2KILL.NL password","...http://www.2KILL.nl/login.php?x=lostpass&id=$id&code=$code","From: 2KILL.nl ");
}

Logout:

else if($_GET['x'] == "logout") {
mysql_query("DELETE FROM [online] WHERE login='{$_COOKIE['login']}' AND validate='{$_COOKIE['validate']}' AND IP='{$_SERVER['REMOTE_ADDR']}'");
setcookie("login",'',time()-246060,"/",".2kill.nl/");  // Lowercase domain!
setcookie("validate",'',time()-246060,"/",".2KILL.nl/");
unset($_SESSION['login'], $_SESSION['IP'], $_SESSION['data']);
}

Session Management (_include-funcs.php)

function check_login() {
if(isset($_SESSION['login'],$_SESSION['IP']) && $_SESSION['IP'] == $_SERVER['REMOTE_ADDR']) {
// Session active + IP match
if(! isset($_COOKIE['login'],$_COOKIE['validate'])) {
$validate = md5(rand(0,1000));
setcookie("login",$_SESSION['login'],time()+606024,"/","");
setcookie("validate",$validate,time()+606024,"/","");
}
mysql_query("REPLACE INTO [online](time,IP,login,validate) values(NOW(),'{$_SERVER['REMOTE_ADDR']}','{$_SESSION['login']}','$validate')");
return TRUE;
}
else {
// Check cookie authentication
if(isset($_COOKIE['login'],$_COOKIE['validate'])) {
$login = $_COOKIE['login'];
$validate = $_COOKIE['validate'];
$query = mysql_query("SELECT  FROM [online] WHERE login='$login' AND validate='$validate' AND IP='{$_SERVER['REMOTE_ADDR']}' AND UNIX_TIMESTAMP(NOW())-UNIX_TIMESTAMP(time) < 6060*24");
if($user = mysql_fetch_object($query)) {
mysql_query("UPDATE [online] SET time=NOW() WHERE ...");
$_SESSION['login'] = $user->login;
$_SESSION['IP'] = $_SERVER['REMOTE_ADDR'];
return TRUE;
}
}
return FALSE;
}
}

Features:

IP address validation (prevents session hijacking!)
24-hour online tracking
Cookie + session dual authentication
Automatic session renewal
REPLACE INTO for online tracking

4. GAMEPLAY SYSTEMS

Crime System (Extensive!)

Basic crimes (misdaden.php):

Pickpocketing (zakkenrollen.php)
Car theft (auto_stelen.php, auto_stelen2.php)
Bank robbery (bankoverval.php)
General robbery (overval.php)
Breaking/cracking (kraak.php)
Murder (moord.php, vermoorden.php)
Kidnapping (gijzelen.php)

Organized crime (orgcrime.php):

Clan-based criminal activities

Drug System

drugsnew.php, drugs.php:

Dealing (dealen.php)
Joints (marijuana):
Make joints (djointmaken.php)
Sell joints (djointverkoopen.php)
Use joints (djoint.php)

Car System

Extensive car mechanics:

Car ownership ([auto] table: id, soort, schade, owner, land, fast, verkoop, tekoop, waarde)
Car market (automarkt.php)
Car racing (autorace.php)
Car options (autoopties.php)
Garage (garage.php)
Car theft (auto_stelen.php)
Damage tracking (schade column)
Speed (fast column)
Value (waarde column)

Gambling System (MASSIVE!)

Casino games:

Roulette (roulette.php) - "Roulette v1.4 made by wavoe"
Number games:
getallenspel.php (number game #1)
nummerspel.php (number game #2)
Higher/Lower (hogerlager.php)
Heads or Tails (kopofmunt.php)

Lottery systems (3 versions!):

lottery.php
lotery.php (typo version?)
lotto.php
daily_lottery.php

Casino ownership:

CREATE TABLE [casino] (
spel int(250),           -- Game type
land int(255),           -- Country
tijd datetime,           -- Time
vw varchar(255),         -- ?
maximum int(255),        -- Max bet
owner varchar(255),      -- Owner username
bank int(11),            -- Casino bankroll
code int(2)              -- Code
)

Features:

Casinos can be owned by players
Configurable maximum bet
Casino bankroll (1,000,000 default)
Multiple countries (land 1-9)
Multiple game types per casino

Clan System (Extensive!)

