Register for your free account! | Forgot your password?
Rust Cheats

Go Back   elitepvpers Popular Games Metin2 Metin2 Private Server Metin2 PServer Guides & Strategies
[FIX][C++] SQL Injection in Messenger and Guild [FIX][C++] SQL Injection in Messenger and Guild
You last visited: Today at 23:38

  • Please register to post and access all features, it's quick, easy and FREE!

Advertisement


Advertise with us!

[FIX][C++] SQL Injection in Messenger and Guild

Discussion on [FIX][C++] SQL Injection in Messenger and Guild within the Metin2 PServer Guides & Strategies forum part of the Metin2 Private Server category.

Reply
Page 3 of 6 12 3 45 Last »
 
Old   #31
 
VegaS ♆'s Avatar
 
elite*gold: 10
The Black Market: 0/0/0
Join Date: Jul 2013
Posts: 93
Received Thanks: 416
Quote:
Originally Posted by deco016 View Post
Lol this is my code from ...

I said I like it I did not say it's mine, you misunderstand?



I said I like your method and I referred to the two functions for Fixx Query / DirectQuery

Thanks anyway for that Fixx.
VegaS ♆ is offline  
Old   #32
 
SandMann016's Avatar
 
elite*gold: 0
The Black Market: 6/0/0
Join Date: Feb 2009
Posts: 2,715
Received Thanks: 5,305
next stupid answer

/libraries/libsql/AsyncSQL.cpp:135:old
Code:
if (!mysql_real_connect(&m_hDB, m_stHost.c_str(), m_stUser.c_str(), m_stPassword.c_str(), m_stDB.c_str(), m_iPort, NULL, CLIENT_MULTI_STATEMENTS))
/libraries/libsql/AsyncSQL.cpp:135:new
Code:
if (!mysql_real_connect(&m_hDB, m_stHost.c_str(), m_stUser.c_str(), m_stPassword.c_str(), m_stDB.c_str(), m_iPort, NULL, NULL))
SandMann016 is offline  
Thanks
1 User
Old   #33
 
elite*gold: 0
The Black Market: 1/0/0
Join Date: May 2009
Posts: 95
Received Thanks: 95
Quote:
Originally Posted by SandMann016 View Post
/libraries/libsql/AsyncSQL.cpp:135ld
Code:
if (!mysql_real_connect(&m_hDB, m_stHost.c_str(), m_stUser.c_str(), m_stPassword.c_str(), m_stDB.c_str(), m_iPort, NULL, CLIENT_MULTI_STATEMENTS))
/libraries/libsql/AsyncSQL.cpp:135:new
Code:
if (!mysql_real_connect(&m_hDB, m_stHost.c_str(), m_stUser.c_str(), m_stPassword.c_str(), m_stDB.c_str(), m_iPort, NULL, NULL))
My solution to this problem does exactly the same as yours
deco016 is offline  
Old   #34
 
elite*gold: 0
The Black Market: 0/0/0
Join Date: Oct 2012
Posts: 111
Received Thanks: 1
Hello, please diff for 2089m
xworldx is offline  
Old   #35
 
Ken™'s Avatar
 
elite*gold: 0
The Black Market: 0/0/0
Join Date: Aug 2015
Posts: 10
Received Thanks: 45
Quote:
Originally Posted by [SGA]Vegas View Post
I would prefer a solution like this:

Code:
SQLMsg * DBManager::DirectQuery(const char * c_pszFormat, ...)
{
    char szQuery[4096];
    va_list args;
    va_start(args, c_pszFormat);
    vsnprintf(szQuery, sizeof(szQuery), c_pszFormat, args);
    va_end(args);
    std::string sQuery(szQuery);
    return m_sql_direct.DirectQuery(sQuery.substr(0, sQuery.find_first_of(";") == -1 ? sQuery.length() : sQuery.find_first_of(";")).c_str());
}
and

Code:
void DBManager::Query(const char * c_pszFormat, ...)
{
    char szQuery[4096];
    va_list args;

    va_start(args, c_pszFormat);
    vsnprintf(szQuery, sizeof(szQuery), c_pszFormat, args);
    va_end(args);
    std::string sQuery(szQuery);

    m_sql.AsyncQuery(sQuery.substr(0,sQuery.find_first_of(";")==-1?sQuery.length(): sQuery.find_first_of(";")).c_str());
}
At first, you don't have to use DBManager::Instance().DirectQuery. You just need to put a small condition in the function. Here is my function with normal and ban query.

