Leaderboard

WARNING: If your teleporter panel in lua doesn't use pc.can_warp you must add it obv ! It's important to check if a player can warp using pc.can_warp before to call pc.warp Hello community, I have always seen people go crazy for this problem which is solved with 2 lines of code, in particular with the various offlineshops (mine, or the free release great and ken) that are unfairly blamed for having duplication bugs. No! I believe that if you warp a player on another core without performing any checks you can't blame those who made the other systems which are then used to take advantage of the vulnerability you caused. If you implement something you need to make sure there are adequate checks to avoid causing vulnerabilities. In my opinion the cause of the duplication is not the various offlineshops, but the channel switcher which does not perform not even half checks before executing the warp. Anyway, no more chatter. I will explain here how to fix this problem. The first thing to check is if the channel switcher is using CHARACTER :: CanWarp to check if the player can be connected on a new channel or not. here i wanna paste a commonly seen function channel switcher to connect the player (char.cpp): void CHARACTER::ChannelSwitch(int iNewChannel){ long lAddr; long lMapIndex; WORD wPort; long x = this->GetX(); long y = this->GetY(); if (!CMapLocation::instance().Get(x, y, lMapIndex, lAddr, wPort)) { return; } if(lMapIndex >= 10000){ return; } std::map<WORD, int>ch; for(int i = 0; i < 4; i++){ for(int i2 = 1; i2 < 9; i2++){ ch[30*1000 + i*100 + i2] = i+1; } } int chan; if(ch.find(wPort) != ch.end()){ chan = ch[wPort]; }else{return;} Stop(); Save(); if(GetSectree()){ GetSectree()->RemoveEntity(this); ViewCleanup(); EncodeRemovePacket(this); } TPacketGCWarp p; p.bHeader = HEADER_GC_WARP; p.lX = x; p.lY = y; p.lAddr = lAddr; p.wPort = (wPort - 100*(chan-1) + 100*(iNewChannel-1)); GetDesc()->Packet(&p, sizeof(TPacketGCWarp)); } How you can see, no checks are performed to check if the character are using any systems which may give problems. So Here what we need is to add CanWarp check at the beginning of the method. void CHARACTER::ChannelSwitch(int iNewChannel){ //* START DUPLICATION FIX //* prevent problems about duplication of items //* using safebox/exchange/shop/acce if(!CanWarp()){ return; } //* END DUPLICATION FIX long lAddr; long lMapIndex; WORD wPort; long x = this->GetX(); long y = this->GetY(); if (!CMapLocation::instance().Get(x, y, lMapIndex, lAddr, wPort)) { return; } if(lMapIndex >= 10000){ return; } std::map<WORD, int>ch; for(int i = 0; i < 4; i++){ for(int i2 = 1; i2 < 9; i2++){ ch[30*1000 + i*100 + i2] = i+1; } } int chan; if(ch.find(wPort) != ch.end()){ chan = ch[wPort]; }else{return;} Stop(); Save(); if(GetSectree()){ GetSectree()->RemoveEntity(this); ViewCleanup(); EncodeRemovePacket(this); } TPacketGCWarp p; p.bHeader = HEADER_GC_WARP; p.lX = x; p.lY = y; p.lAddr = lAddr; p.wPort = (wPort - 100*(chan-1) + 100*(iNewChannel-1)); GetDesc()->Packet(&p, sizeof(TPacketGCWarp)); } This is enoght to solve 100% of the problems if your CanWarp is a complete check about all your system installed. If not, you just need to adapt CanWarp with the systems you have installed. I will make an example with my offlineshop so that the speech is clear to anyone. Let's take a look to the Default CanWarp method. The first thing to note is that its purpose is obviously to return true if the player is able to reconnect without any problems. bool CHARACTER::CanWarp() const { const int iPulse = thecore_pulse(); const int limit_time = PASSES_PER_SEC(g_nPortalLimitTime); if ((iPulse - GetSafeboxLoadTime()) < limit_time) return false; if ((iPulse - GetExchangeTime()) < limit_time) return false; if ((iPulse - GetMyShopTime()) < limit_time) return false; if ((iPulse - GetRefineTime()) < limit_time) return false; if (GetExchange() || GetMyShop() || GetShopOwner() || IsOpenSafebox() || IsCubeOpen()) return false; return true; } How you can see here you can find a lot of checks which they are checking the last time of every auction may be used to take exploit the warp. What we need to do here is to add new checks, to cover all the systems installed and fix all vulnerabilities. An example about an offlineshop would be: bool CHARACTER::CanWarp() const { const int iPulse = thecore_pulse(); const int limit_time = PASSES_PER_SEC(g_nPortalLimitTime); if ((iPulse - GetSafeboxLoadTime()) < limit_time) return false; if ((iPulse - GetExchangeTime()) < limit_time) return false; if ((iPulse - GetMyShopTime()) < limit_time) return false; if ((iPulse - GetRefineTime()) < limit_time) return false; if (GetExchange() || GetMyShop() || GetShopOwner() || IsOpenSafebox() || IsCubeOpen()) return false; #ifdef __ENABLE_NEW_OFFLINESHOP__ if (iPulse - GetOfflineShopUseTime() < limit_time) return false; if (GetOfflineShopGuest() || GetAuctionGuest()) return false; #endif return true; } Note: I m using GetOfflineShopGuest and GetAuctionGuest which are methods used on my shop to get the pointer to the opened offlineshop/auction but if you are using another offlineshop system you need to find the equivalent way to check if the player is guest into a offline shop. The method GetOfflineShopUseTime is a new method which i m implementing to check the last use time of the system. Let's see how to implement it (char.cpp) //SEARCH void ResetStopTime(); DWORD GetStopTime() const; //ADD UNDER #ifdef __ENABLE_NEW_OFFLINESHOP__ public: int GetOfflineShopUseTime() const {return m_iOfflineShopUseTime;} void SetOfflineShopUseTime(){m_iOfflineShopUseTime = thecore_pulse();} private: int m_iOfflineShopUseTime = 0; #endif Here we are instantiating a new int where we can store the current time when player use the systemUsing SetOfflineShopUseTime the method will update the value of m_iOfflineShopUseTime and using GetOfflineShopUseTime we can check the last time player used the system (as done into CanWarp). What's missing to do? We need to use SetOfflineShopUseTime where the player is using our offlineshop (buy item, open shop, edit shop, close shop, ecc.) , so that the last use time is actually updated when needed, making the check in can warp effective. A similar check can be done for other systems (eg acce system) to make our CanWarp safer and more effective. I hope it's usefull. Bye