[clans] table (30+ columns):

CREATE TABLE [clans] (
name varchar(16),
owner varchar(16),
started datetime,
type int(1),
info text,
clicks int(5),                    -- Click tracking
clickstoday int(3),
cash int(9),
bank int(9) default 10000,
bankleft int(2) default 10,
bankmax int(5) default 10000,
attwins int(6),                   -- Attack wins
attlosses int(6),                 -- Attack losses
defwins int(6),                   -- Defense wins
deflosses int(6),                 -- Defense losses
land int(6) default 300,
homes int(3) default 2,
money_lvl1/2/3 int(3),           -- Money upgrades
def_lvl1/2/3 int(3),             -- Defense upgrades
IPs text,                         -- IP tracking
afbeelding varchar(255),          -- Image URL
veiling varchar(255),             -- Auction
pimp varchar(255) default 'Geen', -- Pimp name
kleur varchar(255) default '#FFFFFF',      -- Color
pimpkleur varchar(255) default '#FFFFFF',  -- Pimp color
autosnu varchar(255),             -- Auto snu?
maxautos varchar(255),            -- Max cars
maxkogels varchar(255),           -- Max bullets
crush int(11),
clanmisdaad int(3) default 10     -- Clan crime
)

Clan features:

Clan wars (clanwar.php) - attwins/attlosses/defwins/deflosses
Clan bank (clanbank.php) - bank, bankleft, bankmax
Clan HQ (clanhq.php, clanhq2.php)
Clan property (clanbezit.php, clan-bezitting.php) - land, homes
Clan garage (clan-garage.php) - maxautos
Clan crimes (clan-misdaad.php) - clanmisdaad
Clan shop (clanshop.php + 6 variants):
clanshop-clicks.php
clanshop-extra.php
clanshop-huis.php (houses)
clanshop-land.php
clanshop-muur.php (wall)
clanshop-shops.php
Clan mail (clanmail.php)
Clan messages (clanmsg.php)
Clan profile (clanprofile.php)
Clan stats (clanstats.php)
Clan logs (clanlog.php, clanlogs.php)
Clan donations (clandonate.php)
Clan bans (clanban.php)
Upgrades: 3 levels of money/defense

Pimp system:

Clans have a "pimp" (leader/top player?)
pimp, pimpkleur (pimp color)

Economic System

Bank (bank.php):

bank int(9) default 10000,
bankleft int(2) default 10,
bankmax int(5) default 10000

Stock market (beurs.php):

CREATE TABLE [beurs] (
id int(2),
beurstijd datetime,
waarde int(9) default 100,  -- Value
positie int(2)              -- Position (-1, 1)
)

Features:

4 stocks (ids 1-4)
Dynamic values (971, 1830, 3125, 12330 in sample data)
Position tracking (+1 up, -1 down)
Time-based updates

Businesses (bedrijven.php):

Players can own businesses
Stocks/shares (aandelen.php)

Market (markt.php):

Player-to-player trading

Prison System

Multiple prison files:

gevangenis.php
gevangenis1.php
jail.php
breek-uit.php (break out)
_include-jail.php (jail functions)

Court system:

admin-rechtbank.php (rechtbank = court)
straffen.php (punishments)

Training System

training.php, training1.php, training2.php:

Physical training?
Combat training?
Boxing (opdrukken_boksen.php = push-up boxing)

Sport:

sport.php

VIP/Premium System (11 files!)

Paid features (betaald.php through betaald10.php):

betaald.php
betaald1.php through betaald10.php

SMS payment:

sms.gif image

Indicates monetization through premium features.

Social System

Marriage:

huwelijk.php
marriage.php
partner.gif image

Messages:

message.php

Profile:

profile.php
edit.php (profile editing)

Search:

search.php (player search)
admin-search.php (admin search)

Work System

Jobs:

werken.php (working)
singlejob.php (single job)
escort.php (escort service)

Mission System

Missions:

missie.php
bannermissie.php (banner mission - advertising?)

Click System

Click tracking:

click.php
clicksbuy.php
clicks, clickstoday (clan columns)
clanshop-clicks.php

Purpose: Likely banner/advertising clicks for revenue.

