Luigi Auriemma

aluigi.org (ARCHIVE-ONLY FORUM!)
It is currently 19 Jul 2012 19:19

All times are UTC [ DST ]





Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 149 posts ]  Go to page Previous  1, 2, 3, 4, 5  Next
Author Message
 Post subject:
PostPosted: 13 Nov 2007 21:48 

Joined: 05 Oct 2007 01:20
Posts: 402
Location: Florida
oh u did? oh ok. i thought u just guessed at random what to do :P, alright but i wont update to 1.04... and like i dont really know anyone else that can help, ravensoft and lucas arts refused to help/source code


Top
 Profile  
 
 
 Post subject:
PostPosted: 13 Nov 2007 22:06 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
Not only comparing the 2 files was the first thing I did, I also started the experimental creation of a tool for doing this job automatically comparing the assembly instructions of each function... something like bindiff but a baaaaasic level.
The idea of executable comparing tool is great but continuing the project is not for the moment.

Anyway you still didn't reported details about that experimental patch, I mean what error or type of crash it caused on your server?


Top
 Profile  
 
 Post subject:
PostPosted: 14 Nov 2007 02:09 

Joined: 05 Oct 2007 01:20
Posts: 402
Location: Florida
oh true... uh well it says "WARNING: bad command byte for client 0" and about 2 seconds after it says that, it makes that error pop up and it crashes.

http://i36.photobucket.com/albums/e35/e ... rpatch.jpg

it's the windows error... same one i got before, would it work on linux since linux doesn't have that error? or would it probably still crash

Quote:
That it I'm reporting you guys to Microsoft for Conspiracy of Hacking, enjoy this sight while u can
hey fuck you and u cant ban me asshole, so dont even try

spoke to Microsoft, they can sue u for copyright


o.O copyright? how the hell is it copyright o.O sry i had to comment on this some how it was locked. also NONE of these are hacking, they're exploits. and not all of us are bad, see what im doing, im like the #1 in jk2 1.02 that uses this stuff and more that isn't listed on site, but i also distribute and create some fixes for all, wtf you think this mod is for that i am making, oi! i hope that cat reads this post!!

:) hehe had to reply to it, bothered me :P


Top
 Profile  
 
 Post subject:
PostPosted: 14 Nov 2007 10:00 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
Damned JK2 it's a pain to fix, it requires too much work or too much motivation.

And don't worry for having commented what that kid said, that post he wrote was so funny that I'm almost proud to have a similar thing here on my forum moreover because now anyone which is sad can find a laugh reading that Harry's posts ah ah ah


Top
 Profile  
 
 Post subject:
PostPosted: 14 Nov 2007 23:51 

Joined: 05 Oct 2007 01:20
Posts: 402
Location: Florida
i can motivate u to do it xD lol

:P yeah it is sort of funny


Top
 Profile  
 
 Post subject:
PostPosted: 15 Nov 2007 22:07 

Joined: 05 Oct 2007 01:20
Posts: 402
Location: Florida
blarg


Last edited by evan1715 on 21 Jan 2008 19:11, edited 1 time in total.

Top
 Profile  
 
 Post subject:
PostPosted: 16 Nov 2007 11:13 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
Quote:
ok yeah i like compared jka's with jk2's source code and g_clients on checkclientname, userinfo, clientconnect, and clientbegin are like all the same and have nothing to do with the illegal characters...


The rule is, if you don't know where the crash happens just kick the client if it tries to exploit the bug.
Fast, simple and secure.

Quote:
"CL_ParsePacketEntities" would that be fixed in client or could i fix that in jk2ded 1.03a to skip that error and let them in?


CL_ParsePacketEntities is a known problem in JK2 in fact many players have this same error (I talk about latest version) and people says that the cause of the problem is the no-cd... mah

Quote:
4. if i ask for a server source code, would i ask for 1.03a or 1.02c :P


Ask to who? Raven?

Quote:
5. i opened jk2 and i saw 7 active 1.02 servers compared to 20 1 year ago... could u help majorly so i can keep 1.02 alive, PLEASE im begging, u probably don't want to as i can tell :S


Eh eh eh you know what I think about old unpatched versions, motivation and time lost for doing something already done 8-)
And no you are not begging, you are perfect for forcing the others to loose patience ih ih ih


Top
 Profile  
 
 Post subject:
PostPosted: 16 Nov 2007 12:23 

Joined: 14 Aug 2007 13:32
Posts: 71
Pmsl ..