With ban query
Code:
void MessengerManager::RemoveFromList(MessengerManager::keyA account, MessengerManager::keyA companion)
{
	if (companion.empty())
		return;

	// Second fix
	if (m_Relation[account].find(companion) == m_Relation[account].end() || m_InverseRelation[companion].find(account) == m_InverseRelation[companion].end())
	{
		LPCHARACTER ch = CHARACTER_MANAGER::Instance().FindPC(account.c_str());
		if (ch)
		{
			sys_err("MessengerManager::RemoveFromList: %s tries to use messenger sql injection", ch->GetName());
			DBManager::Instance().DirectQuery("UPDATE account.account SET status = 'BAN' WHERE id = %u", ch->GetAID());
			if (ch->GetDesc())
				ch->GetDesc()->DelayedDisconnect(3);
		}
		else
			sys_err("MessengerManager::RemoveFromList: Omg! The ghost tried to use this function!");
		return;
	}

	sys_log(1, "MessengerManager::RemoveFromList: Remove %s %s", account.c_str(), companion.c_str());
	DBManager::instance().Query("DELETE FROM messenger_list%s WHERE account='%s' AND companion = '%s'", get_table_postfix(), account.c_str(), companion.c_str());
	__RemoveFromList(account, companion);
	TPacketGGMessenger p2ppck;
	p2ppck.bHeader = HEADER_GG_MESSENGER_REMOVE;
	strlcpy(p2ppck.szAccount, account.c_str(), sizeof(p2ppck.szAccount));
	strlcpy(p2ppck.szCompanion, companion.c_str(), sizeof(p2ppck.szCompanion));;
	P2P_MANAGER::instance().Send(&p2ppck, sizeof(TPacketGGMessenger));
}
With normal
Code:
void MessengerManager::RemoveFromList(MessengerManager::keyA account, MessengerManager::keyA companion)
{
	if (companion.empty())
		return;

	// Second fix
	if (m_Relation[account].find(companion) == m_Relation[account].end() || m_InverseRelation[companion].find(account) == m_InverseRelation[companion].end())
	{
		LPCHARACTER ch = CHARACTER_MANAGER::Instance().FindPC(account.c_str());
		if (ch)
		{
			sys_err("MessengerManager::RemoveFromList: %s tries to use messenger sql injection", ch->GetName());

			if (ch->GetDesc())
				ch->GetDesc()->DelayedDisconnect(3);
		}
		else
			sys_err("MessengerManager::RemoveFromList: Omg! The ghost tried to use this function!");
		return;
	}

	sys_log(1, "MessengerManager::RemoveFromList: Remove %s %s", account.c_str(), companion.c_str());
	DBManager::instance().Query("DELETE FROM messenger_list%s WHERE account='%s' AND companion = '%s'", get_table_postfix(), account.c_str(), companion.c_str());
	__RemoveFromList(account, companion);
	TPacketGGMessenger p2ppck;
	p2ppck.bHeader = HEADER_GG_MESSENGER_REMOVE;
	strlcpy(p2ppck.szAccount, account.c_str(), sizeof(p2ppck.szAccount));
	strlcpy(p2ppck.szCompanion, companion.c_str(), sizeof(p2ppck.szCompanion));;
	P2P_MANAGER::instance().Send(&p2ppck, sizeof(TPacketGGMessenger));
}
About the older game versions.

You can make a so file for this or you can use a diff but If you want to ban who tries to use this SQL injection, you will need to a so file.

Kind Regards ~ Ken
Ken™ is offline  
Thanks
1 User
Old   #36
 
elite*gold: 0
The Black Market: 0/0/0
Join Date: Dec 2013
Posts: 26
Received Thanks: 0
Please upload .mix/binary
matalaj is offline  
Old   #37
 
elite*gold: 0
The Black Market: 0/0/0
Join Date: Apr 2014
Posts: 4
Received Thanks: 4
Thanks

TR FIX:
skytech63 is offline  
Old   #38
 
I´m Raylee's Avatar
 
elite*gold: 105
The Black Market: 9/0/0
Join Date: Jun 2015
Posts: 453
Received Thanks: 294
Thank´s for the fix!