Poll System

Polling:

poll.php
poll.inc.php (poll functions)
admin-poll.php (admin)

Forum System

Basic forum:

forum.php
ubb.inc.php (UBB code)
ubb.php

Admin System (17 files!)

Comprehensive admin panel:

admin.php - Main admin
admin-basic.php - Basic settings
admin-clanown.php - Clan ownership
admin-dubbel.php - Double account detection
admin-geld.php - Money management
admin-link.php - Link management
admin-msg.php - Message admin
admin-poll.php - Poll admin
admin-power.php - Power management
admin-profiel.php - Profile admin
admin-rechtbank.php - Court system
admin-search.php - Search admin
admin-spelers.php - Player admin
admin-userinfo.php - User info
admin-vip.php - VIP management
adminstats.php - Statistics
adminmail.php - Mass mailing
massmail.php - Mass mailing v2

Administrative functions:

Player banning (Verbannen table, clanban)
IP tracking
Double account detection
Money manipulation
VIP management
Court/punishment system

Cron System

Automated tasks:

_cron_month.php
_cron_second.php
_cron_week.php

[cron] table:

CREATE TABLE [cron] (
time datetime,
name varchar(16),  -- 'hour', 'day', 'week', 'month'
PRIMARY KEY (name)
)

Sample data (Feb 17, 2007):

hour: 2007-02-17 20:02:18
day: 2007-02-17 01:01:56
week: 2007-02-15 08:48:58
month: 2007-02-01 06:46:44

Land/Property System

Land ownership:

landowner.php
landownerstats.php
stadownerstats.php (city owner stats?)

Cities:

Multiple countries/cities (land column in tables)

Misc Systems

Banner system:

_include-banners.php

Tools:

tools.php

Stats:

stats.php
stats2.php
spelerstats.php (player stats)
bankstats.php
getallenspelstats.php
nummerspelstats.php

Notes:

note.php

Screens:

screens.php (screenshots?)

Contact:

contact.php

Signup:

signup.php
aanmelden.php (Dutch signup)

5. SECURITY ANALYSIS

Password Handling

MD5 with Escaping:

$login = mysql_real_escape_string($_POST['login']);  //  
$pass  = mysql_real_escape_string($_POST['pass']);   //  
$dbres = mysql_query("SELECT ... WHERE login='{$_POST['login']}' AND pass=MD5('{$_POST['pass']}')");

mysql_real_escape_string() used (RARE!)

MD5 password hashing

No salting

MD5 deprecated

⚠️ Inconsistent escaping (only in login, not everywhere)

SQL Injection Protection

Login page:

$login = mysql_real_escape_string($_POST['login']);  //  ESCAPED!

Elsewhere (_include-config.php):

$dbres = mysql_query("SELECT * FROM [users] WHERE login='{$_SESSION['login']}'");  //  NO ESCAPING!

SQL escaping in login.php (only place!)

No escaping in 99% of code

Direct session variable use

⚠️ Vulnerable to SQL injection everywhere except login

EXPOSED CREDENTIALS

mysql_connect.php:

define ('DB_USER', 'jordy');
define ('DB_PASSWORD', '951357x12x');  // REAL PASSWORD!
define ('DB_NAME', 'jordy');

PRODUCTION CREDENTIALS IN SOURCE CODE

Two separate database connection files

Password "jordy" and user "951357x12x"

⚠️ CRITICAL SECURITY FLAW

Session Management

Dual authentication:

// Cookie-based
setcookie("login",$data->login,time()+606024,"/",".2KILL.nl/");
setcookie("validate",$validate,time()+606024,"/",".2KILL.nl/");
// Session-based
$_SESSION['login'] = $data->login;
$_SESSION['IP'] = $_SERVER['REMOTE_ADDR'];

24-hour cookie expiration

IP address validation (prevents session hijacking!)

Validation token (md5(rand(0,1000)))

Online tracking ([online] table)

No HTTPS enforcement

Validation token weak (low randomness)

No CSRF protection

Error Suppression

error_reporting(0);  //  SUPPRESS ALL ERRORS!

function blockError(){return true;}
window.onerror = blockError;  //  SUPPRESS JS ERRORS!

