Hi,
When I was checking Plus I found a exploit which makes it possible to send queries, drop tables, whatever you like. I noticed that someone finally found out the exploit and I decided to release the fix because this guys just want duck some poop up.
Open the source and follow me.
1). HabboHotel\Items\Wired\Boxes\Effects\BotChangesClothesBox.cs
Find:
Replace:
And to be sure:
2). Communication\Packets\Incoming\Rooms\AI\Bots\SaveBotActionEvent.cs
Find:
Replace:
Replace the stuff as seen above in your source and recompile. I'm not going to explain how to execute the exploit because no one has this fixed yet.
More fixes
1). Communication\Packets\Incoming\Rooms\Furni\Wired\SaveWiredConfigEvent.cs
Find:
Replace:
There is a way to change someone elses Wired settings so the code above is the fix.
2). Communication\Packets\Incoming\Catalog\CheckGnomeNameEvent.cs (Thanks to @
Damien Jolly & thanks to
@Shorty for sending me
)
Find:
Replace:
The code above will fix the furni which change in Gnomes & duplicate furni in db.
3). HabboHotel\Users\UserData\UserDataFactory.cs (Thanks to @
Damien Jolly)
Find:
Replace:
Find:
Replace:
PlusEnviroment.cs
Find:
Replace:
Finally run this database query:
The code above will fix logging in someone elses account without password.
There's more, and I will release more fixes later. If you have troubles with someone who is duck some poop up send me a PM
#BTW KEEP SAFE DON'T USE ARTURES/PLUS/ANY OTHER SERVER BUT USE COMET SERVER by @Leon