Discussion LoginPacket - Critical security bug (all chronicles)

[eressea]

5 minutes ago, xxdem said:

imho I would just go O(n) with an array of struct{int accountId, int sessionId} and perform a search or something similar, it doesn't seem that the n will ever be huge on this case, I could be wrong

 

That's true for the first map (accountId -> sessionId), it usually contains just few items. But the second map contains all account IDs that were logged since last server start so O(n) would be bad

[japarzo]

kind of sick see this guy commenting all the time about which language is the best, "no, c is the best". please, everyone has their opinion so, keep you preference for c to yourself. stop complaining full of mimi and do better job using c  before post anything.

 

Thank you for the share  eresea.

[xxdem]

1 hour ago, japarzo said:

kind of sick see this guy commenting all the time about which language is the best, "no, c is the best". please, everyone has their opinion so, keep you preference for c to yourself. stop complaining full of mimi and do better job using c  before post anything.

 

Thank you for the share  eresea.

 

What a clown, I never said C is the best, you say "all the time" I never did xd

 

1 hour ago, eressea said:

 

That's true for the first map (accountId -> sessionId), it usually contains just few items. But the second map contains all account IDs that were logged since last server start so O(n) would be bad

 

Can you enlighten me a bit? Why we need to cache all these sessions on the map? Even if we do, what would the average n lenght be on an official NCSoft server?

Edited July 31, 2018 by xxdem

[eressea]

45 minutes ago, xxdem said:

Can you enlighten me a bit? Why we need to cache all these sessions on the map? Even if we do, what would the average n lenght be on an official NCSoft server?

 

I'm not sure about purpose of the second map (I just know it's there and that it contains all account IDs since server start, maybe I'll dig bit more into it later), on retail server it will be big (surely 10k+)... That will be big difference between O(n) and O(log n). Probably it can be omitted - but it would probably have some performance impact.

[Nightw0lf]

5 hours ago, japarzo said:

kind of sick see this guy commenting all the time about which language is the best, "no, c is the best". please, everyone has their opinion so, keep you preference for c to yourself. stop complaining full of mimi and do better job using c  before post anything.

 

Thank you for the share  eresea.

respect the forum's last toxic user, its like a kind without ways to breed and reproduce, you just watch it fade slowly and smile for his sort but happy future.

[Anarchy]

yeah it's a pretty ancient bug that one, caused all kinds of havoc back in the like c2-c4 days before people actually figured out what it was, any c4-based ext will have it fixed via amped

[eressea]

2 hours ago, Anarchy said:

yeah it's a pretty ancient bug that one, caused all kinds of havoc back in the like c2-c4 days before people actually figured out what it was, any c4-based ext will have it fixed via amped

 

I've forgot about amped - this strategy of using two extenders at once seemed weird to me so I didn't care much about it :D

Still not fixed in leaked H5 and GD... maybe still not fixed on offic server :D

[Anarchy]

i wouldn't be surprised tbh, i mean hell you can still do the file download exploit on official servers atm, used it to snag eventdata not so long ago from there, seems they aren't much interested in security so hardly a surprise so many of their files floating around :D

[japarzo]

On 7/31/2018 at 6:13 PM, xxdem said:

 

What a clown, I never said C is the best, you say "all the time" I never did xd

 

it is not hard to find your comments in the forum saying about "C, why not C? C is better than other languages" , so, please. You are the only Clown here trying to fool your own self. thx much love <3

[xxdem]

23 minutes ago, japarzo said:

it is not hard to find your comments in the forum saying about "C, why not C? C is better than other languages" , so, please. You are the only Clown here trying to fool your own self. thx much love <3

 

yeah, its not hard its impossible. Prove me false

[pada]

The file download exploit is fixed via the html link check setting in l2server.ini, they recently turned it on in NA due to what im assumeing, noticeing files being leaked :P. Though i have a feeling it will be turned back off in the next major update on NA when they replace the l2server.ini :D and forget about it. this login exploit is also fixed on retail

[Anarchy]

the reason it's disabled is they gave up on updating the whitelist for bypass commands for all the random shit they added in the newer chronicles in the client which sends bypass commands instead of packets, combined with the fact that in hf+ l2server they changed the way fstrings from AI work and now the fstring id is passed directly to the client in the html body like:

<fstring p1="%s" p2="%s" p3="%s" p4="%s" p5="%s">%d</fstring>

and it fills in whole bypass commands via localized NPCString-x.dat - both of which end up with false blocks on the bypass check and fuck up a bunch of systems :D

 

( so to any of you building exts on the hf+ files, don't forget to fix that ;) )

 

but from what i hear in the latest shit they don't appear to have enabled the link check (for example you can still rip htmls no problem if you know the html names) but instead might've added some filtering to prevent the download shit but last time i checked it was like 3 months ago and it worked fine on NA,RU and KR servers but a lot can change in 3 months :D

[pada]

Ya, it was enabled on NA only as far as i can tell, as of ~2ish months ago, and when they did it broke a ton of quests and people trying to learn awakening race skills :D,  all it does is DC you on anything not cached, , so i expect they just enabled the l2server.ini setting when they noticed the log shit appearing a bit more then normal lol. but i expect it to be turned off again when they do there next major update and they get a new l2server.ini from KR, and forget they had it enabled :D.

[AlmostGood]

2 hours ago, Anarchy said:

the reason it's disabled is they gave up on updating the whitelist for bypass commands for all the random shit they added in the newer chronicles in the client which sends bypass commands instead of packets, combined with the fact that in hf+ l2server they changed the way fstrings from AI work and now the fstring id is passed directly to the client in the html body like:

 

<fstring p1="%s" p2="%s" p3="%s" p4="%s" p5="%s">%d</fstring>

 

and it fills in whole bypass commands via localized NPCString-x.dat - both of which end up with false blocks on the bypass check and fuck up a bunch of systems :D

 

( so to any of you building exts on the hf+ files, don't forget to fix that ;) )

 

but from what i hear in the latest shit they don't appear to have enabled the link check (for example you can still rip htmls no problem if you know the html names) but instead might've added some filtering to prevent the download shit but last time i checked it was like 3 months ago and it worked fine on NA,RU and KR servers but a lot can change in 3 months :D

doubt that's the reason, there are close to none global bypasses on GOD+ (some oly/coc, few npcs) and privs running last off files like gamecoast have validation fully enabled with auto kick

about exploit, it still works fine on innova (+ they even had plain txt scripts for most of last years, lul)

[Anarchy]

it's the reason trust me :D in classic half the damn interface is run off bypasses + they clearly don't know how their own bypass check parser works cuz i have to reformat their own htmls every time to remove whitespace and shit from bypass urls in random htmls which also cause false blocks, and there's a reason gamecoast has it enabled with no problems (they patched it) but the fstring shit is for sure the biggest reason, check out npcstring-x.dat that shit is full of full bypass strings where they really only need the localized string to be in there, all those links will false block if u enable bypass checks on any server highfive or above, including latest classic and salvation l2server