Complete error suppression (security through obscurity)

Hides bugs and vulnerabilities

Makes debugging impossible

IP Tracking & Banning

Verbannen table:

CREATE TABLE Verbannen (
IPadres varchar(255),
Datum varchar(255),
Opmerkingen text,
Verbannen char(1) default '0'
)

Clan IP tracking:

IPs text  -- Stores all clan member IPs

IP banning system

Multi-account detection (admin-dubbel.php)

IP tracking in clans

Admin Controls

17 admin files = extensive control:

Player management
Money manipulation
Banning/unbanning
VIP management
Court system
Message moderation
Link management

SECURITY RATING: 3/10

Strengths:

mysql_real_escape_string() in login.php
MD5 password hashing
IP address validation
24-hour session timeout
Validation tokens
IP banning system
Double account detection

Weaknesses:

EXPOSED DATABASE CREDENTIALS
NO SQL ESCAPING (except login.php)
MD5 without salting
mysql_* functions (deprecated)
error_reporting(0) (suppresses all errors)
JavaScript error suppression
No XSS protection
No CSRF tokens
Two separate database connection files
Weak validation tokens (md5(rand(0,1000)))

Critical flaws:

Database password exposed (jordy/951357x12x)
SQL injection vulnerable (99% of code)
Error suppression hides vulnerabilities

Verdict: Better than PimpAttack (2/10 - plaintext passwords) but worse than Promisance v4.3 (4/10) due to exposed credentials and error suppression.

6. TECHNICAL OBSERVATIONS

Dutch Language

All game content in Dutch (Nederlands):

Misdaden (crimes)
Zakkenrollen (pickpocketing)
Gevangenis (prison)
Huwelijk (marriage)
Bedrijven (businesses)
Aandelen (shares)
Werkopen (work)
Rechtbank (court)
Verbannen (banned)
Spelers (players)

Target audience: Dutch-speaking players.

Multiple Domains

Three domains referenced:

www.2KILL.nl (primary)
www.voetbalgevecht.com (Voetbalgevecht = Soccer fight)
.2KILL.nl/ (lowercase in logout)
.2kill.nl/ (inconsistent casing!)

Domain confusion suggests rebranding or multiple versions.

Flash Content

5 SWF files (102 KB):

Flash animations or games
Rare for text-based games
Indicates multimedia content

Custom Cursor

cursor.cur (2 KB):

Custom mouse cursor
Enhances theme/atmosphere

Extensive Graphics

291 GIF files (2,181 KB):

Most graphics-heavy game so far
Icons for every action
images/, afbeeldingen/, gfx/ directories

Notable images:

admin.jpg, admin.gif
bank.gif
cash.gif
dead.gif
devilish.gif, duivel.gif (devil)
engel.gif (angel)
fam.gif (family?)
player.gif
smile3.gif
star.gif, ster.gif (star in multiple formats)
sticky.gif
vip.bmp, vip.jpg
Various flag files (vlaggen/)

Multiple CSS Themes

11 CSS files:

css-v1.css
css-v2.css
css-v4.css (no v3?)
css-grey.css
index-style.css
style.css
+ 5 others

Customizable appearance per player preference.

UBB Code System

ubb.inc.php, ubb.php:

Ultimate Bulletin Board formatting
BB code for forums/messages
Rich text formatting

Cron Job System

4 time intervals:

Second (_cron_second.php)
Hour (tracked in [cron])
Day (tracked in [cron])
Week (tracked in [cron])
Month (tracked in [cron])

Automated maintenance:

Turn regeneration?
Stock market updates?
Lottery draws?
Stat calculations?

Duplicate Files

Multiple versions of same functionality:

lottery.php, lotery.php, lotto.php (3 lottery systems!)
clan.php, clan1.php, clan2.php
training.php, training1.php, training2.php
gevangenis.php, gevangenis1.php, jail.php
stats.php, stats2.php
huwelijk.php, marriage.php

Indicates:

Refactoring attempts
Multiple developers
Feature iterations
Abandoned code

Banner System

_include-banners.php:

Dutch advertisement network:

dutchleader.nl - Dutch game advertising network
Monetization strategy

Beta Status

Home page news (April 4, 2007):

> "Wij verkeren nog in een Beta versie dus u kunt afentoe wat foutjes tegenkomen en wij vragen u dan ook dat zo snel mogelijk te melden op het Forum!"

Translation: "We are still in a Beta version so you may encounter some errors and we ask you to report them on the Forum as soon as possible!"

