Discussion on [RELEASE][FIX] GameServer Crash/Runtime Error Exploit within the SRO PServer Guides & Releases forum part of the SRO Private Server category.
This is yet an unknown one (atleast for me and my environment) so I wanted to share this before more people lose their mind. It's a really strong exploit and will crash your gameserver with only 1 packet.
And the fix is also that easy.
Just block the 0x3510 opcode and you'll be fine.
PHP Code:
if(_pck.Opcode == 0x3510) continue;
Because the attackers used it wisely, we thought it was an error caused by the database. We wasted hours in front of PC (to fix this on BlackPearl) and then we decided to search the packets one by one to see the malicious one.
why would you allow this opcode anyway? You should have an opcode whitelist and store only legit opcodes there. I'm not sure if the people above are being sarcastic or they really don't know.
why would you allow this opcode anyway? You should have an opcode whitelist and store only legit opcodes there. I'm not sure if the people above are being sarcastic or they really don't know.
true but he said " block the opcode" then it's a little mistake at the coding
blocking the opcode can be done from the exploit.txt " if you have a file for bad opcodes " or by making it like this
PHP Code:
if(_pck.Opcode == 0x3510)
{
Disconnect
//or what ever you need to do
}
why would you allow this opcode anyway? You should have an opcode whitelist and store only legit opcodes there. I'm not sure if the people above are being sarcastic or they really don't know.
this is a valid packet for BR files (stall network) and maybe I have it whitelisted for a reason.
Or people can still be using blacklists.
Don't be a ****.
this is a valid packet for BR files (stall network) and maybe I have it whitelisted for a reason.
Or people can still be using blacklists.
Don't be a ****.
I have a complete white list for Black Rogue files, and this opcode has nothing to do with Stall network. It's not a valid Black Rogue opcode!
Only these are valid stall network opcodes.
0x7461,CLIENT_BR_STALLNETWORK_SEARCH
0x7462,CLIENT_BR_STALLNETWORK_CLOSE
0x7463,CLIENT_BR_STALLNETWORK_PURCHASE
So you can block it, it won't affect any functionality in BR Files.
I have a complete white list for Black Rogue files, and this opcode has nothing to do with Stall network. It's not a valid Black Rogue opcode!
Only these are valid stall network opcodes.
0x7461,CLIENT_BR_STALLNETWORK_SEARCH
0x7462,CLIENT_BR_STALLNETWORK_CLOSE
0x7463,CLIENT_BR_STALLNETWORK_PURCHASE
I know this thread is really old, but can you share the way you search the malicious? What software to use to see the packet one by one? Did you log all the packet by using Wireshark?
My SRO server files are getting crash so many times in the last few days, my DB are fine and I really don't know the main problem of that, I think there is a new exploit opcode we don't know.
I know this thread is really old, but can you share the way you search the malicious? What software to use to see the packet one by one? Did you log all the packet by using Wireshark?
My SRO server files are getting crash so many times in the last few days, my DB are fine and I really don't know the main problem of that, I think there is a new exploit opcode we don't know.
I logged every single opcode I received, except for the very common ones like ping, skill, move, chat etc. Through filter of course.
Then checked the odd looking ones just before the gameserver crashed.
You can't analyze the sro packet data with Wireshark I guess... You need a filter.
I logged every single opcode I received, except for the very common ones like ping, skill, move, chat etc. Through filter of course.
Then checked the odd looking ones just before the gameserver crashed.
You can't analyze the sro packet data with Wireshark I guess... You need a filter.
Thanks for your really kindly reply. I have a filter but not own the source, I can code C# but I don't know where to start to built a simple filter to log all opcodes like you do. Is there any open-source simple filter project out there you know can give me a starting point?
I have this opcode list but I think is not all valid code, can you share your list of valid opcodes?
[Problem]Microsoft Visual C++ Runtime Library Runtime Error! 08/08/2013 - Metin2 Private Server - 2 Replies Hi All
I'have problem with my client
when i'm warp to map or login or logout or play in game
game close and say
Microsoft Visual C++ Runtime Library
Runtime Error!
img:
[Question] crack gameserver rates without Runtime error 10/20/2012 - SRO Private Server - 1 Replies I tried to crack my game server to set the exp,sp,item drop, etc rate high but now that i did it i get a run time error one second or so after it launches
i used this post to do it
Cracking GameServer to fix rates
Writed By Chernobyl*
So, some people might have problems even at such basic stuff as cracking a experience limit.
VSRO GAMESERVER RUNTIME ERROR 03/12/2012 - SRO Private Server - 12 Replies i get after 10 mins of gameserver starts a runtime error
How can i fix this?
![[RELEASE][FIX] GameServer Crash/Runtime Error Exploit](https://www.elitepvpers.com/forum/iconimages/sro-pserver-guides-releases/release-fix-gameserver-crash-runtime-error-exploit_ltr.gif){kind=small}
.
but I think is not all valid code, can you share your list of valid opcodes?
