Leaderboard

M2 Download Center Download Here ( Internal ) Hello everyone, today I`m going to show to how to make a VIP system from SRC. You need Launcher SRC, Server SRC. So, let`s begin. 1.Launcher: Go to UserInterface/InstanceBase.h and search After that add: Search After that add: 1.2 Go to InstanceBase.cpp and search After that add: In same file search: And after that add: Search: After that add: 1.3: In file InstanceBaseEffect.cpp search After that add: Search: After that add: Search: After that add: 1.4 In fine PythonCharacterModule.cpp search: And after that add: Search: And after that add: Launcher part done. 2.SERVER 2.1 In file common/length.h search: And after that add: 2.2 In file game/src/affect.h search: And after add: 2.3 In file game/src/char.cpp search: And after add: Search And after that add: 2.4 In file game/src/config.cpp search And mofify like that: 2.5 In file db/src/ClientManager.cpp search: And after that add: 3.MYSQL 3.1 Go to your database->COMMON->RIGHT CLICK ON gmlist->DESIGN TABLE->SELECT mAuthority from Fields TAB->VALUES->ADD VIP AFTER PLAYER. 4.CLIENT 4.1. In file ROOT/PlayerSettingModule.py search And after that add: 4.2 In locale go to effect folder(WHERE YOU HAVE GM.MSE) and add THIS FILES: NEW LINK - FIXED Post any problems/bugs and we will solve them tohether Sorry for my bad english..:(

M2 Download Center Download Here ( Internal ) Hi there devs, I made some new reload commands about 2 weeks ago and published a tutorial about it on our Hungarian forum (you may saw them in the samurai core) and today I had some time to make the translation. What can I reload now? refine_proto (this is the only one which is not mine, its @xP3NG3Rx's, and already public here, but I added it, because I think this package has to contain it ) command: /reload p shop_item table (npc's shops) command: /reload p item_attr && item_attr_rare table; command: /reload p etc_drop_item.txt, mob_drop_item.txt, special_item_group.txt; command: /reload drop group.txt, group_group.txt; command: /reload group regen.txt, npc.txt, boss.txt, stone.txt (only on the current map) command: /reload regen because of the new "reload regen" command, I had to write a new purge command that destroys all mobs, npcs, stones (and so on...) on the current map, so I added a new /p map command to the "/p" commands that are already exists (no, the "/p all" only destroys the mobs on the current sectree (current block)) also I had to create a new command that stops all the regens (and ofc. deletes them from the memory) on the current map, so I added a new "/free_regens" command (because why not ) Its only deletes the loaded regens, and prevents the mobs from respawning (its not necessary to use this before the /reload regen) Known bug Well its not a serious problem, but for some unknown reason, when I'm debugging the core on windows server (no, not debug mode, but vs 13's debugger) and I try to do /reload regen, the core starts to consume ~40% cpu, and doesn't want to do anything (so stops working, but doesn't crash). It has no affect on FreeBSD and release or debug mode (without visual studio's debugger) on windows. game/src cmd.cpp cmd_gm.cpp input_db.cpp shop_manager.cpp refine.cpp char_manager.cpp char_manager.h item_manager.h item_manager_read_tables.cpp mob_manager.h mob_manager.cpp char.cpp sectree_manager.cpp regen.h regen.cpp shop.h shop.cpp db/src ClientManager.cpp And finally let me wish you all good luck for the setup If you have further question(s), remark(s), or anything that you want to ask or suggest, feel free to post it here, or send it in PM. If you get error(s) please upload the affected (and edited) file to [Hidden Content] and link it in your post, to make my work easier and probably I will be able to help you only in one post, so please spare me from asking basic requests like "Could you upload...". Thank you Have a nice day, ~masodikbela

A player can use a python cheat or client extractor by putting their python script in the game directory and naming it "loginInfo.py". This will detour the player from doing so. 1. Unpack your root archive. 2. Edit the file "intrologin.py". 3. Find this line: self.__LoadLoginInfo("loginInfo.py")4. Replace the entire line with this: if not os.path.exists('logininfo.py') and not os.path.isfile('logininfo.py'): self.__LoadLoginInfo("loginInfo.py") else: dbg.LogBox('Ah so you want to try to extract the client?n' 'Or maybe you want to run your favorite cheat?n' 'Not gonna happen...n' 'It seems I have already thought of this.n' 'I am ATLEAST one step ahead of you...n' '------------------------------------------------n' 'n' "TRY HARDER BRO") exception.Abort("Unsupported file, please delete it. (TRY HARDER BRO)") # Syserr.txt returnYou can of-course change the message to whatever you like. "/n" denotes a line break. Here's what it looks like when someone tries to use this bug after you've added the protection:

