Gatewayserver closer FIX.

[Dizzie]

There was leaked security programs from my computer by friends.

Here is the fix for it:

Just load GatewayServer with ollydbg.
right click -> Search for -> All commands

write there:
PUSH 6308


Just double click on it and change the number to whatever you want.

I wont write down the rest, its not an ODBG guide =)

Edit:
There is another exploit too, which will (how to say properly...) disconnect gatewayserver from smc/cert. Works almost the same way as the other.

Just change 631D opcode to something else and everything should be fine again :)

[MentaL]

[loveme]

succeed? Does a definitive solution? Who tried?

[Caosfox]

no idea how to close the gatewayserver, so cant test if works or not. but i bet it works

[Dizzie]

The hack was "simple", just had to inject this opcode to any loginserver and it closed itself automatically. Tomorrow i will upload a simple tool to check that :) /Not at home atm/

[Caosfox]

The hack was "simple", just had to inject this opcode to any loginserver and it closed itself automatically. Tomorrow i will upload a simple tool to check that :) /Not at home atm/

that sound great! waiting for it

[szopolebore]

Op code bad.

[Naty48]

idiot , he already found a solution for that one too.

you could keep it to youself.

[Dizzie]

The file i promised.

Please scan it in virustotal before using.

Edit: edit the config file, but the ip there and the port (gatewaysrv port), save and start the exe.

Only for education purposes, dont blame me if anybody uses it for something wrong.

Credits goes to Chernobyl, for letting me use his old source.

idiot , he already found a solution for that one too.

you could keep it to youself.

Thank you.



To the missunderstanding ppl: NOT Cherno abused it, i gave it to friends and sh*t happened.

[Chern0byl]

Not a pony.

[Hex1337]

thnx its very usefull .

[Eroticus]

The file i promised.

Please scan it in virustotal before using.

Edit: edit the config file, but the ip there and the port (gatewaysrv port), save and start the exe.

Only for education purposes, dont blame me if anybody uses it for something wrong.

Credits goes to Chernobyl, for letting me use his old source.



Thank you.



To the missunderstanding ppl: NOT Cherno abused it, i gave it to friends and sh*t happened.

https://www.virustotal.com/file/cd49...is/1358523902/

Sucks .. and wrong forum go to EPvP.. nub.

[Dizzie]

https://www.virustotal.com/file/cd49...is/1358523902/

Sucks .. and wrong forum go to EPvP.. nub.

Clean file and im a nub? You have a strange way of thinking >.>

[Royalblade]

Clean file and im a nub? You have a strange way of thinking >.>

Some people are just born differently.

But thanks for that fix :)

[lemoniscool]

even without the fix my gatewayserver isnt closing while using your tool on it, it just shows "preparing patch is completed" and after your tool sending ~13 packets i was blocked by simpleFw (by cherno) =)
using br files gateway server btw

[Dizzie]

It was made for vsro 1.188. For those, its completely working.

The program just sends the "patch" packet to the server and it causes a loginserver close, as a normal patch does too. Im pretty sure it can be found in br files too.