Junior Spellweaver
- Joined
- Feb 14, 2013
- Messages
- 129
- Reaction score
- 1
// Patch
if (MGetBlobArraySize(pLoginParam) != (8 + MAX_MD5LENGH)) {
break;
}
LOG(LOG_PROG, "Dump: %i - %i\n", MGetBlobArraySize(pLoginParam), MAX_MD5LENGH);
char *szEncryptMD5Value = (char *)MGetBlobArrayElement(pLoginBlob, 0);
if(strlen(szEncryptMD5Value) > MAX_MD5LENGH) //Exploit patch
break;
Code:char *szEncryptMD5Value = (char *)MGetBlobArrayElement(pLoginBlob, 0); if(strlen(szEncryptMD5Value) > MAX_MD5LENGH) //Exploit patch break;
Where did that 8 come from?
Just ask : Have you build MatchServer.exe? not only Gunz.exe.// Patch
if (MGetBlobSize(pLoginParam) != (8 + MAX_MD5LENGTH)) {
break;
}
LOG(LOG_PROG, "Dump: %i - %i\n", MGetBlobArraySize(pLoginParam), MAX_MD5LENGH);
CORRECT?
fail to compile :\
Oh right..Blob header. But I'm not sure whether it should be 8 or 12.
unsigned char* pBlob = new unsigned char[sizeof(nOneBlobSize)+sizeof(nBlobCount)+nOneBlobSize*nBlobCount];
If you not going to use MD5 check, the most good way is just remove that MD5 exploit patch.I compiled the two MatchServer and theduel.exe, going back to the same old code; \ nothing works.
Oh right..
It should be 8 indeed (nOneBlobSize and nBlobCount are integers).Code:unsigned char* pBlob = new unsigned char[sizeof(nOneBlobSize)+sizeof(nBlobCount)+nOneBlobSize*nBlobCount];
LOG(LOG_PROG, "Dump: %i - %i\n", MGetBlobArraySize(pLoginParam), MAX_MD5LENGH);
Dump: 197905768 - 16Would you mind posting the output of
PHP:LOG(LOG_PROG, "Dump: %i - %i\n", MGetBlobArraySize(pLoginParam), MAX_MD5LENGH);
So I can verify?
Dump: 197905768 - 16
I think something went wrong.
Yeah figured. Anyways the real problem you're facing is that you've used the wrong variable.Yeah, I guess. Your method using strlen() wouldn't work either considering the MD5 hash is not zero terminated.
Yeah figured. Anyways the real problem you're facing is that you've used the wrong variable.
pLoginParam should be pLoginBlob.I didn't test any of the patches as I don't have anything related to GunZ anymore other than the sourcecode. Yeah, I should be using pLoginBlob rather than pLoginParam.
MCommandParameter* pLoginParam = pCommand->GetParameter(4);
if (pLoginParam->GetType() != MPT_BLOB) break;
void *pLoginBlob = pLoginParam->GetPointer();
pLoginParam should be pLoginBlob.
Code:MCommandParameter* pLoginParam = pCommand->GetParameter(4); if (pLoginParam->GetType() != MPT_BLOB) break; void *pLoginBlob = pLoginParam->GetPointer();
af now ta giving another error I get in if I click in gunz out, and log in again is my second character in the lobby, and if I keep leaving and entering the amount goes up WTF?
patch 11, return to old code?