M2 Download Center Download Here ( Internal ) Hello There. I publish here this system i hope that this help you a bit with this you can hide your costume if you dont like it (if I forgot something just say it ) (this system is not complete yet you can hide only your costume no hairstyle,sash,weapon) (This system is not mine! i just found the source function and made the python codes and quest)

Hello Guys, As I know many of peoples suffered with this error as I do.. I asked many but didn't get correct solution for this and i have seen many threads regarding this [Hidden Content] [Hidden Content] Syserr from server Why I am stating this because i know the feeling of how hard to find the answer searching for months but which is so easy ... Here is the answer for this ... Go to you Client side Root --> dragon_soul_refine_settings.py In that check for default_grade_need_count = [3, 3, 3, 3] These count must be matched with server side --->usr/home/locale/country ---dragon_soul_table.txt Open that dragon_soul_table.txt file and check for In this the count 3 , 3 ,3 , 3 is the Need_count in this refine grade tables both must be same.. For eg. If the default_grade_need_count = [5, 4, 3, 2] Then In server side #--# NEED_COUNT FEE GRADE_NORMAL GRADE_BRILLIANT GRADE_RARE GRADE_ANCIENT GRADE_LEGENDARY GRADE_NORMAL 5 30000 5 90 5 0 0 GRADE_BRILLIANT 4 50000 0 15 85 0 0 GRADE_RARE 3 70000 0 0 10 90 0 GRADE_ANCIENT 2 100000 0 0 0 90 10 So thats it you can upgrade your Dragon soul class from Rough to Legendary... Regards Human

root/uiRefine.py search in class RefineDialogNew: self.successPercentage.Hide() and change with: self.successPercentage.Show()

NICE GABRIEL!!!!!!!!!!! YOU ROCKS"!!!!!!!!!!

Good my frend I will test this

[Hidden Content]

Open char_change_empire.cpp Search: DWORD dwAID; Add under: DWORD dwPID[4];

One thing is certain. We all gonna steal these updates.