Top
 Profile  
 
 Post subject:
PostPosted: 16 Nov 2007 14:14 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
ah ah ah I didn't know this acronym, but now yes 8-)


Last edited by aluigi on 16 Nov 2007 22:29, edited 1 time in total.

Top
 Profile  
 
 Post subject:
PostPosted: 16 Nov 2007 22:08 

Joined: 05 Oct 2007 01:20
Posts: 402
Location: Florida
blarg


Last edited by evan1715 on 21 Jan 2008 19:12, edited 1 time in total.

Top
 Profile  
 
 Post subject:
PostPosted: 16 Nov 2007 22:43 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
http://acronyms.thefreedictionary.com/PMSL


Top
 Profile  
 
 Post subject:
PostPosted: 16 Nov 2007 22:50 

Joined: 05 Oct 2007 01:20
Posts: 402
Location: Florida
blarg


Last edited by evan1715 on 21 Jan 2008 19:12, edited 1 time in total.

Top
 Profile  
 
 Post subject:
PostPosted: 16 Nov 2007 23:00 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
yes this is what I meant, don't allow the attacker to join the server


Top
 Profile  
 
 Post subject:
PostPosted: 16 Nov 2007 23:28 

Joined: 05 Oct 2007 01:20
Posts: 402
Location: Florida
blarg


Last edited by evan1715 on 21 Jan 2008 19:13, edited 1 time in total.

Top
 Profile  
 
 Post subject:
PostPosted: 18 Nov 2007 23:22 

Joined: 05 Oct 2007 01:20
Posts: 402
Location: Florida
blarg


Last edited by evan1715 on 21 Jan 2008 19:13, edited 2 times in total.

Top
 Profile  
 
 Post subject:
PostPosted: 19 Nov 2007 09:48 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
Code:
    static const char name_allow[] =
        "QqWwEeRrTtYyUuIiOoPpAaSsDdFfGgHhJjKkLlZzXxCcVvBbNnMm<>?,./';:][{}`~1234567890-=!@#$^&*()_+ ";

    int i, j, c;
    for(i = 0; (c = name[i]); i++) {
        for(j = 0; name_allow[j]; j++) {
            if(c == name_allow[j]) break;
        }
        if(!name_allow[j]) DISCONNECT_THE_PLAYER;
    }


Top
 Profile  
 
 Post subject:
PostPosted: 22 Nov 2007 12:19 

Joined: 24 Oct 2007 00:44
Posts: 26
Oh yeah, my only idea, rather then reverse enginierring 1.03 to 1.02.....inject a dll with all the mods ect into the server.

If you know how anyways :P

Oh, and what causes special chars in the name, to crash or lag the server upon connect?


Top
 Profile  
 
 Post subject:
PostPosted: 22 Nov 2007 15:10 

Joined: 05 Oct 2007 01:20
Posts: 402
Location: Florida
blarg


Last edited by evan1715 on 21 Jan 2008 19:13, edited 1 time in total.

Top
 Profile  
 
 Post subject:
PostPosted: 23 Nov 2007 22:03 

Joined: 05 Oct 2007 01:20
Posts: 402
Location: Florida
blarg


Last edited by evan1715 on 21 Jan 2008 19:13, edited 1 time in total.

Top
 Profile  
 
 Post subject:
PostPosted: 23 Nov 2007 22:18 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
injecting a mod???
This is sci-fi 8-)
Anyway I have really not understood what you mean exactly, it's not clear


Top
 Profile  
 
 Post subject:
PostPosted: 23 Nov 2007 22:49 

Joined: 24 Oct 2007 00:44
Posts: 26
What I said?
Well, make a dll to mod some stuff, and inject it into the jk2Ded.exe, and in theory it will mod the stuff....


Top
 Profile  
 
 Post subject:
PostPosted: 23 Nov 2007 23:04 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
the problem is that you need to know exactly what to modify


Top
 Profile  
 
 Post subject:
PostPosted: 24 Nov 2007 04:33 

Joined: 05 Oct 2007 01:20
Posts: 402
Location: Florida
as in...???

it would be same as launching it with the .qvm\vm\.pk3 right?