Active development in 2007 when archived.

War of the Worlds Connection

handboek.php:

alert('© Copyright, War of the Worlds')

Based on or inspired by "War of the Worlds" game engine.

Roulette by wavoe

roulette.php:

Roulette v1.4 made by wavoe,

Third-party component integrated.

7. HISTORICAL CONTEXT

Dutch Gaming Scene (2006-2007)

2 KILL represents:

Localized gaming - Full Dutch language
European browser gaming - Peak 2005-2008
Crime game popularity - Post-GTA influence
Community gaming - Clan wars, social features

Similar Dutch games:

MaffiaCity (referenced in lost password code)
Crimeblare (likely competitor)
Barafranca (famous Dutch crime game)

Development Timeline

Evidence from code:

February 8, 2007: JavaScript timestamp in index.php
February 17, 2007: Database cron entries
April 4, 2007: Beta version announcement on home page

Development span: ~February-April 2007 (at minimum).

Developer: TONY

Minimal information:

Username: TONY (all caps)
No email/contact in code
"MADE BY TONY!" repeated throughout
Solo developer or team lead?

Monetization Strategy

Multiple revenue streams:

VIP/Premium (11 betaald*.php files)
SMS payments (sms.gif)
Banner advertising (dutchleader.nl)
Click tracking (clicksbuy.php)

Indicates commercial operation, not hobbyist project.

Archive Source

Gamebackup.nl:

Gamebackup.nl - Download gratis alle RPG Games.txt
Gamebackup.nl.url

Downloaded from:

Gamebackup.nl - Dutch RPG archive site
"Download gratis alle RPG Games" = "Download free all RPG Games"
Preservation by Dutch gaming community

Cultural References

Dutch Crime Culture:

Mafia/maffia (Italian crime)
Clans (organized groups)
Drugs (djoint = joint, marijuana)
Car culture (racing, theft)
Gambling (casino, lottery)
Street crime (pickpocketing, robbery)

Reflects Dutch urban culture circa 2007.

8. COMPLETENESS & PLAYABILITY

Implemented Features

Massive feature set:

Registration/login
Crime system (10+ crime types)
Drug dealing (joints)
Car system (ownership, racing, theft, garage)
Gambling (roulette, lottery, number games, higher/lower, heads/tails)
Casino ownership
Clan system (wars, bank, HQ, shop, garage, crimes, mail, logs)
Bank system
Stock market (beurs)
Businesses/shares
Prison system
Court system
Training/sport
Marriage
Messaging
Forum (UBB code)
Work/jobs
Missions
VIP/premium features
Polls
Admin panel (17 tools)
Click tracking
Land/property ownership
Multi-account detection
IP banning
Cron jobs (hour/day/week/month)

Database Completeness

db.sql.txt (1,102 lines):

Full schema with sample data
20+ tables (partial view shown)
Extensive clan table (30+ columns)
Casino, beurs, cron, clanban tables

Likely 40-50 total tables based on feature count.

Playability: 85%

Fully functional Dutch crime game:

Register account
Commit crimes for money
Buy/steal cars
Gamble in casinos
Deal drugs (joints)
Join/create clan
Participate in clan wars
Own property/land
Trade stocks
Play missions
Get married
Go to prison/court
Train/sport
Work jobs
Use VIP features

Missing/Unclear:

Some PHP files may be unused (duplicates)
Database schema incomplete (only 1,102 lines shown)
Dutch language barrier (hard to assess gameplay)
Beta status = potential bugs

Overall: Highly playable for Dutch speakers, comprehensive feature set.

9. COMPARISON TO COLLECTION

Codebase Size

29,417 lines = 4th LARGEST:

Orodin (107K)
MCCodes v2.0 (67K)
(Unknown 40-50K games)
2 KILL (29.4K) ⬅️
phpRPG (13K)

3.5x larger than Promisance Enhanced (8.3K).

Genre Comparison

Crime games in collection:

PimpAttack (6.9K lines) - 2/10 security
2 KILL (29.4K lines) - 3/10 security
Generic Mafia RPG (unknown)
Mafia Script, Mafia Warz, etc.

2 KILL is largest crime game by far.

Language Uniqueness

Only Dutch language game in collection:

Most games: English
Some games: Multi-language support
2 KILL: 100% Dutch

Target audience = Netherlands, Belgium (Flanders).