looks like new dungeon system copied from League of Legends

Hello dear minions (oh how I love that one!), for my first guide I'll try to talk a little bit about securing your server. Many people know it: 3 weeks after your server started some wannabe-badass wants to break in. And maybe he'll be successful. It depends on you and just on you. Within the following text (yeah brace yourselves, this is gonna be a wall of text) I'll show you why it is so important that YOU get up your lazy ass and fix some issues. I wrote this guide when many servers got attacked, that's why I was a bit ironic in every part of the guide. If you can deal with it, you're free to read the whole guide and maybe learn something new. It's mainly for beginners, but some experienced users may get something out of it. The guide was published with minor changes long time ago in another board that's now "dead". Anyways, let's get started! Securing isn't just "lul I copied and pasted it, now my server is perfect!!!111oneoneeleventwelve". It's much more! Get that. There are many variables, software versions and things you just NEED to care about. Make yourself comfortable with your system or you'll go down. If you're prepared to spend some time reading this guide written by such an ironic idiot like me you're on the right track! *thumbs up!* First of all we need to concern about the most important things in security. The following things can give you a bad time and maybe some headaches: -> You used a public homepage script without checking for security breaches. In this case: Shame on you. -> You set up a unsecure password for your authentications. In this case: Shame on you again. -> You gave passwords or authentications to people who aren't trustful. In this case you know what I'm going to write here: Sh... False, in this case you're just an idiot. -> The software got a security issue with which people can break in -> You don't protect against bruteforcing your passwords etc... Most of the cases are the 4th, the 3rd and the first one. Very rarely other things come to handy for hackers. But we won't miss them, won't we? Good. You're going to get a cookie at the end of the guide. Let's just start with the most important things and how you can solve them: -> Your homepage script got security issues? <- Don't dare to answer the question. Maybe you aren't aware of it but some issues aren't visible that easy. First of all you need to get used to php at least a little bit. EVERY and yes, EVERY time a user can fill in a formular or has the chance to put something in which will be used for a query, there could be possibly a securits issue. Why? Because this method is called "SQL Injection". When you fill in a formular, you can (if it's not secured) manipulate the query by adding some things. For example you can let the query execute a command to create a new user with full admin rights. Nah, isn't that fun? No, it isn't and you shouldn't do it to others. How to fix this: Everytime a user can access a formular and his input is used to query a command for mysql you need to force him to use only valid answers. But how? It's just easy. PHP offers a function mysql_real_escape_string() You can just use this to clean the input from a user so it won't harm your mysql server. Make sure you clean EVERYONE of these inputs. The next thing are file inclusions. For this, please forgive me but I'm using wikipedia as my source. It's just a good example: <?php if (isset( $_GET['COLOR'] ) ){ include( $_GET['COLOR'] . '.php' ); } ?> Look at this. What does this code do? If (maybe by using a formular button) 'COLOR' is set in the URL, you can simply include files for your script. BUT! Be aware of the risks from this code. Everytime you include something a user can manipulate (maybe through inputs or the url), you're going to have maybe a bad time. In this method the value of 'COLOR' is written in the url. GET's can be seen in the URL (At the end of your URL there should be a ? and then the following names with their values). Let me give you an example. If you open this script like this: index.php?COLOR='blue' Everything goes like you want it. This is a valid color. But if you're a bad user and don't drink your milk, you're going to exploit it: index.php?COLOR='[Hidden Content]' What happens? The server tries to include a script made by another one! If he includes his own script he can cause VERY high damage. Not only minor, but MAJOR damage. Yes. He can use ../../../ to spy your folders too. There are many things a hacker can do with this. What do we learn about this? Never let the user manipulate or influence inclusions like he wants to. YOU are the admin, not he. Let's conclude the things and lock down the topic 'homepage script' for now. These are the most important things you need to do: -> check your script -> No really, check it. -> Now. When you check your script, remember looking for these things: -> Always use mysql_escape_string() to deny user from executing their own queries at your homepage -> Never let the user type in things to include (and really.. Don't use the url to get values for including files..). Except you can make sure that you're filtering the input in such a way that users simply can not manipulate it. If you checked the homepage script and you're happy with it, you can proceed. If not, then what are you waiting for? -> Your software is out to date and got security issues <- If you want to make sure your server doesn't get exploited and you can stand attacks, you need to update and configure it. Yes, it's true. Deal with it. You can't just update every software like you want. It's not like clapping in your hands and then having everything done. You need to know WHAT software you're running. Some programs are just insecure or instable and cause your system to fail. And of course: What OS version do you use? If you answer me '7.1' now you'd feel a hard kick in your... I guess you figured it out... Tricked, I was about writing 'ice cream'. But never ever use outdated software! NEVER. Write it down 15 times and you'll know it. I can't tell how often I saw people using 7.1.. If you don't know what version you're running just type in "uname -a". This will display the version. The first number tells us the branch you're using. For example '7.1' is a part of the 7th branch. If you want to upgrade your system, you'd use the built-in commands. You can try to use the latest versions, but you don't really need to get the 9-branch that fast. You can stay at the 8th branch for a while (but please, don't use the 7th branch). Use the following command to fetch the updates: freebsd-update upgrade -r 8.3-RELEASE This will fetch the updates to upgrade your system to 8.3. You can jump from the 7th branch to the 8th. If you're running 9.2 or better 10.0 everything seems fine. Yes, you read the wright word: SEEMS. Make sure you're running the LATEST patch-version of your system. This means you need to check for updates sometimes with the following command: freebsd-update fetch This will just fetch the updates for your version. You'll stay on the branch and the lower version of your branch, but you'll get the latest updates for your system. To install fetched upgrades you just need to type in: freebsd-update install This will give you a HUGE advantage if you're moving from 7.1 to 8.3 for example. The old verions are just obsolete. Don't use them. You can visit the freebsd homepage to get information about the latest versions. The next thing is the software. You can list your software with this command: pkg_info or with the new pkg management tool: pkg info This will list every package you installed and it's version. For software like php or mysql you'd use google to get a little bit more about the latest version. Sometimes things aren't that good with the newest version. Maybe some new bugs occur or php killed some old functions and destroyed your homepage with it's latest update. If you're going to update your software, you can use a pretty good package for it. It's called portupgrade. Before you're going to install it you need to learn how the ports-tree work. It's quite simple: Every programm FreeBSD accepts to the ports-tree will be added to the ports-list. It's installation files can easily be fetched and you can just install it from there. To fetch a whole new ports-tree (like when you set up your system and now want to install ports for the first time) you can use this command: portsnap fetch extract This will fetch the latest portsnap (like a bundle of every package) and extract it to /usr/ports If you already have the ports-tree, you can simply update it with this command: portsnap fetch update Make use of it!!! But updating the ports-tree isn't enough to keep your software at the newest version. If you update your ports-tree you've updated the installation files, but not the softwares itselves. You can simply update the software AFTER YOU UPDATED THE PORTS-TREE with the program mentioned above: portupgrade! You can install portupgrade with this: cd /usr/ports/ports-mgmt/portupgrade && make install clean After the installation you can just type in 'rehash'. Now make sure you really updated the ports-tree with portsnap fetch update. Type in the following command to run portupgrade then: portupgrade -ai It'll check every version and asks you wheter to install the newer version or not. You can simply decide yourserlf! Make sure you update your ports-tree sometimes and your software too! Also the choose of your serverfiles is important! You'd better use serverfiles that are trustful and not modified with backdoors etc.. Better use untouched serverfiles and do the stuff yourself instead of using instant tea that's poisoning you. You get the drift, right? Especially the gamefile is important. You'd either compile one yourself or use a gamecore that's proven to be stable und secure. I'd now advertise my gamefile and tell you hooow good it is but I won't, it's up to you to make your decisions. Just make sure you're using something that won't kill your server at last. -> You misconfigured your software. It can't stand attacks <- To secure your server even more, you need to configure it properly. Most programs offer you to configure it with a configuration file. PHP allows you to set up a php.ini-file (I won't get into this), mysql offers you the my.cnf (too) and ssh gives you the opportunity to set up sshd_conf So first of all we need to configure the basics! What is the most important thing on your server? Right! The SSH-authentication. If someone breaks in there you can say good bye to your server, maybe once and for all (if you haven't got backups and time to reinstall everything). So we need to set up ssh. In freeBSD there is the following file: /etc/ssh/sshd_config You can simply edit it. Look over it and maybe google what the settings mean at all. It's very important. The most important thing is the "protocol" setting. It's set to the old version by default. Make sure this line is in your sshd_config: Protocol 2 If you're using Protocol 1, people can break down your machine within a snip of your fingers. After you edited your sshd_conf you can restart sshd by using this command: /etc/rc.d/sshd restart TRY to connect to your server via a new putty instance after you restarted ssh! If it won't work you'd better NEVER reboot your machine or close putty until you fixed this!!! The next thing is the firewall. ALWAYS make sure you got one. I recommend pf, but for this I'll write more another day. Not this time. Maybe you can use a sample script but CONFIGURE IT! You need to block every p2p port from outer access so people can't use the API to kill your metin2 server. I'll tell more about this another time and maybe add it if this topic goes well. And at last you'd consider your user restrictions. If someone is able to break in, he shouldn't be allowed to cause much damage. In the best case you'd set up another user and restrict 'root' from logging into your server. Of course you can do this for mysql too! And yes, DO IT! Connect to mysql via navicat. After that click on the Button "User" in the upper menu. You can edit, create and delete users you don't like to have. Or you can change their passwords. And of course, you can restrict them in many different ways. For example you can create a homepage user which is only allowed to insert/modify the tables it needs in the right way. Why do they need to be able to delete tables? Just give them only the rights they need. Even if someone can break in with this user, it wouldn't be that hard for you since he can't destroy your whole server. Finally there are some important things you should always have. Never let anyone work on your server unless you have to full control about it. This means, you shouldn't give access to your server (ssh AND mysql) to anyone except yourself and people you can REALLY REALLY REALLY REALLY REALLY REALLY REALLY (and take care of a big REALLY) trust and they also contribute to the project. If someone goes mad he can simply hack your server or just release the authentication data. Why do you think there are so many serverfiles released without the owners permission? And at least: always be paranoid. Never think "ohoho this won't affect me". You should consider EVERY option and let your attackers NO chance to break in. Get used to your machine, your system and your software and everything will be fine. Don't be lazy. Just be paranoid. Best Regards, Vanilla

Gameforge doesn't even have the source code. The developer is YMIR.