(ASAP) PlusEMU (D/C) - (PacketLogger)

[Youngster]

Hello Ragezoners,

I am using PlusEMU heavily edited by Westy, but it seems the emulator is vulnerable to "Scripters?."
I was on my hotel while some kid came along begging me for staff, I said "No send a staff application. He then responded saying really?, then my client disconnected.

P.S
Does anyone out there know a fix to this problem?, if so may you please help me thank you very much!.

Emulator logs:
Code:
Error en query:
UPDATE users SET look = @Look, gender = @gender WHERE id = 531
MySql.Data.MySqlClient.MySqlException (0x80004005): Data truncated for column 'gender' at row 1
at MySql.Data.MySqlClient.MySqlStream.ReadPacket()
at MySql.Data.MySqlClient.NativeDriver.GetResult(Int32& affectedRow, Int32& insertedId)
at MySql.Data.MySqlClient.Driver.NextResult(Int32 statementId, Boolean force)
at MySql.Data.MySqlClient.MySqlDataReader.NextResult()
at MySql.Data.MySqlClient.MySqlCommand.ExecuteReader(CommandBehavior behavior)
at MySql.Data.MySqlClient.MySqlCommand.ExecuteNonQuery()
at Database_Manager.Database.Session_Details.QueryAdapter.runQuery() in c:\Users\Administrator\Desktop\Plus Emulator Youngster\Database_Manager\Database\Session_Details\QueryAdapter.cs:line 184

Emulator Info: Wondering why I added myself to Developer list?, I am not trying to steal credits the matter of the fact is, I spent 2 nights adding new commands and cleaning up the emulator. All I need is a fix for this thanks again to anyone willing to help.

Image - May help you guys who wanna help me understand.

 

[Charlotte Potts]

A good antimutant can help stop against people scripting this way. It seems a lot of the time using figures is the most common way of disconnecting a hotel/room.

 

[Brought]

The emulator that was released is horrible lol. YoWesty has a better personal edit and he may be able to personally help you.

 

[Youngster]

The emulator that was released is horrible lol. YoWesty has a better personal edit and he may be able to personally help you.

Alright thanks, appreciated.

 

[YoWesty]

The emulator that was released is horrible lol. YoWesty has a better personal edit and he may be able to personally help you.

This is true, very true. I have also implemented a new antimutant/encryption as I didn't know how to fix this on the current one & Ever since scripters did stop. Like I said on the other Forum I will still take a look through for you. But I ain't going to rush as I'm busy with other things right now.

 

[Jonteh]

Your current issue is either:

- Strict mode is enabled (less likely)
- The data provided for Look is too long, try increasing your look column size

 

[YoWesty]

Ok here should be a fix for the figure.
Goto PlusEnvironment and find

Internal static string FilterFigure(string figure)

Replace it with

internal static string FilterFigure(string figure)
        {
            return figure.Any(character => !IsValid(character))
                ? "lg-3023-1335.hr-828-45.sh-295-1332.hd-180-4.ea-3168-89.ca-1813-62.ch-235-1332"
                : figure;
        }

Then add this to the bottom of the page

private static bool IsValid(char c)
        {
            return char.IsLetterOrDigit(c) || allowedSpecialChars.Contains(c);
        }

then add this below

private static readonly HashSet<char> allowedSpecialChars = new HashSet<char>(new[]
       {
            '-', '.', ' ', 'Ã', '©', '¡', '', 'º', '³', 'Ã', '‰', '_'
        });

Also forgot.

goto habbohotel/misc/antimutan.cs and replace it with this.

using System.Collections.Generic;
using System.Linq;


namespace Plus.HabboHotel.Misc
{
   
    internal class AntiMutant
    {
        
        private readonly Dictionary<string, Dictionary<string, Figure>> _parts;

       
        public AntiMutant()
        {
            _parts = new Dictionary<string, Dictionary<string, Figure>>();
        }

        
        private string GetLookGender(string look)
        {
            var figureParts = look.Split('.');

            foreach (string part in figureParts)
            {
                var tPart = part.Split('-');
                if (tPart.Count() < 2)
                    continue;
                var partName = tPart[0];
                var partId = tPart[1];
                if (partName != "hd")
                    continue;
                return _parts.ContainsKey(partName) && _parts[partName].ContainsKey(partId)
                    ? _parts[partName][partId].Gender
                    : "U";
            }
            return "U";
        }
    }
}

