Jump to content
Metin2 Network
Create New...

Leaderboard

Popular Content

Showing content with the highest reputation on 11/03/2024 in all areas

  1. [Hidden Content] [Hidden Content] [Hidden Content] enjoy more than 3000systems goodluck all free [Hidden Content] soon I release my version 4.0 serverfiles free stay tuned in the discord
    6 points
  2. [Hidden Content] here is a lot usefull uploads
    2 points
  3. 2 points
  4. Download: [Hidden Content]
    2 points
  5. Only the Update if someone have older files he can use the update v6 [Hidden Content]
    1 point
  6. What is the exploit? In CPythonLauncher::RunMemoryTextFile a string is used to compile c_pcFileData, so the exploit starts here: "exec(compile(" Hackers can easily search for the string in memory & compile scripts using the memory adress of c_pcFileData This looks like an intentional backdoor left by one of the game devs or maybe even the leaker of the files "Rain" Why? It's hard to believe anyone would trouble to concatenate so many strings instead of just using Py_CompileString If you pay attention the rest of the code is fine and uses the python api instead of some weird shells Seems like there are still many exploits in m2 Hope you learned something new today, now here is the fix you paid for: //ScriptLib/PythonLauncher.cpp search for: bool CPythonLauncher::RunMemoryTextFile(const char* c_szFileName, UINT uFileSize, const VOID* c_pvFileData) //replace with this: bool CPythonLauncher::RunMemoryTextFile(const char* c_szFileName, UINT uFileSize, const VOID* c_pvFileData) { const CHAR* c_pcFileData = (const CHAR*)c_pvFileData; std::string stConvFileData; stConvFileData.reserve(uFileSize); for (UINT i = 0; i < uFileSize; ++i) { if (c_pcFileData[i] != 13) stConvFileData += c_pcFileData[i]; } const CHAR* c_pcConvFileData = stConvFileData.c_str(); PyObject* pCompiledCode = Py_CompileString(c_pcConvFileData, c_szFileName, Py_file_input);//fix if (!pCompiledCode) return false; PyObject* pResult = PyEval_EvalCode((PyCodeObject*)pCompiledCode, m_poDic, m_poDic); Py_DECREF(pCompiledCode);//ref c if (!pResult) return false; Py_DECREF(pResult); if (Py_FlushLine()) PyErr_Clear(); return true; }
    1 point
  7. 1 point
  8. Download: Dracarys Renewal Loading_Aeldra.rar
    1 point
  9. 1 point
  10. 1 point
  11. Downloadlink: [Hidden Content]
    0 points
×
×
  • Create New...

Important Information

Terms of Service

Write what you are looking for and press enter or click the search icon to begin your search