Acesta este un fix pentru Vulnerabilitatea nou apărută cu SQL Injection în messenger şi guild
Tutorialul este preluat de la turkmmo şi tradus în română!
2089 Game Core DIFF
game_2089M
0010F5C3: 31 EB
0010F5C4: C0 09
33820 Database Core (Singapore) DIFF
This difference file is created by The Interactive Disassembler
db_r33820_32_u
000925A5: 01 00
34083 Game Core DIFF
This difference file is created by The Interactive Disassembler
game_r34083_32
0040DFE5: 01 00
Alternativ pentru 34K
Friends fix 34k
This difference file has been created by TURKMMO - SAWASHAN.!
game_34083
000E0128: 2C 3C
000E0190: 2C 3C
000E0196: E8 E9
000E0197: 95 AF
000E0198: D2 9C
000E0199: FB 39
000E019A: FF 00
000E019B: 89 90
000E019C: 5C 90
000E019D: 24 90
000E019E: 0C 90
000E02DD: 8D 90
000E02DE: 76 90
000E02DF: 00 90
000E0351: C7 B8
000E0352: 44 FF
000E0353: 24 FF
000E0354: 04 FF
000E0356: FF F0
000E0357: FF 0F
000E0358: FF C1
000E0359: 89 02
000E035A: 14 89
000E035B: 24 C2
000E035C: E8 90
000E035D: 6F 90
000E035E: 68 90
000E035F: F2 90
000E0360: FF 90
000E0361: 89 90
000E0362: C2 90
000E0545: C7 B8
000E0546: 44 FF
000E0547: 24 FF
000E0548: 04 FF
000E054A: FF F0
000E054B: FF 0F
000E054C: FF C1
000E054D: 89 02
000E054E: 14 89
000E054F: 24 C2
000E0550: E8 90
000E0551: 7B 90
000E0552: 66 90
000E0553: F2 90
000E0554: FF 90
000E0555: 89 90
000E0556: C2 90
000E05B6: C7 B8
000E05B7: 44 FF
000E05B8: 24 FF
000E05B9: 04 FF
000E05BB: FF F0
000E05BC: FF 0F
000E05BD: FF C1
000E05BE: 89 02
000E05BF: 14 89
000E05C0: 24 C2
000E05C1: E8 90
000E05C2: 0A 90
000E05C3: 66 90
000E05C4: F2 90
000E05C5: FF 90
000E05C6: 89 90
000E05C7: C2 90
000E0624: C7 B8
000E0625: 44 FF
000E0626: 24 FF
000E0627: 04 FF
000E0629: FF F0
000E062A: FF 0F
000E062B: FF C1
000E062C: 89 02
000E062D: 14 89
000E062E: 24 C2
000E062F: E8 90
000E0630: 9C 90
000E0631: 65 90
000E0632: F2 90
000E0633: FF 90
000E0634: 89 90
000E0635: C2 90
00129165: 68 78
00129167: 75 7D
00129168: F8 FC
0012916D: 75 7D
00129170: 7D 75
00129171: FC F8
00129173: 7D 75
0012917A: AC A0
0012917C: 06 07
00129198: 07 06
001291B2: 07 17
001291B3: 8B E9
001291B4: 1E 64
001291B5: 89 0C
001291B6: 45 35
001291B7: B0 00
001291BD: 8B 8D
001291BF: B0 E1
001291C1: 5C 54
001291C4: 8D C7
001291C5: 5D 44
001291C6: BD 24
001291C7: C7 04
001291C8: 44 D0
001291C9: 24 91
001291CA: 04 47
001291CB: D0 08
001291CC: 91 89
001291CD: 47 5C
001291CE: 08 24
001291CF: 89 0C
001291D0: 54 8D
001291D1: 24 5D
001291D2: 0C AE
001291E6: AC A0
001291E8: 74 7C
001291EC: 7C 74
001291F9: BD AE
00129204: 07 06
0012920B: BE AF
0012921D: 06 07
00129224: D7 C8
00479E1C: 00 8B
00479E1D: 00 42
00479E1E: 00 F4
00479E1F: 00 89
00479E20: 00 54
00479E21: 00 24
00479E22: 00 0C
00479E23: 00 C7
00479E24: 00 44
00479E25: 00 24
00479E26: 00 08
00479E27: 00 0F
00479E2B: 00 89
00479E2C: 00 44
00479E2D: 00 24
00479E2E: 00 10
00479E2F: 00 8D
00479E30: 00 45
00479E31: 00 E1
00479E32: 00 89
00479E33: 00 44
00479E34: 00 24
00479E35: 00 04
00479E36: 00 A1
00479E37: 00 20
00479E38: 00 37
00479E39: 00 6A
00479E3A: 00 08
00479E3B: 00 89
00479E3C: 00 04
00479E3D: 00 24
00479E3E: 00 E8
00479E3F: 00 ED
00479E40: 00 BC
00479E41: 00 C2
00479E42: 00 FF
00479E43: 00 8B
00479E44: 00 1E
00479E45: 00 E9
00479E46: 00 6E
00479E47: 00 F3
00479E48: 00 CA
00479E49: 00 FF
00479E4A: 00 A1
00479E4B: 00 20
00479E4C: 00 37
00479E4D: 00 6A
00479E4E: 00 08
00479E4F: 00 89
00479E50: 00 5C
00479E51: 00 24
00479E52: 00 0C
00479E53: 00 C7
00479E54: 00 44
00479E55: 00 24
00479E56: 00 10
00479E57: 00 0D
00479E5B: 00 C7
00479E5C: 00 44
00479E5D: 00 24
00479E5E: 00 08
00479E5F: 00 19
00479E63: 00 C7
00479E64: 00 44
00479E65: 00 24
00479E66: 00 04
00479E67: 00 F4
00479E68: 00 16
00479E69: 00 6A
00479E6A: 00 08
00479E6B: 00 89
00479E6C: 00 04
00479E6D: 00 24
00479E6E: 00 E8
00479E6F: 00 BD
00479E70: 00 BC
00479E71: 00 C2
00479E72: 00 FF
00479E73: 00 E8
00479E74: 00 B8
00479E75: 00 35
00479E76: 00 C2
00479E77: 00 FF
00479E78: 00 C7
00479E79: 00 44
00479E7A: 00 24
00479E7B: 00 0C
00479E7C: 00 F4
00479E7D: 00 16
00479E7E: 00 6A
00479E7F: 00 08
00479E80: 00 E9
00479E81: 00 19
00479E82: 00 63
00479E83: 00 C6
00479E84: 00 FF
Guild FIX 34k
This difference file has been created by TURKMMO - SAWASHAN.!