Best regards
Raylee
I´m Raylee is offline  
Old   #39
 
elite*gold: 0
The Black Market: 0/0/0
Join Date: Mar 2013
Posts: 54
Received Thanks: 6
its possible make onde diff for 34k ??
oceanusPT is offline  
Thanks
1 User
Old   #40
 
°~Dennis~°'s Avatar
 
elite*gold: 2
The Black Market: 0/0/0
Join Date: Jan 2008
Posts: 531
Received Thanks: 234
Ich habe da ein Problem mit der Funktion CreateGuild.
Wenn der User eine Gilde erstellt und einen bereits vorhanden namen verwendet erstellt er die Gilde und der User ist der Admin der alten breits vorhanden Gilde

Das ist die Funktion:
PHP Code:
DWORD CGuildManager::CreateGuild(TGuildCreateParametergcp)
{
    if (!gcp.master)
        return 0;

    if (!check_name(gcp.name))
    {
        gcp.master->ChatPacket(CHAT_TYPE_INFOLC_TEXT("187"));
        return 0;
    }
    static char __escape_name[GUILD_NAME_MAX_LEN 1];
    DBManager::instance().EscapeString(__escape_namesizeof(__escape_name), static_cast<const char *>(gcp.name), sizeof(gcp.name));

    std::auto_ptr<SQLMsgpmsg(DBManager::instance().DirectQuery("SELECT COUNT(*) FROM guild%s WHERE name = '%s'",
        get_table_postfix(), __escape_name));

    if (pmsg->Get()->uiNumRows 0)
    {
        MYSQL_ROW row mysql_fetch_row(pmsg->Get()->pSQLResult);

        if (!(row[0] && row[0][0] == '0'))
        {
            gcp.master->ChatPacket(CHAT_TYPE_INFOLC_TEXT("188"));
            return 0;
        }
    }
    else
    {
        gcp.master->ChatPacket(CHAT_TYPE_INFOLC_TEXT("189"));
        return 0;
    }

    CGuild pg M2_NEW CGuild(gcp);
    m_mapGuild.insert(std::make_pair(pg->GetID(), pg));
    return pg->GetID();

Jemand eine Lösung vielleicht ?
°~Dennis~° is offline  
Old   #41

 
elite*gold: 40
The Black Market: 16/0/0
Join Date: Jul 2010
Posts: 950
Received Thanks: 318
Quote:
Originally Posted by °~Dennis~° View Post
Ich habe da ein Problem mit der Funktion CreateGuild.
Wenn der User eine Gilde erstellt und einen bereits vorhanden namen verwendet erstellt er die Gilde und der User ist der Admin der alten breits vorhanden Gilde

Das ist die Funktion:
PHP Code:
DWORD CGuildManager::CreateGuild(TGuildCreateParametergcp)
{
    if (!gcp.master)
        return 0;

    if (!check_name(gcp.name))
    {
        gcp.master->ChatPacket(CHAT_TYPE_INFOLC_TEXT("187"));
        return 0;
    }
    static char __escape_name[GUILD_NAME_MAX_LEN 1];
    DBManager::instance().EscapeString(__escape_namesizeof(__escape_name), static_cast<const char *>(gcp.name), sizeof(gcp.name));

    std::auto_ptr<SQLMsgpmsg(DBManager::instance().DirectQuery("SELECT COUNT(*) FROM guild%s WHERE name = '%s'",
        get_table_postfix(), __escape_name));

    if (pmsg->Get()->uiNumRows 0)
    {
        MYSQL_ROW row mysql_fetch_row(pmsg->Get()->pSQLResult);

        if (!(row[0] && row[0][0] == '0'))
        {
            gcp.master->ChatPacket(CHAT_TYPE_INFOLC_TEXT("188"));
            return 0;
        }
    }
    else
    {
        gcp.master->ChatPacket(CHAT_TYPE_INFOLC_TEXT("189"));
        return 0;
    }

    CGuild pg M2_NEW CGuild(gcp);
    m_mapGuild.insert(std::make_pair(pg->GetID(), pg));
    return pg->GetID();

