Jump to content

masodikbela

Premium
  • Posts

    235
  • Joined

  • Last visited

  • Days Won

    28
  • Feedback

    100%

masodikbela last won the day on April 17 2020

masodikbela had the most liked content!

About masodikbela

Informations

  • Gender
    Male
  • Country
    Hungary
  • Nationality
    Hungarian

Recent Profile Visitors

13482 profile views

masodikbela's Achievements

Proficient

Proficient (10/16)

  • Well Followed Rare
  • Reacting Well
  • Dedicated
  • Very Popular Rare
  • Collaborator

Recent Badges

1.3k

Reputation

  1. masodikbela

    New Aeldra

    The selection (and probably the coursor movement as well then) is not bidi aware there, thats why I said proper.
  2. masodikbela

    New Aeldra

    Original aeldra never had lycan. Thats right, its got leaked late 2018 and ppl started to sell my wiki from it around 2019. Apart from that there is a really easy way to distinct if something is from the latest aeldra files or not, as no other server has text selection and proper bi-direction text implemented as far as I know and it was fairly new in aeldra from around May 2022. Just open a PM window or normal chat window and try to select/copy texts from it or pasting texts containing both english and arabic texts. Apart from the code other assets from the client have been extracted many times before its closure so thats not an indicator that files have been leaked.
  3. There was a correction today after many years past the release. There was a heap-use-after-free bug in the regen_free_map function, which means that the regen struct has been freed and after that in the increment part of for-loop accessed this deleted struct for the next regen in line. Normally while its not safe, it still doesn't cause any issues since the just-freed memory part is not overwritten yet, but in rare occasions it can happen. Also with debug mode or debuggers using shadow bytes to detect such cases would immediately notice it. This might have been the reason while my vs debugger got stuck back in the old days. Thanks to @ Karbust for noticing this problem with address sanitizer.
  4. As I explained in details in the "How does it work?" part, there is nothing really to fix in the update function. The main problem is that the newly created item overwrites the original stack, and doesn't remove it properly from the core, creating an actual memory leak and later on loading the id is inside the global id map thus preventing it to be created again. But besides all of this putting an item to an occupied cell is an invalid operation and should be always prohibited.
  5. Hi there devs, Its been a while since my last topic, and the reason for waking up from my eternal hyper dream is no less significant than a small possible item dupe exploit that is present in the original leaked source, and therefore very likely still present on most of the active servers including the official. I've seen topics from late 2021 where this bug was abused on prestigious international servers, so its for sure known by some people for a long time, moreover even a related partial fix for the exploit is already present on the board: How does it work? How to fix it? I think I filled my quota of talking in the how does it work section above, so without further ado:
  6. Alright lets see your points: Indeed sus, but on the other hand, if you think about it: how can you actually get your toplist well known by players if not convincing an actually running server to give some thoughts about using their site instead of other already existing and already popular sites. As I'm aware by that time there was no other running toplist that was actually trustable and were not already proven to be corrupt in some ways (purchasable votes, easily bottable or something like that). If I would about to start a toplist I for sure would go try convince a big server to consider switching their primary vote for buff system to my site or noone will ever know about my site. (For example see m2devs toplist, literally noone uses it as far as I see.) This is a vague topic since probably as many ppl as there are will see it differently, as for me I don't see any similarities, the serverlist's logo (as well as the whole design) looks really oldschool, couldn't even compare it with any other server's I know about. I'm clueless about web development (and if you ask me its work of Satan himself so if he exists he is definitely the real brain behind it). From what little I know I could imagine this might even be some kind of framework generated code or something like that no? Like I said I'm clueless so rather not guess anything else on this point. I can only say the same thing as I did on the first point. All in all I can definitely see some kind of connection between them, so being in partnership at least seems to be very likely and actually would be very logical since the aforementioned points. However these are no proofs to that the toplist is owned by the same person/team. As far as I'm aware the toplist is owned by Zerial, and I can tell that for sure that he is not the owner of Aeldra. I don't see much point of this topic, there is no actual hard proof, the only thing I can see is the likely frustration of the author whos' probable interested in other concurrent toplist that is slowly losing popularity to this toplist. If the site turns out to be corrupt as the others (favouring specific servers, selling votes or so) then bring us some proof and I will grab my pitchfork and join the crowd.
  7. It is, and its already have clipping inside it, you can control it with the m_renderBox. The values in left, top, right and bottom of that m_renderBox will determine how much space have to be clipped from each side in pixel positions. I made a small visual presentation about clipping, more specifically about text clipping, but the theory behind it applys to every kind of texture clipping. Some additional good read about texture positions and texture rendering: Texture Coordinates, Directly Mapping Texels to Pixels
  8. If its from the leaked AE wiki no, otherwise post the code and will do that.
  9. Here is a little collab for the clipping, this extends the ExpandedImageBox, so you can scale/rotate those images and still be able to clip them. The code contains very informative comments so if you want to learn a few tricks you might want to read them.
  10. I have limited knowledge of freebsd and network security, but most of the time what ppl do is create a whitelist for the gameserver who can connect to it. By this I mean that on clientside they silently connect or send a request to a different server and they solve some kind of quiz to validate that it is actually a client on this ip, and then they update the whitelist on the firewall side. Now there are lots of room to play, like this validator server could be on a different machine or just listen on a different ip, there could be many other validators, etc. This would solve many problem, like you mentioned normally the bottleneck is the application itself like auth which gets overrun by connection requests and then ends up in a spiral of death rendering the application totally irresponsive. Now I believe that the freebsd kernel (and probably most of the os kernels) is very effective dropping unwanted packets so this type of attacks would have little to no noticeable affects on your network/machine. I've seen relatively big botnets fail against this method. Obviously if the attack is so large that the kernel (more specifically the firewall) becomes the bottleneck and your hardware cannot keep up, or your network bandwidth becomes limited because of the amount of data you receive this wont work. In these cases probably nothing you can do anyway and you would require to have an industrial grade hardware firewall instance before your machine (or if you do have it like for example at ovh they do have it afaik you just need control over it). Now we can argue how effective is this extra validation method. To be able to manipulate the quiz you have to reverse engineer the client which is already a relatively difficult task and you can make it harder with virtualisations. After that you have to implement this to the botnet itself which is already a problem for some of the botnets, like you dont have that fine grade of control over it. Now you can say that you will just target the validators, this indeed could work but you can anytime add more, change validation method, etc. Also this would only mean that new ips wouldnt be able to connect to your server which would affect relatively few players, because lets say you allow the ips for 48 hours to be whitelisted. The majority of the players log in every day or at least every few days, so they would be fine. Like Shogun said its about counter measures, counter counter measures and so on, its just about how patient the attacker is. In general this method is more than enough for a metin server. Now about how to implement it: I don't know, never configured any firewalls, never wrote any rules and don't know what tools you have for example for pf on freebsd. Like I said, this is not my field of expertise so feel free to correct me if I'm just talking bullshit now.
  11. I meant "don't get scammed by random kids trying to sell public stuff for money" by "don't get scammed by randoms". Because in the early days of the leak I saw many trying to do that with the wiki.
  12. Just a heads up about wiki: If you are looking for the same one (aeldra leaked wiki) that everyone uses don't get scammed by randoms, you can find it on less respectful forums for free.
×
×
  • Create New...

Important Information

Terms of Use / Privacy Policy / Guidelines / We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.