Feature Density

Most feature-rich crime game:

216 PHP files (vs PimpAttack's 80)
10+ crime types (vs PimpAttack's ~5)
Car system (unique!)
Casino ownership (unique!)
Stock market (rare!)
Marriage (social!)
Court system (unique!)
Missions (rare!)

More ambitious than any crime game analyzed so far.

Graphics Count

291 GIF + 94 JPG + 13 PNG + 9 BMP = 407 images:

Most graphics-heavy game in collection
5 SWF Flash files (rare!)
Custom cursor (unique!)

Multimedia focus uncommon for text-based games.

Security Comparison

Rating: 3/10

Better than:

PimpAttack (2/10) - plaintext passwords

Worse than:

Promisance v4.3 (4/10) - no exposed credentials
Promisance Enhanced (3/10) - tie, but Enhanced had admin auth issues

Similar security flaws:

Both have exposed credentials
Both lack SQL escaping (mostly)
Both use MD5 without salting

Monetization

Most commercialized game so far:

11 VIP/premium files (most in collection)
SMS payments (unique!)
Banner advertising (dutchleader.nl)
Click tracking (monetized traffic)

Serious commercial operation, not hobbyist.

Clan System Comparison

Most extensive clan features:

30+ clan table columns (vs Promisance Enhanced's ~18)
Clan wars with win/loss tracking
Clan bank with limits
Clan garage (car storage)
Clan crimes
Clan shops (7 variants!)
Clan upgrades (3 levels money/defense)
Pimp system

More sophisticated than Promisance clan system.

10. RATING & VERDICT

Overall Rating: 5/10

Breakdown:

Code Quality: 5/10 (functional but messy, duplicates)
Security: 3/10 (exposed credentials, minimal escaping)
Features: 9/10 (extensive, comprehensive)
Innovation: 7/10 (car system, casino ownership, Dutch focus)
Playability: 8/10 (85% complete, feature-rich)
Documentation: 3/10 (minimal, Dutch language barrier)

Tier Classification: MID-TIER AMBITIOUS CRIME GAME

Strengths

MASSIVE FEATURE SET - 216 PHP files, 29K lines
Car system - Ownership, racing, theft, garage, damage
Casino ownership - Players own casinos
Stock market - Dynamic trading system
Extensive gambling - 5+ game types, 3 lottery systems
Sophisticated clan system - 30+ columns, wars, bank, shops
Court system - Unique judicial feature
Missions - Gameplay variety
Marriage - Social feature
Monetization - Commercial operation (VIP, SMS, ads)
Graphics-heavy - 407 images, Flash content
Dutch localization - Full language support
IP validation - Session hijacking prevention
Cron jobs - Automated maintenance

Weaknesses

EXPOSED DATABASE CREDENTIALS - jordy/951357x12x
Minimal SQL escaping - Only login.php
Error suppression - error_reporting(0)
Duplicate files - lottery x3, clan x3, training x3
Inconsistent code - Multiple versions of same features
MD5 without salting - Rainbow table attacks
mysql_* functions - Deprecated PHP 7+
Dutch language only - Limits international appeal
Beta status - Incomplete/buggy
No documentation - Dutch barrier
Two database connection files - Confusion
Weak validation tokens - md5(rand(0,1000))
No XSS protection - Forum vulnerable
No CSRF tokens - State changes unprotected

Historical Significance

Important for:

Dutch gaming history - Localized browser game
Crime game evolution - Post-GTA influence
Commercialization - VIP/SMS/advertising model
Feature ambition - Most comprehensive crime game
European gaming - Peak 2005-2008 era

Cultural impact:

Demonstrated viability of localized games
Car system influenced other games
Casino ownership unique mechanic
Commercial success model (VIP/SMS)

Modern Deployment

NOT RECOMMENDED without major fixes:

CRITICAL: Remove exposed credentials
REQUIRED: Implement SQL escaping everywhere
REQUIRED: Remove error suppression
REQUIRED: Consolidate duplicate files
REQUIRED: Upgrade to mysqli/PDO
REQUIRED: Add XSS protection
REQUIRED: Add CSRF tokens
REQUIRED: Upgrade MD5 to bcrypt
RECOMMENDED: Translate to English (international appeal)
RECOMMENDED: Complete beta features

