Posts: 340
Threads: 27
Thanks Received: 0 in 0 posts
Thanks Given: 0
Joined: Mar 2021
Reputation:
0
1 hour ago, Veni said:
better way is to first remove the wear position from the packet itself. the client does not need to send that info to the server, the server should check and determine that itself.
so in the end you should do something like this:
CItem* item = ch->m_inventory.getItem(packet->tab, packet->invenIndex);
int wearPos;
wearPos = item->m_itemProto->getItemWearing()
// change all packet->wearPos to the varaible like this
if (wearPos < 0 || wearPos >= MAX_WEARING)
{
CNetMsg::SP rmsg(new CNetMsg);
ResponseClient::ItemWearMsg(rmsg, ResponseClient::WEAR_ERR_INVALID_POS);
SEND_Q(rmsg, ch->m_desc);
return ;
}
Sure, you check if it's an "APet", but you dont check if its a normal pet. With this you also dont check if the item is an experience booster.
If you see code like this you should fix it properly and not just half of it
What about:
.
.
.
CItem* item = ch->m_inventory.getItem(packet->tab, packet->invenIndex); // ÀÔ´Â ¾ÆÀÌÅÛ
int wearPos;
wearPos = item->m_itemProto->getItemWearing();
if (packet->wearPos != WEARING_PET && item->IsAPet() || wearPos < 0 || wearPos >= MAX_WEARING)
{
CNetMsg::SP rmsg(new CNetMsg);
ResponseClient::ItemWearMsg(rmsg, ResponseClient::WEAR_ERR_INVALID_POS);
SEND_Q(rmsg, ch->m_desc);
return;
}
.
.
.
Posts: 114
Threads: 3
Thanks Received: 0 in 0 posts
Thanks Given: 0
Joined: Oct 2014
Reputation:
0
That is exactly why its wrong!
You are ONLY checking if the item is "APet" (P2 should be APet far as i know). What if it's an normal Pet? (P1)
On older versions of the game you were even able to equip experience booster etc, at least this should theoretically not work with this one.
Instead of trusting the vulnerable client, you should just check it with the less vulenarble server. That's like letting the client handle damage calculations, which it obviously should not do.
Posts: 340
Threads: 27
Thanks Received: 0 in 0 posts
Thanks Given: 0
Joined: Mar 2021
Reputation:
0
20 minutes ago, Veni said:
That is exactly why its wrong!
You are ONLY checking if the item is "APet" (P2 should be APet far as i know). What if it's an normal Pet? (P1)
On older versions of the game you were even able to equip experience booster etc, at least this should theoretically not work with this one.
Instead of trusting the vulnerable client, you should just check it with the less vulenarble server. That's like letting the client handle damage calculations, which it obviously should not do.
So we should check if the item is p1 too ? I don't understanding what does mean "you should just check it with the less vulenarble server."?
note: i probably don't understand everything cause i don't know what is this "dmg hack (with apets)"
Posts: 114
Threads: 3
Thanks Received: 0 in 0 posts
Thanks Given: 0
Joined: Oct 2014
Reputation:
0
Last chaos does not check what you are trying to equip properly.
So normally you just put on armor/weapons/accs, but with this you will instead wear a pet im the weapon slot.
This will throw off damage calcs and give you like 900k attack.
And this only works because the client tells the server "hey I'm a wearable" and Server is just like "sure, uhm I guess you are a weapon?"
So instead of that scenario, let the server set the wear position.
Posts: 2
Threads: 0
Thanks Received: 0 in 0 posts
Thanks Given: 0
Joined: May 2021
Reputation:
0
2 hours ago, Veni said:
better way is to first remove the wear position from the packet itself. the client does not need to send that info to the server, the server should check and determine that itself.
so in the end you should do something like this:
CItem* item = ch->m_inventory.getItem(packet->tab, packet->invenIndex);
int wearPos;
wearPos = item->m_itemProto->getItemWearing()
// change all packet->wearPos to the varaible like this
if (wearPos < 0 || wearPos >= MAX_WEARING)
{
CNetMsg::SP rmsg(new CNetMsg);
ResponseClient::ItemWearMsg(rmsg, ResponseClient::WEAR_ERR_INVALID_POS);
SEND_Q(rmsg, ch->m_desc);
return ;
}
Sure, you check if it's an "APet", but you dont check if its a normal pet. With this you also dont check if the item is an experience booster.
