Jump to content
×
×
  • Create New...
  • 0

[Found] A little exploit


Exygo

Question

  • Moon

I just want to inform you guys(if you didn't know) that the function net.SendGuildPostCommentPacket can be used to increase the size of guild_comment table, so good luck to fix it in your server.

Link to comment

5 answers to this question

Recommended Posts

  • 0

This is not "exploit", already exist more things like this on communication with packets clientside-serverside, some mistakes from ymir to check something.

But make a small check for arguments what was sended, and "exploit" is fixed in 3 lines.

std::string str = argument before sended
	#define MAX_LEN 50
	unsigned size;
	
	// Choice method to calculation size
	size = str.size();
	size = str.length();
	size = strlen(str.c_str());
	
	// Method 1
	if (size > MAX_LEN)
		return false;

	// Method 2
	if (size > MAX_LEN)
	{
		str.resize(MAX_LEN);
		ch->ChatPacket(CHAT_TYPE_INFO, "std::string str = %s", str.c_str());
	}

 

  • Love 1
Link to comment
  • 0
  • Moon

This is just a notice for guys who didn't observed this ymir mistake, and is not about string length, you can let multiple accounts with modified py files with  net.SendGuildPostCommentPacket  in OnUpdate

Link to comment
  • 0

So what is so hard to fix? make a timer global from server and not give permission to do something when current timer is < then global timer. 

Also people was used this net.SendGuildPostCommentPacket in OnUpdate for illumina, because not was make good refresh.

Link to comment
  • 0
  • Moon
17 minutes ago, Kirosachi said:

So what is so hard to fix? make a timer global from server and not give permission to do something when current timer is < then global timer. 

Also people was used this net.SendGuildPostCommentPacket in OnUpdate for illumina, because not was make good refresh.

WTF is wrong with you ?

Link to comment
  • 0

Damn, what is wrong? I give solutions for people, and i'm wrong?

I was want to say: "You, they, them find this "exploit" with illumina.", a lot a people what have illumina have this function in onupdate :D.

I know, is not related with topic, but from where they find this.

I was want to say "this is not exploit", and need to change name title, you create confusion ugly for owner's.

Exist a lot a things like this if you run on onupdate functions what sended packet, so this informations is not new. ^^

#english #shit

  • Love 1
Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


  • Read our Rules
  • Activity

    1. 19

      Official Keyboard Settings System

    2. 0

      Interface metin2 i need help

    3. 28

      Inbuild GR2 Animation

    4. 19

      Official Keyboard Settings System

    5. 19

      Official Keyboard Settings System

  • Recently Browsing

    No registered users viewing this page.

Important Information

Terms of Use / Privacy Policy / Guidelines / We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.