Redit Posted Saturday at 12:55 AM Share Posted Saturday at 12:55 AM What is the exploit? In CPythonLauncher::RunMemoryTextFile a string is used to compile c_pcFileData, so the exploit starts here: "exec(compile(" Hackers can easily search for the string in memory & compile scripts using the memory adress of c_pcFileData This looks like an intentional backdoor left by one of the game devs or maybe even the leaker of the files "Rain" Why? It's hard to believe anyone would trouble to concatenate so many strings instead of just using Py_CompileString If you pay attention the rest of the code is fine and uses the python api instead of some weird shells Seems like there are still many exploits in m2 Hope you learned something new today, now here is the fix you paid for: //ScriptLib/PythonLauncher.cpp search for: This is the hidden content, please Sign In or Sign Up //replace with this: This is the hidden content, please Sign In or Sign Up 1 Quote Link to comment Share on other sites More sharing options...
Premium xrhstos000 Posted Saturday at 01:14 AM Premium Share Posted Saturday at 01:14 AM hmmm Quote Link to comment Share on other sites More sharing options...
muczor Posted Saturday at 09:31 PM Share Posted Saturday at 09:31 PM ty Quote Link to comment Share on other sites More sharing options...
hesap123a Posted Sunday at 11:14 AM Share Posted Sunday at 11:14 AM thy Quote Link to comment Share on other sites More sharing options...
testo Posted Sunday at 02:01 PM Share Posted Sunday at 02:01 PM ty Quote Link to comment Share on other sites More sharing options...
Riot0x0 Posted 8 minutes ago Share Posted 8 minutes ago ty Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.