Top
 Profile  
 
 Post subject:
PostPosted: 24 Nov 2007 12:45 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
pk3/qvm/vm handle the SDK stuff of the game, for the engine (the core) you need dll injection or exe modifying


Top
 Profile  
 
 Post subject:
PostPosted: 24 Nov 2007 16:05 

Joined: 05 Oct 2007 01:20
Posts: 402
Location: Florida
ooh so it is possible, if it is, what do u mean by exactly knowing what to modify??


Top
 Profile  
 
 Post subject:
PostPosted: 24 Nov 2007 20:01 

Joined: 05 Oct 2007 01:20
Posts: 402
Location: Florida
hey luigi can u make 1 of those lpatch files using this:

Original:
:00411B4D 8B4D0C mov ecx, dword[ebp+0C]
:00411B50 8931 mov dword[ecx], esi
:00411B52 8B432C mov eax, dword[ebx+2C]
:00411B55 83C004 add eax, 00000004
:00411B58 3D00400000 cmp eax, 00004000
:00411B5D EB10 jmp 00411B6F
:00411B5F 50 push eax
:00411B60 6874FB4600 push 0046FB74
(StringData)"Netchan_Process: length = %i"
:00411B65 6A01 push 00000001
:00411B67 E8E46DFFFF call 00408950
:00411B6C 83C40C add esp, 0000000C

Patch?:
:00411B52 8B4D0C mov ecx, dword[ebp+0C]
:00411B55 8D4330 lea eax, dword[ebx+30]
:00411B58 8931 mov dword[ecx], esi
:00411B5A 8B532C mov edx, dword[ebx+2C]
:00411B5D 8B4D0C mov ecx, dword[ebp+0C]
:00411B60 52 push edx
:00411B61 83C104 add ecx, 00000004
:00411B64 50 push eax
:00411B65 51 push ecx
:00411B66 E85593FFFF call 0040AEC0
:00411B6B 8B532C mov edx, dword[ebx+2C]
:00411B6E 83C40C add esp, 0000000C
:00411B71 83C204 add edx, 00000004
:00411B74 B801000000 mov eax, 00000001
:00411B79 895514 mov dword[ebp+14], edx
:00411B7C C7432C00000000 mov dword[ebx+2C], 00000000
:00411B83 C7451804000000 mov dword[ebp+18], 00000004
:00411B8A C7451C20000000 mov dword[ebp+1C], 00000020
:00411B91 5F pop edi
:00411B92 5E pop esi
:00411B93 5D pop ebp
:00411B94 5B pop ebx
:00411B95 83C408 add esp, 00000008
:00411B98 C3 ret

tried making my own lpatch txt file but it didn't want to work correctly


Top
 Profile  
 
 Post subject:
PostPosted: 24 Nov 2007 21:04 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
Check the attachment.
Anyway remember that assembly is not a "copy&paste" language so if you don't know exactly what you are doing stay sure that this will never work


Attachments:
blabla.lpatch [600 Bytes]
Downloaded 103 times
Top
 Profile  
 
 Post subject:
PostPosted: 24 Nov 2007 21:30 

Joined: 05 Oct 2007 01:20
Posts: 402
Location: Florida
fak! it worked half way, but now its more vulnerable, instead of executing it 4x, u only have to do it once for it to crash :P, atleast it booted up and loaded and let people connect, i thought it wasnt even going to boot up, 66 byte changes :P

and ur right, i have no idea what im doing but msgboom MUST be fixed :S


Top
 Profile  
 
 Post subject:
PostPosted: 25 Nov 2007 01:05 

Joined: 05 Oct 2007 01:20
Posts: 402
Location: Florida
blarg


Last edited by evan1715 on 21 Jan 2008 18:59, edited 2 times in total.

Top
 Profile  
 
 Post subject:
PostPosted: 25 Nov 2007 15:06 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
I have tried using the name you posted (and naturally the code you pasted as is) and it's correctly identified as illegal, so I don't see the problem.

Have you tested this thing personally (joining with only bad chars on your server) or not?
Have you checked if when you change nickname in-game the check is performed in that occasion too?


Top
 Profile  
 
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 149 posts ]  Go to page Previous  1, 2, 3, 4, 5  Next

All times are UTC [ DST ]


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for: