- 0
-
Posts
-
So excited to announce 3x Telegram Premium (6 months) Join our official TG and participate to win! Asocks.com - trusted proxy service providing mobile and residential proxies with a single price of $3 per 1GB A huge locations pool and high speed will help complete all tasks -
Well, sorry not sorry for resurrecting old topic, but I believe it's ultimately stupid to implement license checks like Vilmis did 🙂 private static String url = "jdbc:mysql://185.80.128.233/" + getData("Zm9ydW1fZGI="); private static String username = getData("bXJjb3B5cmlnaHQ="); private static String password = getData("Y29weXJpZ2h0XzEyMw=="); con = GlobalDB.getInstance().getConnection(); PreparedStatement statement; statement = con.prepareStatement("SELECT field_6 from core_pfields_content WHERE member_id = ?"); statement.setInt(1, Config.FORUM_USER_ID); ResultSet rset = statement.executeQuery(); This awesome way of coding things leaves us with base64-encoded credentials and DB exposed and accessible globally 😉 Btw he checks his licensing data from some plugin generated table his forum uses. Vilmis took action and ensured that mrcopyright user would have only needed accesses and rights for this operation. But he forgot to ensure that his INFORMATION_SCHEMA database would not be exposed and readable... That leads us to fully readable server variables like version used (10.1.26-MariaDB-0+deb9u1 - pretty ancient DB and OS, I'd assume). From here you can go south and do some kinky stuff, if you want and have knowledge for that. But who cares, right? Ooh, table core_pfields_content field_6 is IP address which is checked by FORUM_USER_ID. Yep, you can query all IP addresses there (124 of them right now) and also do whatever you want with them! 🙂 The most fun part? Files source has been shared what, more than 2 years ago? Vilmis still uses very same credentials and never changed it after sources exposure - who cares. Although, "sources" may be way too strong word here. If anyone still use paid Orion versions, I'd suggest packing your shit and leaving immediately, or at least fix this incompetent fool caused problems. It's obvious Vilmis don't care or maybe doesn't even know from the first place how to solve this problem (hint hint - tiny PHP Rest API microservice which would do absolutely the same but without exposing sensitive data?). By doing that, he exposes his infrastructure and YOUR data, and he does that for more than 2 years now 🙂 Developer of century! -
-
-
L2LIVE.PRO- Dynamic Mid-rates Essence Seven Signs GRAND OPENING - July 5, 20:00 GMT+3 (EEST) TEST SERVER IS OPEN - COME AND CHECK IT OUT TODAY! Join our community and be part of it at: https://www.l2live.pro https://discord.gg/k3NMgR4Dmu Server description * EXP/SP: Dynamic (x1- x100 based on your level, *before* Sayha and EXP buffs * Adena: x50 / Item Drop: x10 / Fishing EXP increased / Attribute EXP increased * Simplified gameplay to stay in the loop while not spending hours and hours farming * Starter Pack containing very useful items for beginners * MP replenishing potions with auto-consumption * No overpowered donations L2LIVE shop * All spellbook coupons, pet spellbook coupons and master books are sold via Game Assistant * Additionally you can buy SP pouches, enchanted talismans, pet training guides and various other consumables for Adena and L-Coin * More items such as cloaks, more talismans, agathions, belts, pendants, enchantment scrolls of various grades, evolution stones, etc will be added! Shop server as a shortcut, and all retail-like ways of earning items are still here! L-Coins * Drops with small change and in random amounts from Lv60+ monsters * All raidbosses drop random amount of L-Coin Pouches generating up to 420 Lcoin per unit. **Grand Olympiad and Events** * Grand Olympiad is held week day * Format is 1v1, unlimited weekly fights * Heroes are declared weekly at Sunday * There are three automated events - TvT, CTF and Deathmatch, running at evenings * Orc Fortress, Battle with Balok, Keber Hunter, Archievements Box, Daily Gift Calendar provisional events are active too Custom user commands * .offlineplay command, your character will keep playing till death or server restart * .offlineshop command, keeps your shop sitting until all items are purchased * .apon / .apoff - enable/disable HP/MP autoconsume And lots of other small improvements are waiting for you! Join our community and be part of it at: https://www.l2live.pro https://discord.gg/k3NMgR4Dmu
-
-
-
-
Topics
-
Question
cyta5
