I can see the dislike everyone has for this fix which I released.
Next time, when I do find something, I'll be sure NOT to release to you guys lol.
Regardless if its client-side or server-side, it should not be happening.
Very impressive catch!
Mackors, just need use Tanjii or other Packet Logger.
- - - Updated - - -
For me this fixes nothing. The shit continues vulnerable, unique difference it's that need start with "production" string
I can wrote something like "production for my ass"
Anyways, your fix does something good, that is change the global variable to a session variable, so only the user will se this.
Anyways, doesn't exists other way to check revision of the swf?
Cheers,
Good thinking for sure. Still not an appropriate fix. Why would you want a string being send by the user (which can clearly be any string at all), to display in your :about? Even if it's just for that one user. What I suggest is the following:
GetClientVersionEvent.cs
PlusEnvironment.csPHP Code:using Plus.HabboHotel.GameClients;using Plus.Communication.Packets.Incoming;
namespace Plus.Communication.Packets.Incoming.Handshake
{
public class GetClientVersionEvent : IPacketEvent
{
public void Parse(GameClient Session, ClientPacket Packet)
{
Packet.PopString();
}
}
}
This way you can still show something in your :about, but have ultimate control over it.PHP Code:public static string SWFRevision = "PUTWHATEVERYOUWANTHERE";
Nice! i do the same, caching many production packets and handling at the same time and in the same server, but... I'm curious... Whats does this 'initializeRevision' function does exactly?
@Edit
My suggestion to protect your emu from some packet injection is: review your incoming handlers :)
@Dominic Surely interesting, I've thought about this too, yet can not figure out why one would want this.
Unless ofcourse you have REVISION & PRODUCTION support on 1 server, that'd be cool
Well, I only support PRODUCTION as of right now, however that idea might not be that bad. (and even could work, if done properly!!!)
What I use it for is that I have a proxy cache (like CloudFlare or whatever) that caches my .swf's, so whenever I update my revision; it's still stuck for some. I found the best way was to initialize different revisions
I have done this long time ago :) https://gyazo.com/b7a3b9ed6023ee0ea5bb30872386fc2e
EDIT: Also supports new ui but I dont have gif for it