[Tut] Patching Packet Edits Guide
Patching Packet Edits Guide
I'm going to show you how to patch packet edits and how
to find them. I will do this by using 2 already patched packet
edits as an example and once you understand how they work you
can continue on patching more by yourself.
Before we start you got to understand how integers work.
The int data type has a minimum value of -2,147,483,648 and a maximum value of 2,147,483,647.
Meso Drop Dupe:
The code for the MesoDropHandler.java is the following:
Code:
public class MesoDropHandler extends AbstractMaplePacketHandler {
public MesoDropHandler() {
}
public void handlePacket(SeekableLittleEndianAccessor slea, MapleClient c) {
c.getPlayer().resetAfkTime();
slea.readInt(); // i don't know :)
int meso = slea.readInt();
if (!c.getPlayer().isAlive() || c.getPlayer().getCheatTracker().Spam(500, 2)) {
c.getSession().write(MaplePacketCreator.enableActions());
return;
}
if (meso <= c.getPlayer().getMeso() && meso >= 10 && meso <= 50000) {
c.getPlayer().gainMeso(-meso, false, true);
c.getPlayer().getMap().spawnMesoDrop(meso, meso, c.getPlayer().getPosition(), c.getPlayer(), c.getPlayer(), false);
} else {
c.getPlayer().gainMeso(-c.getPlayer().getMeso());
}
}
}
With a simple glance we don't see anything wrong.
With a second look we see this.
After the else statement it has.
Code:
c.getPlayer().gainMeso(-c.getPlayer().getMeso());
Nothing bad so far since this check is most likely to take the
amount of mesos that is being attempt to be dropped and subtract
it to the players mesos which will end setting the players mesos
to 0.
However, if they packet edit they can somewhat break this code
and do something simple as dropping a negative number. Whats the
big problem you may say? Well we are already doing this
Code:
-c.getPlayer().getMeso())
We are already subtracting, negative and a negative gives you a positive!
Therefore they will gain instead of losing mesos.
Fixing this packet edit
Lets make it do something else!
Since the first check of this code already checks for the following:
Mesos is <= what the player has.
Mesos is >= to 10. (10 is the minimum allow to be dropped by a client).
Mesos is <= to 50,000. (50k is the maximum allow to be dropped by a client).
So this means that the only way the system will go to the else statement
is if the player is packet editing. This makes it safe for us to mess with them.
You can either ban them or show an error message, but personally this is what I did.
Code:
c.getPlayer().setMeso(0);
This sets their mesos to 0 regardless of the amount that is being attempted to be dropped.
Simply this cannot be tampered with.
There's your fix!
Merchants getting items stole packet edit:
Part of the code for the PlayerInteractionHandler.java is the following:
Code:
} else if (mode == Action.TAKE_ITEM_BACK.getCode() || mode == Action.REMOVE_ITEM.getCode()) {
int slot = slea.readShort();
IPlayerInteractionManager shop = c.getPlayer().getInteraction();
if (shop != null) {
MaplePlayerShopItem item = shop.getItems().get(slot);
if (item.getBundles() > 0) {
IItem iitem = item.getItem();
iitem.setQuantity(item.getBundles());
MapleInventoryManipulator.addFromDrop(c, iitem);
}
shop.removeFromSlot(slot);
c.getSession().write(MaplePacketCreator.shopItemUpdate(shop));
}
I know you all wondering and asked me about this, but this is
VERY easy as you will see, but sorry to have to slow your horses
down a bit since after all I'm trying to teach you something and
not show fixes right away.
We are going to look at this from the beginning point of view.
So a player tells you that items are disappearing from their shops. However the shops aren't automatically close so we know
they where not purchase. Now lets think, ways of getting
an item from a shop are:
A. Purchase
B. Player closing the shop.
C. Removing the item while maintaining the shop.
So if you check those 3 options on the file (didn't include to make this short)
you will see that 2 of them are very safe and can't be fooled except for
option C.
Why? Simple this option checks for the following:
1) That the shop is open.
2) If the item is in a bundle. (By this point the safety checks should of already happened)
[PE User] Lets try to remove the item as if this was my shop...
System check, "Oh the shop is on...and the item is not a bundle...here you go".
A simple check can stop this.
Add:
Code:
&& shop.isOwner(c.getPlayer())
So it should look like this.