Then create a new cs in the same folder called figure.cs Then add this to it.

namespace Plus.HabboHotel.Misc
{
  
    internal struct Figure
    {
        
        internal string Part;

        
        internal string PartId;

       
        internal string Gender;

      
        internal string Colorable;

    
        public Figure(string part, string partId, string gender, string colorable)
        {
            Part = part;
            PartId = partId;
            Gender = gender;
            Colorable = colorable;
        }
    }
}

 

[The General]

The problem is not really the look, they send an invalid gender to the server which forwards that to all other clients in the room and thus getting them disconnected.

 

[Jonteh]

The problem is not really the look, they send an invalid gender to the server which forwards that to all other clients in the room and thus getting them disconnected.

Wow, you're right. I didn't even read the damned post properly..

 

[The General]

Wow, you're right. I didn't even read the damned post properly..

Read it on darkbox. ^.^

 

[Jonteh]

Read it on darkbox. ^.^

I was fully aware of that gender sending issue (basically every hotel has it hehehehe) but I saw the part 'data truncated' and I was like oh - the look code is too long and can't update.

And I call myself a developer.. can't even read a Ducking post properly

 

[Youngster]

I was fully aware of that gender sending issue (basically every hotel has it hehehehe) but I saw the part 'data truncated' and I was like oh - the look code is too long and can't update.

And I call myself a developer.. can't even read a Ducking post properly

So I take it there's no way to fix it yet?

 

[YoWesty]

So I take it there's no way to fix it yet?

here worked on it.
Replace your antimutant.cs with this

using System.Collections.Generic;
using System.Linq;


namespace Plus.HabboHotel.Misc
{
    
    internal class AntiMutant
    {
       
        private readonly Dictionary<string, Dictionary<string, Figure>> Parts;

       
        public AntiMutant()
        {
            Parts = new Dictionary<string, Dictionary<string, Figure>>();
        }

       
        private string GetLookGender(string look)
        {
            var figureParts = look.Split('.');

            foreach (string part in figureParts)
            {
                var tPart = part.Split('-');
                if (tPart.Count() < 2)
                    continue;
                var PartName = tPart[0];
                var partId = tPart[1];
                if (PartName != "hd")
                    continue;
                return Parts.ContainsKey(PartName) && Parts[PartName].ContainsKey(partId)
                    ? Parts[PartName][partId].Gender
                    : "U";
            }
            return "U";
        }
    }
}

replace your ChangeLook() with this

  internal void ChangeLook()
        {
            string text = this.Request.PopFixedString().ToUpper();
            string text2 = this.Request.PopFixedString();
            text2 = PlusEnvironment.FilterFigure(text2);
            text2 = PlusEnvironment.FilterInjectionChars(text2);


            


            PlusEnvironment.GetGame().GetQuestManager().ProgressUserQuest(this.Session, QuestType.PROFILE_CHANGE_LOOK, 0u);
            Session.GetHabbo().Look = text2;
            Session.GetHabbo().Gender = text.ToLower();
            this.Session.GetHabbo().Gender = text.ToLower();