game34083
00129165: 68 78
00129167: 75 7D
00129168: F8 FC
0012916D: 75 7D
00129170: 7D 75
00129171: FC F8
00129173: 7D 75
0012917A: AC A0
0012917C: 06 07
00129198: 07 06
001291B2: 07 17
001291B3: 8B E9
001291B4: 1E 64
001291B5: 89 0C
001291B6: 45 35
001291B7: B0 00
001291BD: 8B 8D
001291BF: B0 E1
001291C1: 5C 54
001291C4: 8D C7
001291C5: 5D 44
001291C6: BD 24
001291C7: C7 04
001291C8: 44 D0
001291C9: 24 91
001291CA: 04 47
001291CB: D0 08
001291CC: 91 89
001291CD: 47 5C
001291CE: 08 24
001291CF: 89 0C
001291D0: 54 8D
001291D1: 24 5D
001291D2: 0C AE
001291E6: AC A0
001291E8: 74 7C
001291EC: 7C 74
001291F9: BD AE
00129204: 07 06
0012920B: BE AF
0012921D: 06 07
00129224: D7 C8
00479E1C: 00 8B
00479E1D: 00 42
00479E1E: 00 F4
00479E1F: 00 89
00479E20: 00 54
00479E21: 00 24
00479E22: 00 0C
00479E23: 00 C7
00479E24: 00 44
00479E25: 00 24
00479E26: 00 08
00479E27: 00 0F
00479E2B: 00 89
00479E2C: 00 44
00479E2D: 00 24
00479E2E: 00 10
00479E2F: 00 8D
00479E30: 00 45
00479E31: 00 E1
00479E32: 00 89
00479E33: 00 44
00479E34: 00 24
00479E35: 00 04
00479E36: 00 A1
00479E37: 00 20
00479E38: 00 37
00479E39: 00 6A
00479E3A: 00 08
00479E3B: 00 89
00479E3C: 00 04
00479E3D: 00 24
00479E3E: 00 E8
00479E3F: 00 ED
00479E40: 00 BC
00479E41: 00 C2
00479E42: 00 FF
00479E43: 00 8B
00479E44: 00 1E
00479E45: 00 E9
00479E46: 00 6E
00479E47: 00 F3
00479E48: 00 CA
00479E49: 00 FF
Sursă ( YMIR 2013 )
game/src cautam messenger_manager.cpp şi in el apăsăm ctrl+f şi căutam;
void MessengerManager::RemoveFromList(MessengerManager::keyA account, MessengerManager::keyA companion)
Ar trebui să arate cam aşa:
void MessengerManager::RemoveFromList(MessengerManager::keyA account, MessengerManager::keyA companion)
{
if (companion.size() == 0)
return;
sys_log(1, "Messenger Remove %s %s", account.c_str(), companion.c_str());
DBManager::instance().Query("DELETE FROM messenger_list%s WHERE account='%s' AND companion = '%s'",
get_table_postfix(), account.c_str(), companion.c_str());
__RemoveFromList(account, companion);
TPacketGGMessenger p2ppck;
p2ppck.bHeader = HEADER_GG_MESSENGER_REMOVE;
strlcpy(p2ppck.szAccount, account.c_str(), sizeof(p2ppck.szAccount));
strlcpy(p2ppck.szCompanion, companion.c_str(), sizeof(p2ppck.szCompanion));
P2P_MANAGER::instance().Send(&p2ppck, sizeof(TPacketGGMessenger));
}
Inlocuim toată funcţia cu:
void MessengerManager::RemoveFromList(MessengerManager::keyA account, MessengerManager::keyA companion)
{
if (companion.empty())
return;
// Second fix
if (m_Relation[account].find(companion) == m_Relation[account].end() || m_InverseRelation[companion].find(account) == m_InverseRelation[companion].end())
{
LPCHARACTER ch = CHARACTER_MANAGER::Instance().FindPC(account.c_str());
if (ch)