Luigi Auriemma

aluigi.org (ARCHIVE-ONLY FORUM!)
It is currently 19 Jul 2012 12:16

All times are UTC [ DST ]





Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 11 posts ] 
Author Message
 Post subject: Halo Vulnerability
PostPosted: 15 Jul 2008 03:20 

Joined: 15 Jul 2008 01:38
Posts: 12
Here's a demo of a vulnerability I just discovered. The video description summarizes it.

http://www.youtube.com/watch?v=0P_3js9-H94&fmt=18

I was actually working on another app for this game when I found this. It was completely by accident. It's exploitable in all Halo versions and it's not patchable unless Bungie patches it themselves. I reversed a bit of Halo's engine, which is also ported to Halo 2...it's pretty much the same, plus a few changes/additions. I'm sure this would also work for Halo 2 vista without a doubt. I would release my src / research, but I have fear this will be another haloboom massacre! I will share this with Luigi though! Please just enjoy =]


Top
 Profile  
 
 
 Post subject:
PostPosted: 15 Jul 2008 04:18 

Joined: 16 Aug 2007 06:25
Posts: 367
I hope it turns into a massacre, that way they get so many customers complaining that they actually release a fix.


Top
 Profile  
 
 Post subject:
PostPosted: 15 Jul 2008 08:53 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
I bet all you need to do is just changing the variable in memory containing the ID assigned to your player, right?

Soma: the massacre has already happened 2 weeks ago, when some people (ab)used the recent vulnerability I found (defining "recent" a variation of a bug found 3 years ago is probably a bit stupid) and Bungie has released a quick fix in about 4 days.
they will release new fixes for other vulnerabilities in august


Top
 Profile  
 
 Post subject:
PostPosted: 15 Jul 2008 13:59 

Joined: 16 Aug 2007 06:25
Posts: 367
Good for them. I wish all game design companies were that quick, such as the BF series where the fake players dos still exists.


Top
 Profile  
 
 Post subject:
PostPosted: 15 Jul 2008 14:30 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
about the "fake players bug", Halo suffers of the same identical problem: as you know the servers of both the games require that the player has a valid cdkey to allow him to join but this check is performed after having assigned the free slot to the client.
So you can fill all the server slots using just a couple of packets... blah


Top
 Profile  
 
 Post subject:
PostPosted: 06 Aug 2008 18:01 

Joined: 15 Jul 2008 01:38
Posts: 12
It got patched =]

Glad bungie is actually fixing stuff, even though it should have been done LONG ago.


Top
 Profile  
 
 Post subject:
PostPosted: 12 Aug 2008 05:16 

Joined: 11 Aug 2008 16:01
Posts: 7
Dude, thats so awesome!!!!

I am still laughing hours later!!!

Really....


Top
 Profile  
 
 Post subject:
PostPosted: 14 Aug 2008 12:58 

Joined: 24 Sep 2007 02:12
Posts: 1114
Location: http://sethioz.co.uk
aluigi wrote:
about the "fake players bug", Halo suffers of the same identical problem: as you know the servers of both the games require that the player has a valid cdkey to allow him to join but this check is performed after having assigned the free slot to the client.
So you can fill all the server slots using just a couple of packets... blah


lol whats the point of this then ? was it suppouse to prevent fake players ? or its just simply there to prevent ppl playing with invalid cd-keys ?


Top
 Profile  
 
 Post subject:
PostPosted: 14 Aug 2008 20:01 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
the cdkey checks are made for people (the client sends the hash to the server and this one verifies with the master server if it has been already authenticated)

the fake players bug has been limited in the new Halo patch reducing the number of players from the same IP (without doubts the best solution at the moment) but as far as I know the cdkey check is still performed after having filled the slot.


Top
 Profile  
 
 Post subject:
PostPosted: 15 Aug 2008 23:51 

Joined: 24 Sep 2007 02:12
Posts: 1114
Location: http://sethioz.co.uk
its not directly about this topic, but i dont think game developers even give a shit about stuff like : cheating, hacking, using wrong cd-keys, flooding, exploiting..etc.
recently i downloaded GRID (2007 or 2008 year game). you can run the game using only daemon tools (no crack needed) and it does not need any cd-key to play online. see wht i mean ?!
so they dont really care if somebody floods servers with fake players. so they just did something to prevent ppl from playing with wrong cd-keys.


Top
 Profile  
 
 Post subject:
PostPosted: 17 Aug 2008 17:37 

Joined: 15 Jul 2008 01:38
Posts: 12
I agree on some what of a level with you. I will give a great example to go along with yours. Halo 2 Vista. Nearly everything is client sided. It's been that way since it has been released, yet it still has not been patched. I mean, do they really not give a shit or are they just fucking retarded?


Top
 Profile  
 
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 11 posts ] 

All times are UTC [ DST ]


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for: