|
You last visited: Today at 19:09
Advertisement
[FIX][C++] SQL Injection in Messenger and Guild
Discussion on [FIX][C++] SQL Injection in Messenger and Guild within the Metin2 PServer Guides & Strategies forum part of the Metin2 Private Server category.
12/15/2015, 02:56
|
#1
|
elite*gold: 0 
Join Date: Jul 2009
Posts: 2,471
Received Thanks: 5,622
|
[FIX][C++] SQL Injection in Messenger and Guild
Hello,
today there were attacks to several servers all using the same exploits.
I will not further explain the method used to attack these servers.
To fix it go to messenger_manager.cpp:
Search for the function MessengerManager::RemoveFromList
Replace it with this:
Code:
void MessengerManager::RemoveFromList(MessengerManager::keyA account, MessengerManager::keyA companion)
{
if (companion.empty())
return;
char companionEscaped[CHARACTER_NAME_MAX_LEN * 2 + 1];
DBManager::instance().EscapeString(companionEscaped, sizeof(companionEscaped), companion.c_str(), companion.length());
DBManager::instance().Query("DELETE FROM messenger_list%s WHERE account='%s' AND companion = '%s'",
get_table_postfix(), account.c_str(), companionEscaped);
__RemoveFromList(account, companion);
sys_log(1, "Messenger Remove %s %s", account.c_str(), companion.c_str());
TPacketGGMessenger pack;
pack.bHeader = HEADER_GG_MESSENGER_REMOVE;
strlcpy(pack.szAccount, account.c_str(), sizeof(pack.szAccount));
strlcpy(pack.szCompanion, companion.c_str(), sizeof(pack.szCompanion));
P2P_MANAGER::instance().Send(&pack, sizeof(TPacketGGMessenger));
}
Credits go to ricky92 and WoM2
|
|
|
|
12/15/2015, 03:00
|
#2
|
elite*gold: 190
Join Date: Dec 2009
Posts: 83
Received Thanks: 225
|
best guy miau ♥
|
|
|
|
|
12/15/2015, 03:03
|
#3
|
elite*gold: 0
Join Date: May 2012
Posts: 61
Received Thanks: 129
|
Bester Typ <3
|
|
|
|
|
12/15/2015, 03:53
|
#4
|
elite*gold: 0
Join Date: May 2014
Posts: 1
Received Thanks: 0
|
Thanks! <3
|
|
|
|
|
12/15/2015, 03:53
|
#5
|
elite*gold: 0
Join Date: Sep 2015
Posts: 1
Received Thanks: 0
|
Thank you.
|
|
|
|
|
12/15/2015, 06:58
|
#6
|
elite*gold: 100
Join Date: Dec 2014
Posts: 93
Received Thanks: 51
|
Thanks sir.
|
|
|
|
|
12/15/2015, 10:33
|
#7
|
elite*gold: 205
Join Date: Apr 2012
Posts: 861
Received Thanks: 1,421
|
Danke fürs Teilen und vorallem für die schnellen Absprachen im Fix. Hervorragende Arbeit!
|
|
|
|
|
12/15/2015, 11:15
|
#8
|
elite*gold: 226
Join Date: Sep 2015
Posts: 701
Received Thanks: 1,897
|
Mal wieder super von dir, dass du es mit der Community teilst!
So ne Scheiße muss wirklich nicht sein...
|
|
|
|
|
12/15/2015, 12:52
|
#9
|
elite*gold: 35
Join Date: Apr 2011
Posts: 1,018
Received Thanks: 1,984
|
Danke 
|
|
|
|
|
12/15/2015, 13:06
|
#10
|
elite*gold: 2
Join Date: Aug 2012
Posts: 1,242
Received Thanks: 2,070
|
Dankesehr ♥
|
|
|
|
|
12/15/2015, 14:22
|
#11
|
elite*gold: 17
Join Date: Sep 2015
Posts: 2,487
Received Thanks: 1,032
|
Endlich!
|
|
|
|
|
12/15/2015, 15:21
|
#12
|
elite*gold: 0
Join Date: May 2011
Posts: 37
Received Thanks: 48
|
Is possible to create one .dif for every game 2089m? My old server has 2089m.
|
|
|
|
|
12/15/2015, 16:03
|
#13
|
elite*gold: 83
Join Date: Nov 2013
Posts: 2,891
Received Thanks: 2,764
|
Quote:
Originally Posted by IkoLollo
Is possible to create one .dif for every game 2089m? My old server has 2089m.
|
Make an update and use the source. There's no reason to keep developing on this old revision.
|
|
|
|
|
12/15/2015, 16:12
|
#14
|
elite*gold: 265
Join Date: Oct 2010
Posts: 50
Received Thanks: 5
|
A question. Did anyone tested this fix or it`s just posted for +1?
|
|
|
|
|
12/15/2015, 16:15
|
#15
|
elite*gold: 83
Join Date: Nov 2013
Posts: 2,891
Received Thanks: 2,764
|
Quote:
Originally Posted by Marius Sorin
A question. Did anyone tested this fix or it`s just posted for +1?
|
Just by reading the code you can see that this fix will work.
|
|
|
|
 |
|
Similar Threads
|
Small Help needed to fix the icons on messenger/guild
08/08/2015 - Flyff Private Server - 2 Replies
Hello guys,
i just need a little help or guide on how do i fix the icons for each job in the friend list or messenger list. cause my messenger looks like this : Messenger Icons Error i need to correct the icons
same with the guild view Guild Icon Error wrong icons ...
Thanks in advance
|
[B) What´s App Messenger
12/14/2012 - elite*gold Trading - 20 Replies
Hey Leute ich biete euch hiermit einen Code für den iTunes US Store an!
Dieser Code beinhaltet den Download von dem What´s App Messenger!
Sofortkauf 30 e*G!
Ich wiederhole, dieser Code funktioniert nur auf dem US iTunes Store!
|
Messenger Bug ?
07/19/2012 - Combat Arms - 2 Replies
Leute bei Combat Arms geht der Messenger garnicht und mit dem Clan kann ich garnicht sprechen alle sind Offline ist das nur bei mir oder bei vielen ?
Und wie bekommt mann das wieder zurück ?
|
Tcp Messenger
06/21/2010 - AutoIt - 8 Replies
Hi wieder mal ein Problem:rtfm:
Möchte nun Von meinem Tcp,Client was zu meinem Tcp,Server senden eine Nahricht möchte diese aber nicht immer im code ändern habe dazu eine Inputbox gemacht möchte nun das der text der in der inputbox ist gesendet wird mein code sieht bisher so aus
TCPStartup()
$verbindung = TCPConnect("127.0.0.1", 4322)
$message=Inputbox("Msg Transmitter","Bitte Gib deine Nahricht ein.")
If $verbindung = -1 Then
MsgBox(16, "Error", "Die Verbindung zum Server...
|
All times are GMT +1. The time now is 19:11.
|
|
![[FIX][C++] SQL Injection in Messenger and Guild](https://www.elitepvpers.com/forum/iconimages/metin2-pserver-guides-strategies/fix-c-sql-injection-messenger-guild_ltr.gif){kind=small}