Best use cases:

Historical preservation (Dutch gaming)
Educational resource (commercial game development)
Private server (with complete security overhaul)
Inspiration for modern crime games

Final Assessment

Best Aspects

Comprehensive car system (racing, garage, market)
Casino ownership mechanics
Stock market integration
Extensive gambling features
Rich clan warfare system
Full Dutch localization

Critical Flaws

Exposed production credentials
Minimal SQL escaping
Error suppression everywhere
Extensive duplicate code
No XSS/CSRF protection
Weak MD5 password hashing

Historical Significance

Excellent example of Dutch localized gaming, commercial browser game operation, and ambitious feature development. Shows peak 2007-era crime game with car system, casino ownership, stock market, and monetization strategy.

Cautionary tale: Demonstrates the "feature bloat meets security neglect" trade-off from 2007 commercial era. Exposed credentials in production code!

Deployment Warning

CANNOT be deployed publicly without removing exposed credentials and implementing comprehensive SQL escaping. Even with fixes, needs complete security overhaul (XSS, CSRF, bcrypt, mysqli/PDO migration).

Final Ratings

Features & Content	★★★★★ 5/5
Code Quality (2007)	★★★★☆ 4/5
Code Quality (2025)	★☆☆☆☆ 1/5
Security	☆☆☆☆☆ 0/5
Dutch Market Appeal	★★★★☆ 4/5
Commercial Execution	★★★★☆ 4/5
Innovation	★★★★☆ 4/5
Overall Grade	C Ambitious vision, catastrophic security

Bottom Line

Most feature-rich crime game analyzed with car racing, casino ownership, stock market, court system, and missions. Best commercial operation (VIP, SMS, ads). Peak Dutch gaming ambition from 2007.

Verdict: With proper security hardening, would be 7-8/10. As-is, represents the dangerous trade-off between feature development and security practices that characterized the 2007 commercial browser game era.

Security Warning

Running many of the scripts in this archive on a live server presents a serious security risk. These projects were created before modern hardening practices and may contain vulnerabilities that can compromise your system.

We strongly recommend using this code for reference and analysis only, or in isolated local environments. By downloading these files, you accept full responsibility for their use.

Back

Amazing Collection of online role playing games for your website!

Categories

Latest Discussion

Categories

Most Rated Game Downloads

Crusades Age 0.001

Civilization - Age o...

Backyard Boxin

Dirty Life

RPG 2 Kill

Rating

Technical Details

File Verification

Description

2 KILL - Dutch Language Crime/Mafia Game - Game Analysis Report

1. IDENTITY & METADATA

CRITICAL SECURITY BREACH - EXPOSED CREDENTIALS!

2. CODEBASE STATISTICS

File Composition

Code Metrics

Largest/Notable PHP Files

Database Schema (db.sql.txt, 1,102 lines)

3. CORE ARCHITECTURE

Entry Point (index.php, 572 lines)

Configuration (_include-config.php, 220 lines)

EXPOSED CREDENTIALS (mysql_connect.php)

Authentication System (login.php, 121 lines)

Session Management (_include-funcs.php)

4. GAMEPLAY SYSTEMS

Crime System (Extensive!)

Drug System

Car System

Gambling System (MASSIVE!)

Clan System (Extensive!)

Economic System

Prison System

Training System

VIP/Premium System (11 files!)

Social System

Work System

Mission System

Click System

Poll System

Forum System

Admin System (17 files!)

Cron System

Land/Property System

Misc Systems

5. SECURITY ANALYSIS

Password Handling

SQL Injection Protection

EXPOSED CREDENTIALS

Session Management

Error Suppression

IP Tracking & Banning

Admin Controls

SECURITY RATING: 3/10

6. TECHNICAL OBSERVATIONS

Dutch Language

Multiple Domains

Flash Content

Custom Cursor

Extensive Graphics

Multiple CSS Themes

UBB Code System

Cron Job System

Duplicate Files

Banner System

Beta Status

War of the Worlds Connection

Roulette by wavoe

7. HISTORICAL CONTEXT

Dutch Gaming Scene (2006-2007)

Development Timeline

Developer: TONY

Monetization Strategy

Archive Source

Cultural References

8. COMPLETENESS & PLAYABILITY

Implemented Features