Jemand eine Lösung vielleicht ?
Gehört rein.
R0bo7 is offline  
Old   #42
 
naosou's Avatar
 
elite*gold: 0
The Black Market: 11/0/0
Join Date: May 2013
Posts: 396
Received Thanks: 92
Quote:
Originally Posted by oceanusPT View Post
its possible make onde diff for 34k ??
Code:
This difference file is created by IdaPro

game
002EB6F5: 01 00
Code:
This difference file is created by IdaPro

db
00082F15: 01 00
naosou is offline  
Old   #43
 
elite*gold: 0
The Black Market: 4/0/0
Join Date: Jul 2014
Posts: 201
Received Thanks: 40
is it possible to make a dif for 67k?
Bercol is offline  
Old   #44

 
iMer's Avatar
 
elite*gold: 606
The Black Market: 0/0/0
Join Date: Apr 2008
Posts: 3,180
Received Thanks: 5,376
Dif to kill the function for 2089M (to allow for a safe transition period)
THIS WILL DISABLE DELETING FRIENDS

game_2089M
0010F5C3: 31 90
0010F5C4: C0 90
0010F5C5: 8B 90
0010F5C6: 03 90
0010F5C7: 8B 90
0010F5C8: 50 90
0010F5C9: F4 90
0010F5CA: 85 90
0010F5CB: D2 90
0010F5CC: 75 90
0010F5CD: 22 90


(why are people even using such an old version still? ugh)
iMer is offline  
Thanks
4 Users
Old   #45
 
miguelmig's Avatar
 
elite*gold: 0
The Black Market: 0/0/0
Join Date: Dec 2009
Posts: 113
Received Thanks: 44
I don't see why you're making fixes for the CGuildManager::CreateGuild, there's already
the
!check_name(gcp.name)

which prevents any special character that isn't a digit or alphanumerical
miguelmig is offline  
Thanks
1 User
Reply
Page 3 of 6 12 3 45 Last »

« [Mini-RLS] Mount Aufsteigen (Smoking / Hochzeitskleid) | Search HomePage & ItemShop »

Similar Threads Similar Threads
Small Help needed to fix the icons on messenger/guild
08/08/2015 - Flyff Private Server - 2 Replies
Hello guys, i just need a little help or guide on how do i fix the icons for each job in the friend list or messenger list. cause my messenger looks like this : Messenger Icons Error i need to correct the icons same with the guild view Guild Icon Error wrong icons ... Thanks in advance
[B) What´s App Messenger
12/14/2012 - elite*gold Trading - 20 Replies
Hey Leute ich biete euch hiermit einen Code für den iTunes US Store an! Dieser Code beinhaltet den Download von dem What´s App Messenger! Sofortkauf 30 e*G! Ich wiederhole, dieser Code funktioniert nur auf dem US iTunes Store!
Messenger Bug ?
07/19/2012 - Combat Arms - 2 Replies
Leute bei Combat Arms geht der Messenger garnicht und mit dem Clan kann ich garnicht sprechen alle sind Offline ist das nur bei mir oder bei vielen ? Und wie bekommt mann das wieder zurück ?
Tcp Messenger
06/21/2010 - AutoIt - 8 Replies
Hi wieder mal ein Problem:rtfm: Möchte nun Von meinem Tcp,Client was zu meinem Tcp,Server senden eine Nahricht möchte diese aber nicht immer im code ändern habe dazu eine Inputbox gemacht möchte nun das der text der in der inputbox ist gesendet wird mein code sieht bisher so aus TCPStartup() $verbindung = TCPConnect("127.0.0.1", 4322) $message=Inputbox("Msg Transmitter","Bitte Gib deine Nahricht ein.") If $verbindung = -1 Then MsgBox(16, "Error", "Die Verbindung zum Server...



All times are GMT +2. The time now is 23:38.

elitepvpers - play less, get more - Top

Powered by vBulletin®
Copyright ©2000 - 2026, Jelsoft Enterprises Ltd.
SEO by vBSEO ©2011, Crawlability, Inc.

Support | Contact Us | FAQ | Advertising | Privacy Policy | Terms of Service | Abuse
Copyright ©2026 elitepvpers All Rights Reserved.