Welcome!

Join our community of MMO enthusiasts and game developers! By registering, you'll gain access to discussions on the latest developments in MMO server files and collaborate with like-minded individuals. Join us today and unlock the potential of MMO server development!

Join Today!

New exploit

Newbie Spellweaver
Joined
May 18, 2013
Messages
7
Reaction score
0
There has been a new exploit that can crash a zone in the most stable server files "k5.2"

Does anyone know about this new exploit?

Crash Description:
- mandara suddenly crashes (zone shuts down)
- the error does not go into the logs


some errors that i think has a connection w/ the crash
pH7sv9S - New exploit - RaGEZONE Forums
 

Attachments

You must be registered for see attachments list
Elite Diviner
Joined
Jan 17, 2014
Messages
401
Reaction score
39
There has been a new exploit that can crash a zone in the most stable server files "k5.2"

Does anyone know about this new exploit?

Crash Description:
- mandara suddenly crashes (zone shuts down)
- the error does not go into the logs


some errors that i think has a connection w/ the crash
pH7sv9S - New exploit - RaGEZONE Forums

GjXcTwZ - New exploit - RaGEZONE Forums

RxQf2Ys - New exploit - RaGEZONE Forums

Up Up UP Eliana Gherbaz Sir please help :)
 

Attachments

You must be registered for see attachments list
Newbie Spellweaver
Joined
Jan 31, 2017
Messages
58
Reaction score
0
Ah, and I thought I was the only one having this kind of problem in my server, sadly for me it's my Kruma (Zone 10)
 
Newbie Spellweaver
Joined
Dec 26, 2014
Messages
19
Reaction score
0
no one replying, maybe you just mess up some of your configuration.
 
Junior Spellweaver
Joined
Oct 31, 2013
Messages
122
Reaction score
41
I don't know what is doing the crash on your servers you have to find out and fix it.

I can say that in my server they try to crash zones every day, first was with simple %s%n and so on, now they try with this:
nukos123 - New exploit - RaGEZONE Forums


I show my log because don't know if that can help some of you to find out why you get map crash.

Yes I have a log made by my dll because unfortunately when you get a map crash (which is produced by a memory exception) none of the server logs will register "The why", because the server stop to work on the exception (this is another of the things hanbit did wrong, they did not handle exceptions). After I fixed almost common map Crash, I made that my server register a log of what was the command or what they write to try crash the zone. Till now and since months ago I don't get map crash (even they still trying to map crash me), if at some point they are able to map crash me again, I will know exactly what I have to Fix, BUT ON SERVER SIDE. Most of you based your fix on Client Side, I always repeat a phrase I like a lot: NEVER TRUST ON THE CLIENT.

My technique to find where and why the exception occurs, is to attach Olly to the zone, and then wait till they crash my zone, when the crash is performed, olly will immediately go to a PAUSE, and if you make a stack trace you will find all you need to fix that exception. For example last time I got Map crash I was WTF why I get map crash again when i fixed that years ago, the guy doing Map crash even laugh at me saying that I will not be able to figure out how he/she was doing the crash and he said that if I pay him, he will tell me, my answer was: I dont need to pay for some I can find in just mins. After attaching Olly, he map crash me again and the stack was saying that the crash was because sending /dmap command. To be honest, in almost 9 years of managing Tantra Servers, I never saw that command, so I didn't know that it exist, then all I did was to include that on my dll filter, it was just like 10 mins the fix, then I reply to the guy: will you still laughing me? he said NO, you are the first one who fix it so fast. With out the help of Olly most probably is that I never know how he was doing the crash.
 
Last edited:
Joined
Apr 6, 2012
Messages
456
Reaction score
38
TS showed me the logs and even attached olly. At some point, we were able to trace what codes they're using, it seems that it was through the ashramlv. Our only problem now is, how to block those codes, replacing it with NOP will not fix it I guess?
 
Junior Spellweaver
Joined
Oct 31, 2013
Messages
122
Reaction score
41
TS showed me the logs and even attached olly. At some point, we were able to trace what codes they're using, it seems that it was through the ashramlv. Our only problem now is, how to block those codes, replacing it with NOP will not fix it I guess?

As you may see on my logs they are using ashramlv too as the most used one to try to crash the zone, they try too with party board but just 1 time.

I have to say that can be a lot ways to fix that, it all depends on the skills as a programmer you have, in my case, because I'm not an expert programmer, all I can thought at that time was to make a dll, which will capture the message sent by the client to the server, analyse it if it contains any of the invalid string I declared in a list, if so, then clear the msg and send that clear one to the server to be process. My dll acts like the Chat filter, it is in between client and server, so my server dont receive messages with strings that are on the black list. Of course it can be solve too with a try..catch, but because I don't know how to do that on c++ I went with the dll.

I know that for example in damodar servers what they did was to disable the /ashramlv command on the client, of course that is ok for avoiding map crash with that command but then, no clan can have lvls, only Maharaja and Sudras (if im not wrong with the names).
 