/* This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA * 02111-1307, USA. * * http://www.gnu.org/copyleft/gpl.html */ package com.l2jfrozen.gameserver.model.actor.instance; import com.l2jfrozen.crypt.Base64; import com.l2jfrozen.gameserver.ai.CtrlIntention; import com.l2jfrozen.gameserver.network.serverpackets.ActionFailed; import com.l2jfrozen.gameserver.network.serverpackets.LeaveWorld; import com.l2jfrozen.gameserver.network.serverpackets.MyTargetSelected; import com.l2jfrozen.gameserver.network.serverpackets.NpcHtmlMessage; import com.l2jfrozen.gameserver.network.serverpackets.ValidateLocation; import com.l2jfrozen.gameserver.templates.L2NpcTemplate; import com.l2jfrozen.util.database.L2DatabaseFactory; import java.security.MessageDigest; import java.sql.Connection; import java.sql.PreparedStatement; import java.sql.ResultSet; import java.sql.SQLException; import java.util.StringTokenizer; import javolution.text.TextBuilder; public class L2PasswordChangerInstance extends L2FolkInstance { public L2PasswordChangerInstance(int objectId, L2NpcTemplate template) { super(objectId, template); } public void onBypassFeedback(L2PcInstance player, String command) { if (command.startsWith("change_password")) { StringTokenizer st = new StringTokenizer(command); st.nextToken(); String currPass = null; String newPass = null; String repeatNewPass = null; try { if (st.hasMoreTokens()) { currPass = st.nextToken(); newPass = st.nextToken(); repeatNewPass = st.nextToken(); } else { player.sendMessage("Please fill in all the blanks before requesting for a password change."); return; } changePassword(currPass, newPass, repeatNewPass, player); } catch (StringIndexOutOfBoundsException e) { } } } public void onAction(L2PcInstance player) { if (!canTarget(player)) { return; } if (this != player.getTarget()) { player.setTarget(this); player.sendPacket(new MyTargetSelected(getObjectId(), 0)); player.sendPacket(new ValidateLocation(this)); } else if (!canInteract(player)) { player.getAI().setIntention(CtrlIntention.AI_INTENTION_INTERACT, this); } else { showHtmlWindow(player); } player.sendPacket(new ActionFailed()); } private void showHtmlWindow(L2PcInstance activeChar) { NpcHtmlMessage nhm = new NpcHtmlMessage(5); TextBuilder replyMSG = new TextBuilder(""); replyMSG.append("<html><title>L2 InStadia Account Manager</title>"); replyMSG.append("<body><center>"); replyMSG.append("To change your password:<br1> First fill in your current password and then your new!</font><br>"); replyMSG.append("Current Password: <edit var=\"cur\" width=100 height=15><br>"); replyMSG.append("New Password: <edit var=\"new\" width=100 height=15><br>"); replyMSG.append("Repeat New Password: <edit var=\"repeatnew\" width=100 height=15><br><br>"); replyMSG.append("<button value=\"Change Password\" action=\"bypass -h npc_" + getObjectId() + "_change_password $cur $new $repeatnew\" width=204 height=20 back=\"sek.cbui75\" fore=\"sek.cbui75\">"); replyMSG.append("</center></body></html>"); nhm.setHtml(replyMSG.toString()); activeChar.sendPacket(nhm); activeChar.sendPacket(new ActionFailed()); } public static boolean changePassword(String currPass, String newPass, String repeatNewPass, L2PcInstance activeChar) { if (newPass.length() < 5) { activeChar.sendMessage("The new password is too short!"); return false; } if (newPass.length() > 20) { activeChar.sendMessage("The new password is too long!"); return false; } if (!newPass.equals(repeatNewPass)) { activeChar.sendMessage("Repeated password doesn't match the new password."); return false; } Connection con = null; String password = null; try { MessageDigest md = MessageDigest.getInstance("SHA"); byte[] raw = currPass.getBytes("UTF-8"); raw = md.digest(raw); String currPassEncoded = Base64.encodeBytes(raw); con = L2DatabaseFactory.getInstance().getConnection(); PreparedStatement statement = con.prepareStatement("SELECT password FROM accounts WHERE login=?"); statement.setString(1, activeChar.getAccountName()); ResultSet rset = statement.executeQuery(); while (rset.next()) { password = rset.getString("password"); } rset.close(); statement.close(); byte[] password2 = null; if (currPassEncoded.equals(password)) { password2 = newPass.getBytes("UTF-8"); password2 = md.digest(password2); PreparedStatement statement2 = con.prepareStatement("UPDATE accounts SET password=? WHERE login=?"); statement2.setString(1, Base64.encodeBytes(password2)); statement2.setString(2, activeChar.getAccountName()); statement2.executeUpdate(); statement2.close(); activeChar.sendMessage("Congratulations! Your password has been changed succesfully. You will now be disconnected for security reasons. Please login again!"); try { Thread.sleep(3000L); } catch (Exception e) { } activeChar.deleteMe(); activeChar.sendPacket(new LeaveWorld()); } else { activeChar.sendMessage("The current password you've inserted is incorrect! Please try again!"); return password2 != null; } } catch (Exception e) { _log.warning("could not update the password of account: " + activeChar.getAccountName()); } finally { try { if (con != null) con.close(); } catch (SQLException e) { _log.warning("Failed to close database connection!"); } } return true; } }
Edited by cyta5Link to comment
Share on other sites
0 answers to this question
Recommended Posts