I have found a reference long time ago. PythonPlayerSkill.cpp > CPythonPlayer::__ProcessEnemySkillTargetRange:

M2 Download Center Download Here ( Internal )

M2 Download Center Download Here ( Internal )

M2 Download Center Download Here ( Internal ) Download Here ( GitHub ) Hi, I made this system not so long ago, benefited the script from the official server and worked on the C++, just decided to share this system with everyone because I no longer care much about it. It’s not really a big of a system and most likely it could be leaked from some traitor so honestly, I rather share it myself. Instead of adding the tutorial here I will link a repository to the guidelines. Demonstration The inventory slot marking works best with @xP3NG3Rx's release. I do not support the implementation of the system neither does do author of the inventory slot marking, I believe.

M2 Download Center Download Here ( Internal )

Must be a hard thing to do to upload a single image to an imagehoster

Looks like some of you need some opening the evidence. But fortunately if needed.

In the last update, i've implemented the multithreading in the archive. It's currently extremely fast. For packing, what it took 180s now is done in 5s. For unpacking, what it took 180s now is done in 30s if the folders are missing, otherwise 6s. i.e. I also improved the original single-thread algorithm so it's faster than the older versions. I noticed 2 weird things though: 1) On parallel mode, some prints are skipped, so if you need to debug something, disable both --nolog and --parallel. 2) Redirecting the output to file (>.txt) on parallel mode slowers the process as if it were single thread back again. FULL CHANGELOG v1.3 added install.bat for installing everything (must be runned as admin) v1.4 added "force_filename_lowercase" config field v1.5 fixed packing of non all-lower-named packs v1.6 fixed extraction of 0kb files v1.7 fixed extraction of 2-len packs names v1.8 fixed packing/unpacking files/folders with spaces in filenames (issue present only in the .bats) v1.9 added type6 and header mcsp decryption v2.0 added "ignore_full_name" config field, and allowed writing comments inside the .json setting file v2.1 added "eter_magic_mcoz","eter_magic_epkd","eter_magic_mcsp" fields v2.2 added "parallel" in .json, and --parallel as argument for multithreading packing/unpacking v2.3 added global .json load from %userprofile% if the local ones are missing v2.4 fixed type6 unpacking in parallel mode v2.5 improved parallel speed when packing by 20x

M2 Download Center Download Here ( Internal ) 4.1 1.6

@xP3NG3Rx @arves100@PACI

Bah I'll try to reupload the image in this days on another source maybe

And still no working image. Is this a kind of troll or smth else?