1g0rS1lv4 68 Report post Posted May 5, 2019 after a while with the online server I'm encountering the following error there is no error and no type of logs in the gate, group and accountserver. 1 Quote Being better than others is for those who are weak; what matters is to be true to yourself. Share this post Link to post Share on other sites
ruubi 51 Report post Posted May 5, 2019 Discord : yagura2k#0001 Quote Share this post Link to post Share on other sites
Waka~ 10 Report post Posted May 5, 2019 (edited) del Edited May 7, 2019 by Waka~ del Quote Share this post Link to post Share on other sites
V3ct0r 2,117 Report post Posted May 7, 2019 2 Quote Some useful links / Полезные ссылки Tips for making a topic in 'Questions & Help' / Рекомендации по созданию тем в разделе "Помощь" Server Advertising Section Rules / Правила раздела "Реклама серверов" Available e-mail domains for registration / Допустимые e-mail домены для регистрации User groups / Группы пользователей User ranks / Звания пользователей "Broken" pictures on the forum / "Битые" изображения на форуме Beware of scammers! / Осторожно, мошенники! My developments / Мои разработки Mods for client and server / Моды для клиента и сервера PKOdev.NET website for Tales of Pirates Server / PKOdev.NET веб-обвязка для сервера Пиратии I do not provide any help in private messages and outside the forum. Use 'Questions & Help' section please. Thank you for understanding! Я не оказываю какую-либо помощь в личных сообщениях и вне форума. Пожалуйста, используйте раздел "Пиратия: Помощь". Благодарю за понимание! Share this post Link to post Share on other sites
MonkeyCode 453 Report post Posted May 7, 2019 my discord also spammed with many admins who were hacked by script kiddies. Old and public hacks to crash server and ask for money. Quote Share this post Link to post Share on other sites
MonkeyCode 453 Report post Posted May 7, 2019 And, if you report here how they hack, we can fix it and put public release to any hack. Thanks. Use 1.38 files for debug database, use procdump to dump memory before crash so we can analyze. Quote Share this post Link to post Share on other sites
1g0rS1lv4 68 Report post Posted May 7, 2019 @KONG @V3ct0r Quote Being better than others is for those who are weak; what matters is to be true to yourself. Share this post Link to post Share on other sites
1g0rS1lv4 68 Report post Posted May 7, 2019 1 Quote Being better than others is for those who are weak; what matters is to be true to yourself. Share this post Link to post Share on other sites
MonkeyCode 453 Report post Posted May 8, 2019 Ok, This is a overflow from SystemNotice. We found this exploit long ago, but never publish or told anyone. Thanks for report. Will publish fix soon 2 Quote Share this post Link to post Share on other sites
1g0rS1lv4 68 Report post Posted May 8, 2019 @KONG OK thank you (= Quote Being better than others is for those who are weak; what matters is to be true to yourself. Share this post Link to post Share on other sites
ruubi 51 Report post Posted May 8, 2019 I told him to give me time to fix it because I am busy with school , but he refund ,sad Quote Share this post Link to post Share on other sites
V3ct0r 2,117 Report post Posted May 8, 2019 I think I have a solution. How I did tests. Called the function from Lua scripts: SystemNotice(role, "Toooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo LoooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooongStriiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiing!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!") Patch for GameServer 1.38. Address 0x000CA2C0. Replace bytes: 55 8B EC 6A FF 68 A6 67 5A 00 To: E9 6B 86 0E 00 C3 90 90 90 90 Address 0x001B2930. Replace bytes: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 To: 55 8B EC 6A FF 68 A6 67 5A 00 64 A1 00 00 00 00 50 64 89 25 00 00 00 00 51 81 EC 88 01 00 00 53 56 57 89 65 F0 C7 45 FC 00 00 00 00 8D 45 10 89 85 F0 FE FF FF 8B 85 F0 FE FF FF 50 8B 4D 0C 51 68 F9 00 00 00 8D 95 F4 FE FF FF 8D 95 F4 FE FF FF 52 E8 8A FE FB FF 83 C4 10 C7 85 F0 FE FF FF 00 00 00 00 8D 85 B8 FE FF FF 50 8B 0D 4C 98 77 00 E8 3A 73 F7 FF C6 45 FC 01 68 05 02 00 00 8D 8D B8 FE FF FF E8 86 10 F7 FF 8D 85 F4 FE FF FF 50 E8 0A B8 FB FF 83 C4 04 0F B7 C8 83 C1 01 51 8D 95 F4 FE FF FF 52 8D 8D B8 FE FF FF E8 5E 23 F7 FF 83 EC 38 8B CC 89 A5 70 FE FF FF 8D 85 B8 FE FF FF 50 E8 D7 B1 E6 FF 89 85 6C FE FF FF 8B 8D 6C FE FF FF 89 8D 68 FE FF FF C6 45 FC 02 8B 55 08 52 8B 45 08 8B 10 C6 45 FC 01 8B 4D 08 FF 52 30 C6 45 FC 00 8D 8D B8 FE FF FF E8 2F B2 E6 FF EB 28 E8 08 E9 E4 FF 50 6A 00 8B 8D B4 FE FF FF E8 DA E8 E4 FF 8B 40 04 50 E8 C1 9E F8 FF 83 C4 0C 6A 00 6A 00 E8 56 B3 FB FF C7 45 FC FF FF FF FF 8B 4D F4 64 89 0D 00 00 00 00 5F 5E 5B 8B E5 5D C3 Also need fix functions: CCharacter::BickerNotice CCharacter::PopupNotice CPlayer::SystemNotice 2 2 Quote Some useful links / Полезные ссылки Tips for making a topic in 'Questions & Help' / Рекомендации по созданию тем в разделе "Помощь" Server Advertising Section Rules / Правила раздела "Реклама серверов" Available e-mail domains for registration / Допустимые e-mail домены для регистрации User groups / Группы пользователей User ranks / Звания пользователей "Broken" pictures on the forum / "Битые" изображения на форуме Beware of scammers! / Осторожно, мошенники! My developments / Мои разработки Mods for client and server / Моды для клиента и сервера PKOdev.NET website for Tales of Pirates Server / PKOdev.NET веб-обвязка для сервера Пиратии I do not provide any help in private messages and outside the forum. Use 'Questions & Help' section please. Thank you for understanding! Я не оказываю какую-либо помощь в личных сообщениях и вне форума. Пожалуйста, используйте раздел "Пиратия: Помощь". Благодарю за понимание! Share this post Link to post Share on other sites
