Anti Buum! Informations.

Results 1 to 4 of 4
  1. #1
    Registered Cainan is offline
    MemberRank
    Feb 2013 Join Date
    7Posts

    Anti Buum! Informations.


    RaGEZONE Recommends

    RaGEZONE Recommends

    Hi, i'm brazilian and i want to say: my english is bad.

    I am searching for the packet responsible for the Buum in the source code that have released in the forum, and i found it...Now, i want to share some information about that.

    First: The address referenced in the "Server Exploit - Remote Crash" ( 0x00846090 ) is responsible for Disable Login in the server.

    Second: If the value of this address is:
    - 1 -> The server will block any login.
    - 2 -> The server will sleep for 2 minutes every time ( In other words, server will not crash, but it will sleep forever ).

    Third: The value of this address will only be changed ( by default ) at server startup from the following ways:
    - 1 -> Reading *DISABLE_LOGIN number from Hotuk.ini and writing his value.
    - 2 -> If the *DISABLE_LOGIN does not have a number in front of him, the value will be 1.
    - 3 -> If the *DISABLE_LOGIN does not exists ( // ), value will be 0.

    Fourth: The packet 0x50321010 will only Log the Hack...Now, the simplest solution is to check values in the packets, or use a default log.

    Someone more experience can tell me if this is correct? Or correct some mistakes about it.


  2. #2
    Registered nyckad is offline
    MemberRank
    Dec 2011 Join Date
    15Posts

    Re: Anti Buum! Informations.

    Quote Originally Posted by Cainan View Post
    Hi, i'm brazilian and i want to say: my english is bad.

    I am searching for the packet responsible for the Buum in the source code that have released in the forum, and i found it...Now, i want to share some information about that.

    First: The address referenced in the "Server Exploit - Remote Crash" ( 0x00846090 ) is responsible for Disable Login in the server.

    Second: If the value of this address is:
    - 1 -> The server will block any login.
    - 2 -> The server will sleep for 2 minutes every time ( In other words, server will not crash, but it will sleep forever ).

    Third: The value of this address will only be changed ( by default ) at server startup from the following ways:
    - 1 -> Reading *DISABLE_LOGIN number from Hotuk.ini and writing his value.
    - 2 -> If the *DISABLE_LOGIN does not have a number in front of him, the value will be 1.
    - 3 -> If the *DISABLE_LOGIN does not exists ( // ), value will be 0.

    Fourth: The packet 0x50321010 will only Log the Hack...Now, the simplest solution is to check values in the packets, or use a default log.

    Someone more experience can tell me if this is correct? Or correct some mistakes about it.
    Cainan,

    Have you tried look at the dump file? If you open the dump in Visual Studio, you can debug and knows where is the issue.

  3. #3
    Registered Cainan is offline
    MemberRank
    Feb 2013 Join Date
    7Posts

    Re: Anti Buum! Informations.

    Quote Originally Posted by nyckad View Post
    Cainan,

    Have you tried look at the dump file? If you open the dump in Visual Studio, you can debug and knows where is the issue.
    Hi, i have no server, so did not get any Buum attack. I'm just commenting, and if you can send me this dump file, i would appreciate.

  4. #4
    Registered nyckad is offline
    MemberRank
    Dec 2011 Join Date
    15Posts

    Re: Anti Buum! Informations.

    Quote Originally Posted by Cainan View Post
    Hi, i have no server, so did not get any Buum attack. I'm just commenting, and if you can send me this dump file, i would appreciate.
    I dont have this dump file, sorry, the post was only one idea




Advertisement