Most visitors online was 8830 , on 6 Feb 2024
Join our community of MMO enthusiasts and game developers! By registering, you'll gain access to discussions on the latest developments in MMO server files and collaborate with like-minded individuals. Join us today and unlock the potential of MMO server development!
Join Today!it seems that in removing a favorite group's with an error exploit
LimitedEditionSells is a integer, you can't inject hereFor you resolve this error exploit you have to set if the group is null, use the same packet structure but with default values, int 0 string empty and if you have any bool is false, give you makes a return or create an else to execution of which is not null
PurchaseFromCatalogEvent
find:
dbClient.RunQuery("UPDATE `catalog_items` SET `limited_sells` = '" + Item.LimitedEditionSells + "' WHERE `id` = '" + Item.Id + "' LIMIT 1");
replace:
dbClient.SetQuery("UPDATE `catalog_items` SET `limited_sells` = @limited_sells, `gender` = '" + Item.LimitedEditionSells.gender + "' WHERE `id` = '" + Item.Id + "' LIMIT 1");
dbClient.AddParameter("limited_sells",Item.Id.limited_sells);
dbClient.RunQuery();
obs: if wrong please correct'm still junior
LimitedEditionSells is a integer, you can't inject here
LimitedEditionSells is a integer, you can't inject here
For you resolve this error exploit you have to set if the group is null, use the same packet structure but with default values, int 0 string empty and if you have any bool is false, give you makes a return or create an else to execution of which is not null
PurchaseFromCatalogEvent
find:
dbClient.RunQuery("UPDATE `catalog_items` SET `limited_sells` = '" + Item.LimitedEditionSells + "' WHERE `id` = '" + Item.Id + "' LIMIT 1");
replace:
dbClient.SetQuery("UPDATE `catalog_items` SET `limited_sells` = @limited_sells, `gender` = '" + Item.LimitedEditionSells.gender + "' WHERE `id` = '" + Item.Id + "' LIMIT 1");
dbClient.AddParameter("limited_sells",Item.Id.limited_sells);
dbClient.RunQuery();
obs: if wrong please correct'm still junior
namespace Plus.Communication.Packets.Incoming.Inventory.Purse
{
class GetForumsListDataEvent : IPacketEvent
{
public void Parse(GameClient Session, ClientPacket Packet)
{
int GroupId = Packet.PopInt();
int startindex = Packet.PopInt();
int endindex = Packet.PopInt();
Group Group = null;
PlusEnvironment.GetGame().GetGroupManager().TryGetGroup(GroupId, out Group);
if (Group == null || !Group.HasForum)
return;
" and and send it entirely, and specify what is wrong. Also here is not a help section.
I'm fairly certain that User.BotData.Gender is also a string.Hi,
When I was checking Plus I found a exploit which makes it possible to send queries, drop tables, whatever you like. I noticed that someone finally found out the exploit and I decided to release the fix because this guys just want duck some poop up.
Open the source and follow me.
1). HabboHotel\Items\Wired\Boxes\Effects\BotChangesClothesBox.cs
I'm fairly certain that User.BotData.Gender is also a string.
Besides, the SQL injection would be of no risk if the user does not have any way of providing their own figure string. On Habboon edit (which I'm certain everyone now uses) there is a figure parser which would take care of any scripting attempts to try this.
u can save your own figure with a packetlogger.
u can save your own figure with a packetlogger.
string Look = PlusEnvironment.GetGame().GetAntiMutant().RunLook(Packet.PopString());
Even then, it's ran through the anti mutant which will prevent any invalid strings.
Code:string Look = PlusEnvironment.GetGame().GetAntiMutant().RunLook(Packet.PopString());
If any SQL is passed through it'll simply return a figure:
These SQLi patches are still useful for people not running the boon edit though.
Then you're either not using boon edit or you're not going via tanji.I tried to inject and i can without problems.
in BotChangesClothesBox.cs there isn't the antimutant..Then you're either not using boon edit or you're not going via tanji.