wizel1 0 Report post Posted May 8, 2019 pls release for 1.36 if bug exist there too Quote Share this post Link to post Share on other sites
wizel1 0 Report post Posted May 8, 2019 Just now, gmedannik said: @wizel1 Good work @V3ct0r. I will only add that this is just a 250 character limit, if you are not going to send notifications of more than 250 characters - you do not need it (this is not an error). what such u mean of notification? local chat or ? Quote Share this post Link to post Share on other sites
mkhzaleh 131 Report post Posted May 8, 2019 Just now, wizel1 said: what such u mean of notification? local chat or ? if string.len(message) > 100 then BickerNotice(role,"<Loca Chat> Message too long!") return 0 end use this in your handlechat Quote Share this post Link to post Share on other sites
wizel1 0 Report post Posted May 8, 2019 Just now, mkhzaleh said: if string.len(message) > 100 then BickerNotice(role,"<Loca Chat> Message too long!") return 0 end use this in your handlechat for whats is use? if player many char too long then bickernotice "Message too long" ? = deny of request? Quote Share this post Link to post Share on other sites
mkhzaleh 131 Report post Posted May 8, 2019 for systemnotice / BickerNotice Players don't have access to it Quote for whats is use? if player many char too long then bickernotice "Message too long" ? = deny of request? this limit local chat "length " to 100 letters only Quote Share this post Link to post Share on other sites
wizel1 0 Report post Posted May 8, 2019 9 minutes ago, mkhzaleh said: for systemnotice / BickerNotice Players don't have access to it this limit local chat "length " to 100 letters only thresh hold is 200? for break gameserver Quote Share this post Link to post Share on other sites
mkhzaleh 131 Report post Posted May 8, 2019 Just now, wizel1 said: thresh hold is 200? for break gameserver no probably. i just use it in case Quote Share this post Link to post Share on other sites
wizel1 0 Report post Posted May 8, 2019 11 minutes ago, gmedannik said: function BickerNoticeNotCrashed(role, message) if (string.len(message) <= 250) then BickerNotice(role, message) end end where put this? Quote Share this post Link to post Share on other sites
wizel1 0 Report post Posted May 8, 2019 3 minutes ago, gmedannik said: i update function, put into skilleffect.lua to the top and replace all BickerNotice function to BickerNoticeNotCrashed need change to BickerNoticeNotCrashed? BickerNotice(role,"potion is on cooldown wait!!! "..cooldown.." second(s) to use again!!!") vs BickerNoticeNotCrashed(role,"potion is on cooldown wait!!! "..cooldown.." second(s) to use again!!!") Quote Share this post Link to post Share on other sites
mkhzaleh 131 Report post Posted May 8, 2019 i still don't think players can crash it from this overflow but what ever this for popnotice PopupNotice = PopupNotice or function(role, text) ------------ if string.len(text) > 150 then BickerNotice(role,"<PopupNotice> Message too long!") return 0 end ------------- local packet = GetPacket() WriteCmd(packet, 503) WriteString(packet, text) SendPacket(role, packet) end Quote Share this post Link to post Share on other sites
wizel1 0 Report post Posted May 8, 2019 5 minutes ago, gmedannik said: yes what is purpose of this? i do not see a point here except make a subname. Quote Share this post Link to post Share on other sites
MonkeyCode 453 Report post Posted May 9, 2019 @mkhzalehthat won’t work. as far as I can tell, few years ago, me and billy were searching for ways to overflow gameserver using packets that handle strings. we found out that, adding a player to friend list and using a long string crashed gameserver. Most of which would not even get at the lua controls. now, Idk why people are hacking so much server and asking for money for a fix. If I, vector, klab and the rest were to pull this BS to you all, we’ll be millionaires. So cut the crap or I will pull out the demons. 3 1 Quote Share this post Link to post Share on other sites
mkhzaleh 131 Report post Posted May 9, 2019 3 hours ago, KONG said: @mkhzalehthat won’t work. as far as I can tell, few years ago, me and billy were searching for ways to overflow gameserver using packets that handle strings. we found out that, adding a player to friend list and using a long string crashed gameserver. Most of which would not even get at the lua controls. now, Idk why people are hacking so much server and asking for money for a fix. If I, vector, klab and the rest were to pull this BS to you all, we’ll be millionaires. So cut the crap or I will pull out the demons. well its would not get at lua controls , but in PopupNotice case i guess this will work since players can't use these packets Quote Share this post Link to post Share on other sites