Code:
if (shop != null && shop.isOwner(c.getPlayer()))
This will make the system check if you are the owner of the shop before
withdrawing the item.
That's about it!
------------------------------------------------------------------------------------------------------
You only learn how to patch this packet edits by seen how they work and
what they do. Usually players will report some that affects them.
Normally you have to watch your server to find abnormalities.
Not sure about something? Post it here, I'm here to help.
If I don't reply to you soon someone will, don't be shy.
Thank me if you'd like.
Re: [Tut] Patching Packet Edits Guide
Re: [Tut] Patching Packet Edits Guide
Haha you're a legend :).
I never knew my code was that insecure, at the time feature > security/stability.
Re: [Tut] Patching Packet Edits Guide
Thanks glad you guys like it.
Re: [Tut] Patching Packet Edits Guide
This guide is a savior. And you my friend are either a new legend or just a plain legend that ive never met before. Lol
~becool
Thanks +1
Re: [Tut] Patching Packet Edits Guide
Nice! Thanks for this. ^^
Re: [Tut] Patching Packet Edits Guide
Re: [Tut] Patching Packet Edits Guide
Re: [Tut] Patching Packet Edits Guide
good tut, so how would i go about patching the PE for players to make themselves a GM? cause i've had it once to me before and they tried to ban me and alot of my players... /epic fail, but it still annoyed me
Re: [Tut] Patching Packet Edits Guide
so.. basically if they drop any amount of positive mesos, it will go to 0?
Or just if they try to drop negative mesos.
Re: [Tut] Patching Packet Edits Guide
@Green4ever
this is not PE LOL!!
it's called "exploits implemented by the developers so noobs don't get cool servers"
Re: [Tut] Patching Packet Edits Guide
Quote:
Originally Posted by
Green4ever
good tut, so how would i go about patching the PE for players to make themselves a GM? cause i've had it once to me before and they tried to ban me and alot of my players... /epic fail, but it still annoyed me
That's an exploit not a PE. I made a guide about it go find it.
Re: [Tut] Patching Packet Edits Guide
so how would I set that up?
Code:
public class MesoDropHandler extends AbstractMaplePacketHandler {
public MesoDropHandler() {
}
public void handlePacket(SeekableLittleEndianAccessor slea, MapleClient c) {
c.getPlayer().resetAfkTime();
slea.readInt(); // i don't know :)
int meso = slea.readInt();
if (!c.getPlayer().isAlive() || c.getPlayer().getCheatTracker().Spam(500, 2)) {
c.getSession().write(MaplePacketCreator.enableActions());
return;
}
if (meso <= c.getPlayer().getMeso() && meso >= 10 && meso <= 50000) {
c.getPlayer().gainMeso(-meso, false, true);
c.getPlayer().getMap().spawnMesoDrop(meso, meso, c.getPlayer().getPosition(), c.getPlayer(), c.getPlayer(), false);
} else {
c.getPlayer().gainMeso(-c.getPlayer().getMeso());
}
}
}
With
Code:
public class MesoDropHandler extends AbstractMaplePacketHandler {
public MesoDropHandler() {
}
public void handlePacket(SeekableLittleEndianAccessor slea, MapleClient c) {
c.getPlayer().resetAfkTime();
slea.readInt(); // i don't know :)
int meso = slea.readInt();
if (!c.getPlayer().isAlive() || c.getPlayer().getCheatTracker().Spam(500, 2)) {
c.getSession().write(MaplePacketCreator.enableActions());
return;
}
if (meso <= c.getPlayer().getMeso() && meso >= 10 && meso <= 50000) {
c.getPlayer().gainMeso(-meso, false, true);
c.getPlayer().getMap().spawnMesoDrop(meso, meso, c.getPlayer().getPosition(), c.getPlayer(), c.getPlayer(), false);
} else {
c.getPlayer().gainMeso(-c.getPlayer().getMeso());
c.getPlayer().setMeso(0);
}
}
}
Re: [Tut] Patching Packet Edits Guide
really nice xiuzsu now all i got to do is figure some way out when ppl advertise their servers thru hired merchants hmm... I want to stop dem fags lol
Re: [Tut] Patching Packet Edits Guide
keroh93 remove this.
Code:
c.getPlayer().gainMeso(-c.getPlayer().getMeso());