Last edited:
Newbie Spellweaver
Joined
Jan 31, 2017
Messages
58
Reaction score
0
I have a stupid question,

If I added /ashramlv and /dmap on my ChatFilter.txt will that help? I haven't added /ashramlv yet because my players needed it, so far my maps are still running after I added the /dmap on my ChatFilter.txt but I can't say for sure, I'm a newbie xD
 
Junior Spellweaver
Joined
Oct 31, 2013
Messages
122
Reaction score
41
I have a stupid question,

If I added /ashramlv and /dmap on my ChatFilter.txt will that help? I haven't added /ashramlv yet because my players needed it, so far my maps are still running after I added the /dmap on my ChatFilter.txt but I can't say for sure, I'm a newbie xD

Adding to the ChatFilter will block them from the Chat and EBB, but not from the Boards, so if you go with that solution and you still have the problem, then I will recommend you to disable the boards (if you have them).
 
Newbie Spellweaver
Joined
Jan 31, 2017
Messages
58
Reaction score
0
Adding to the ChatFilter will block them from the Chat and EBB, but not from the Boards, so if you go with that solution and you still have the problem, then I will recommend you to disable the boards (if you have them).
I deleted my mail and board on the DBSRV, that should work right?

I had to disable my mail system because of Item/Rupiah dupe
 
Junior Spellweaver
Joined
Oct 31, 2013
Messages
122
Reaction score
41
I deleted my mail and board on the DBSRV, that should work right?
I had to disable my mail system because of Item/Rupiah dupe

I don't know what you mean with "deleted on the DBSRV", so can't answer your question.
 
Newbie Spellweaver
Joined
Jan 31, 2017
Messages
58
Reaction score
0
I don't know what you mean with "deleted on the DBSRV", so can't answer your question.

There was something about Disciple, Chatboard and Mail on my DBSRV, I deleted them all, I tested my Board Chat and Disciple thing, none of them works now so I think I solved this problem
 
Joined
Oct 16, 2004
Messages
894
Reaction score
94
Eliana, its good that you're helping but I think they are basically wants you to hand them the fix you made. lmao

Also, for other developers...
Are you 99% sure its AshramLV that causing this? Because sometimes what you see is what you do not expect. ;)


Think of it this way, your log shows that the culprit is from ashramlv or something.
But what if I tell you, there's a way to crash a server/zone without having it printed in a log file?

Edit:
There's also a way to crash a zone using ANY memory editors (e.g. Cheat Engine).
 
Junior Spellweaver
Joined
Oct 31, 2013
Messages
122
Reaction score
41
Eliana, its good that you're helping but I think they are basically wants you to hand them the fix you made. lmao
Also, for other developers...
Are you 99% sure its AshramLV that causing this? Because sometimes what you see is what you do not expect. ;)
Think of it this way, your log shows that the culprit is from ashramlv or something.
But what if I tell you, there's a way to crash a server/zone without having it printed in a log file?

Yes I know a lot wants me to hand my fix, and it is funny because a lot offer me to pay for that, but I know too that exist ppl that just need a push/hint/clue to get in the right way to solve an issue, so why not to give that push/help/clue? of course I will never fix other Tantra servers issues (no matter how much money they offer to pay me), I only did that with a server of a partner I had till July 2016 and believe me, now days I regret for doing that. To be honest, I decide to help in this community, because I know how it feels to be in their shoes, when I bought my actual Server, it was a crap server, dupes every where, map crashes continuously, DDoS attacks that don't even allow me to keep the server up more than 15 mins and so on, and in that time I didn't know how to solve that, and there was no one who wants to guide me on what I have to do to solve my problem, it feels really bad. I know too that most ppl that reads my post in this community don't understand what I say, because they don't have the knowledge to follow me, but im sure that there are others that understand, and they can even do a better job than me.

Now, what you said about the logs, I already said that in my post #6 : "unfortunately when you get a map crash (which is produced by a memory exception) none of the server logs will register "The why", because the server stop to work on the exception (this is another of the things hanbit did wrong, they did not handle exceptions) That is why I recommended to attach Olly to the zone to get the reason of the crash. Of course those who have fun crashing other Tantra servers will hate me for helping ppl to avoid the crash, while they hate me, I love them, because without them I would never have known how to fix those crash, not because they told me how to fix it, of course they didn't, it is because they did, and still doing, all the crash they know with me to just try to make me shut down my server.

BTW I have to mention that the guy who told me about the /ashramlv crash was the developer of tantra.infinix (jbeitz107 here if I'm not wrong) and I will be forever grateful with him for that help he gave me on that time.
 
Last edited:
Newbie Spellweaver
Joined
Oct 17, 2018
Messages
20
Reaction score
1
@Eliana Gherbaz, Thanks for all your hardworks and dedications. It's a big help sharing your thoughts and ideas here. I'm inspired to do a self-study here :)
 
Back
Top