Menu
What's new
RunUO Community

This is a sample guest message. Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!

Serious Bug In PacketHandlers.cs

Status
Not open for further replies.
A

autumntwilight

Sorceror
Serious Bug In PacketHandlers.cs

It appears there's a huge flaw in PacketHandlers.cs. Players can edit packets with a packet editor when naming a character that throw the server into a crash. I have no fix for this bug. I am seeking assistance on how to fix it myself.
 
Z

ZaSz-RH

Wanderer
http://article.gmane.org/gmane.comp.games.ultimaonline.sunuo/106

In Network\PacketHandlers.cs at line 1969, change:
Code: 
Console.WriteLine( cityIndex );
Console.WriteLine( info.Length );
Console.WriteLine( "New character name: '{0}'", name );
state.Dispose();
for:
Code: 
Console.WriteLine( cityIndex );
if ( info != null )
      Console.WriteLine( info.Length );
Console.WriteLine( "New character name: '{0}'", name );
state.Dispose();
And it should work.

I saw there were also the source of a C program to exploit that flaw somewhere on the net.
 
W

WarAngel

Wanderer
That doesn't require the posting of the actual exploit itself. A lot of people will use a dangerous tool if it's handed to them. You would be suprised at how many people will see this exploit and use it. If you think I'm wrong, then you obviously have not played on a shard with an exploitable situation before. I don't see how it was required at all.
 
T

Tannis

Knight
WarAngel said:
That doesn't require the posting of the actual exploit itself. A lot of people will use a dangerous tool if it's handed to them. You would be suprised at how many people will see this exploit and use it. If you think I'm wrong, then you obviously have not played on a shard with an exploitable situation before. I don't see how it was required at all.
Click to expand...
Agreed! And I guess I can't post less than 10 characters, so here's the other few I needed.
 
W

WarAngel

Wanderer
Thanks ZaSz. Better off to leave the chance that they won't figure out where the exploit really is, if they don't notice the site hosting it or anything. ;-)
 
R

Ravatar

Knight
I'd have to say I'm a fan of the "security bulletin" approach. Make the exploit public and raise the awareness. That will force a fix to be released much sooner, and people will know WHY their servers are crashing.

If someone was "smart" about it, they'd create a worm that browses the UO Gateway server list and randomly crashes servers from a range of different remote computers.
 
W

WarAngel

Wanderer
Making exploits/hacks widely available is a terrible way to force people to update their servers and/or get fixes. I can't believe you'd even suggest that, or the second part of your post.
 
IHaveRegistered

IHaveRegistered

Knight
WarAngel said:
Making exploits/hacks widely available is a terrible way to force people to update their servers and/or get fixes. I can't believe you'd even suggest that, or the second part of your post.
Click to expand...

How was he suggesting it? He said someone COULD do that, which is why we need to stop it...
 
W

WarAngel

Wanderer
Bleh, I didn't mean suggest the second part, I meant suggest the first part. I meant that I couldn't believe he'd even post the second part.
 
Z

ZaSz-RH

Wanderer
Anyway, smart people are able to create it or find it if they really want to...
This thread is about the fix, and the fix was posted. Fix your shard and have a nice day! :)
 
X

xir

Wanderer
The "exploit" is kind of obvious from the posted fix. How about checking for the exploit, log the attempt and autoblock the ip address?
 
O

Ohms_Law

Wanderer
From: http://www.opensource.org/advocacy/faq.php

Doesn't closed source help protect against crack attacks?

This is exactly backwards, as any cryptographer will tell you. Security through obscurity just does not work.
The reason it doesn't work is that security-breakers are a lot more motivated and persistent than good guys (who have lots of other things to worry about). The bad guys will find the holes whether source is open or closed (for a perfect recent example of this see The Tao of Windows Buffer Overflow).
Closed sources do three bad things. One: they create a false sense of security. Two: they mean that the good guys will not find holes and fix them. Three: they make it harder to distribute trustworthy fixes when a hole is revealed.
In fact, open-source operating systems and applications are generally much more security-safe than their closed-source counterparts. When the "Ping o' Death" exploit was revealed in 1997 (for example) Linux had fix patches within hours. Closed-source OSs didn't plug the hole for months.
Alan Cox has written an excellent article on The Risks of Closed Source Computing.


Simply substitute the word "source" with "posting exploits".
look, the only point I'm making is how in the world are we (honest, non-expoiting, Admins/GameMasters/Coders) supposed to battle against a bunch of script kiddies when we have no clue what in the world there doing?
Note that this isn't a comment on the original problem and/or the proposed fix. I've simply been doing some reading on www.opensource.org reacently, and this caught my eye.
 
K

Kamron

Knight
As a note, since the networking has been recoded somewhat for the next version, I do not believe this is inherently a problem.

As for the fix, your post is fine.

In terms of closed source vs open source. This is not a concern for C#, as we have seen with dolts like the Russians, you can illegally decompile closed source code (especially C#) if you really wanted to, and not even obfustruction will stop it. The only thing that obfustruction will do, is make the program slower.

In my opinion, this debate should be over. The fix is fine until the release of the next version, and there is nothing wrong with this thread.
 
Status
Not open for further replies.
Top