            using (IQueryAdapter queryreactor = PlusEnvironment.GetDatabaseManager().getQueryreactor())
            {
                queryreactor.setQuery("UPDATE users SET look =  [USER=1333417016]Look[/USER], gender =  [USER=109]gender[/USER] WHERE id = " + this.Session.GetHabbo().Id);
                queryreactor.addParameter("look", text2);
                queryreactor.addParameter("gender", text);
                queryreactor.runQuery();
            }
            PlusEnvironment.GetGame().GetAchievementManager().ProgressUserAchievement(this.Session, "ACH_AvatarLooks", 1, false);
            if (this.Session.GetHabbo().Look.Contains("ha-1006"))
            {
                PlusEnvironment.GetGame().GetQuestManager().ProgressUserQuest(this.Session, QuestType.WEAR_HAT, 0u);
            }
            this.Session.GetMessageHandler().GetResponse().Init(Outgoing.UpdateAvatarAspectMessageComposer);
            this.Session.GetMessageHandler().GetResponse().AppendString(this.Session.GetHabbo().Look);
            this.Session.GetMessageHandler().GetResponse().AppendString(this.Session.GetHabbo().Gender.ToUpper());
            this.Session.GetMessageHandler().SendResponse();
            this.Session.GetMessageHandler().GetResponse().Init(Outgoing.UpdateUserDataMessageComposer);
            this.Session.GetMessageHandler().GetResponse().AppendInt32(-1);
            this.Session.GetMessageHandler().GetResponse().AppendString(this.Session.GetHabbo().Look);
            this.Session.GetMessageHandler().GetResponse().AppendString(this.Session.GetHabbo().Gender.ToLower());
            this.Session.GetMessageHandler().GetResponse().AppendString(this.Session.GetHabbo().Motto);
            this.Session.GetMessageHandler().GetResponse().AppendInt32(this.Session.GetHabbo().AchievementPoints);
            this.Session.GetMessageHandler().SendResponse();
            if (this.Session.GetHabbo().InRoom)
            {
                Room currentRoom = this.Session.GetHabbo().CurrentRoom;
                if (currentRoom == null)
                {
                    return;
                }
                RoomUser roomUserByHabbo = currentRoom.GetRoomUserManager().GetRoomUserByHabbo(this.Session.GetHabbo().Id);
                if (roomUserByHabbo == null)
                {
                    return;
                }
                ServerMessage serverMessage = new ServerMessage(Outgoing.UpdateUserDataMessageComposer);
                serverMessage.AppendInt32(roomUserByHabbo.VirtualId);
                serverMessage.AppendString(this.Session.GetHabbo().Look);
                serverMessage.AppendString(this.Session.GetHabbo().Gender.ToLower());
                serverMessage.AppendString(this.Session.GetHabbo().Motto);
                serverMessage.AppendInt32(this.Session.GetHabbo().AchievementPoints);
                currentRoom.SendMessage(serverMessage);
            }
        }

 

[Jonteh]

So I take it there's no way to fix it yet?

Very easy fix..

if(Gender.ToLower() != "m" && Gender.ToLower() != "f")
Session.SendNotif("wtf are u doing son!!!11!11!1");
return;

 

[Youngster]

Very easy fix..

if(Gender.ToLower() != "m" && Gender.ToLower() != "f")
Session.SendNotif("wtf are u doing son!!!11!11!1");
return;

Thanks, I am not really sure where to put this when you have some time could you tell me what .cs to put it in and where at. Thanks again for the help.

 

[YoWesty]

Thanks, I am not really sure where to put this when you have some time could you tell me what .cs to put it in and where at. Thanks again for the help.

add

if (text.ToLower() != "m" && text.ToLower() != "f")
                Session.SendNotif("wtf are u doing son!!!11!11!1");

to ChangeLook()

 

[Youngster]

add

if (text.ToLower() != "m" && text.ToLower() != "f")
                Session.SendNotif("wtf are u doing son!!!11!11!1");

to ChangeLook()

Alright and the other stuff you gave me YoWesty, do I need it or just add this?

 

[Charlotte Potts]

Alright and the other stuff you gave me @YoWesty, do I need it or just add this?

Yes the other stuff will stop people changing into invalid figures, just a bit extra protection against people scripting invalid avatars.

 

[Youngster]

Yes the other stuff will stop people changing into invalid figures, just a bit extra protection against people scripting invalid avatars.

Alright, and my hotel being spammed with Turkish people lmao, got like 15 online with Turkish people spam inviting on other hotels tf. I don't even know how this happened.

 

[Jonteh]

@Youngster you shouldn't be running a hotel if you don't know the first thing about maintaining it (e.g expecting to be spoon fed by the people in this thread) no offense intended. Educate yourself in some C#.