Release: PW 1.5.5 v156 with mole disabled

[Milos]

A huge thank you to @Fyyre for editing these bins to disable the wanmei mole for me, and for granting me permission to release them. The attached 7z contains a patched gdeliveryd and gamedbd with the mole disabled. Enjoy

edit: it was brought to my attention that the link no longer works so i have removed it from the post, this weekend when i have more time i'll connect my external drive and find the files and upload them again and update this post with a new link.

edit2: thanks to wrechid finding a copy of it, i now have a new link for all of you
and a thank you to discord for having such an easy to use cdn to host this for me

https://cdn.discordapp.com/attachmen...moleremoved.7z
and a google drive link thanks to @Mistigri
https://drive.google.com/file/d/1UGl...usp=share_link

[MentaL]

[kisswdev]

Working in ubuntu 18.04 ? Or under 14.04 and debian 8

[Milos]

Working in ubuntu 18.04 ? Or under 14.04 and debian 8

it's running flawlessly for me on ubuntu server 20.04.2

[343]

Thank you to all involved on this, it has been added for *all* versions in my release

[beta11n]

What's the mole about?

[Milos]

What's the mole about?

it's a backdoor that allows wanmei to connect to your sever and get a root shell where they can do anything they want.

[343]

What's the mole about?

it's a backdoor that allows wanmei to connect to your sever and get a root shell where they can do anything they want.

This and or malicious "releasers" who have "inserted" their own KEY..!

[beta11n]

if wanmei can, so can anyone. What pw versions are affected?

[343]

What's the mole about?

it's a backdoor that allows wanmei to connect to your sever and get a root shell where they can do anything they want.

if wanmei can, so can anyone. What pw versions are affected?

All...

[beta11n]

I diffed this binary with the original - and yeah, there seems to be an alternative mean of authorization and then executing any string in shell

but 1.3.6 doesn't seem to have any of this code - there's no trace of DomainDaemon or DomainCmd in gdeliveryd. Not even a single popen() referenced.

I'm still going to check the gs

- - - Updated - - -

I meant gamedbd, not gs. I can't find a 1.3.6 binary with debug symbols and there's quite a few system() calls inside, but a quick look at the sources suggests all of those calls are legit.

imho 1.3.6 is safe

[Psytrac]

if wanmei can, so can anyone. What pw versions are affected?

without going into too much detail.. binaries released to this point all have the same wanmei key in them, which no one but wanmie has. ALL versions of PW, FW and JD are effected, the 1.3.8 world2 release is not. (due to it not being meant to get out of china, it does NOT have this backdoor)

- - - Updated - - -

I diffed this binary with the original - and yeah, there seems to be an alternative mean of authorization and then executing any string in shell

but 1.3.6 doesn't seem to have any of this code - there's no trace of DomainDaemon or DomainCmd in gdeliveryd. Not even a single popen() referenced.

I'm still going to check the gs

- - - Updated - - -

I meant gamedbd, not gs. I can't find a 1.3.6 binary with debug symbols and there's quite a few system() calls inside, but a quick look at the sources suggests all of those calls are legit.

imho 1.3.6 is safe

The GS has nothing to do with it. it's gdelivery and gamedbd

[Milos]

without going into too much detail.. binaries released to this point all have the same wanmei key in them, which no one but wanmie has. ALL versions of PW, FW and JD are effected, the 1.3.8 world2 release is not. (due to it not being meant to get out of china, it does NOT have this backdoor)

- - - Updated - - -



The GS has nothing to do with it. it's gdelivery and gamedbd

both of you are correct, 343 looked into the sourcecode for 1.3.6 and it looks like 1.3.6 and older do not have the DomainCommand (mole) code in them

[Psytrac]

both of you are correct, 343 looked into the sourcecode for 1.3.6 and it looks like 1.3.6 and older do not have the DomainCommand (mole) code in them

it's not 1.3.6, but let's not get not that argument. it's actually as old, if not older than 1.3.1

we also do not have source, we only have source from v62/v66 and higher

[343]

To elaborate a little, correct; (what we call) v136 - well, we don't have an unstripped gamedbd - so not much can be done there (I sure in the hell ain't pokin around looking for it without all the debug symbols)! Though I can say, since the gdeliveryd does have debug info, it does appear that there is NO references to "DomainDaemon" - in what we call 136!

[beta11n]

@343 if you search the newer gamedbd for all popen(), exec*(), or system() calls, you will find some exec() used exactly and only by the DomainDaemon - those are used to execute any custom string the shell. If you search 1.3.6 gamedbd there is no exec*() whatsoever.