If you see code like this you should fix it properly and not just half of it
Checking for normal pet is done somewhere else ?
And yeah, you're right; it was just a quick fix
Posts: 340
Threads: 27
Thanks Received: 0 in 0 posts
Thanks Given: 0
Joined: Mar 2021
Reputation:
0
32 minutes ago, Veni said:
Last chaos does not check what you are trying to equip properly.
So normally you just put on armor/weapons/accs, but with this you will instead wear a pet im the weapon slot.
This will throw off damage calcs and give you like 900k attack.
And this only works because the client tells the server "hey I'm a wearable" and Server is just like "sure, uhm I guess you are a weapon?"
So instead of that scenario, let the server set the wear position.
so we should recode the entire function i guess and devide type per type .... (this kind of hack is used throw the PackEditor?) hmm ...
Posts: 17
Threads: 2
Thanks Received: 0 in 0 posts
Thanks Given: 0
Joined: Jan 2021
Reputation:
0
Hi guys. This is my code for it. Checking the type of weapon. Whether the item is a weapon or not =).
- in doFuncItem.cpp
void do_ItemWear(CPC* ch, CNetMsg::SP& msg)
after:
case WEARING_ACCESSORY3:
{
int nOldState = ch->GetPlayerState();
ch->ResetPlayerState(PLAYER_STATE_SUPPORTER);
int i;
for (i = WEARING_ACCESSORY1; i <= WEARING_ACCESSORY3; i++)
{
if (ch->m_wearInventory.wearItemInfo[i])
{
if (ch->m_wearInventory.wearItemInfo[i]->m_itemProto->getItemIndex() == 1912)
ch->SetPlayerState(PLAYER_STATE_SUPPORTER);
}
}
if (nOldState != ch->GetPlayerState())
{
CNetMsg::SP rmsg(new CNetMsg);
ExPlayerStateChangeMsg(rmsg, ch);
ch->m_pArea->SendToCell(rmsg, ch, true);
}
}
break;
adding 1 more case:
case WEARING_WEAPON: // DmitryGreen
{
if (ch->m_wearInventory.wearItemInfo[WEARING_WEAPON]->m_itemProto->getItemTypeIdx() != ITYPE_WEAPON)
{
LOG_ERROR("HACKING? Error with slot Weapon charIndex[%d]", ch->m_index); // fix Weapon/Pet slot
ch->m_desc->Close("Invalid type WEAPON");
if (!ch->m_wearInventory.DelNormalItem(2))
ch->m_wearInventory.RemoveItem(2);
}
}
break;
Posts: 340
Threads: 27
Thanks Received: 0 in 0 posts
Thanks Given: 0
Joined: Mar 2021
Reputation:
0
7 hours ago, Dimaflash said:
Hi guys. This is my code for it. Checking the type of weapon. Whether the item is a weapon or not =).
- in doFuncItem.cpp
void do_ItemWear(CPC* ch, CNetMsg::SP& msg)
after:
case WEARING_ACCESSORY3:
{
int nOldState = ch->GetPlayerState();
ch->ResetPlayerState(PLAYER_STATE_SUPPORTER);
int i;
for (i = WEARING_ACCESSORY1; i <= WEARING_ACCESSORY3; i++)
{
if (ch->m_wearInventory.wearItemInfo[i])
{
if (ch->m_wearInventory.wearItemInfo[i]->m_itemProto->getItemIndex() == 1912)
ch->SetPlayerState(PLAYER_STATE_SUPPORTER);
}
}
if (nOldState != ch->GetPlayerState())
{
CNetMsg::SP rmsg(new CNetMsg);
ExPlayerStateChangeMsg(rmsg, ch);
ch->m_pArea->SendToCell(rmsg, ch, true);
}
}
break;
adding 1 more case:
case WEARING_WEAPON: // DmitryGreen
{
if (ch->m_wearInventory.wearItemInfo[WEARING_WEAPON]->m_itemProto->getItemTypeIdx() != ITYPE_WEAPON)
{
LOG_ERROR("HACKING? Error with slot Weapon charIndex[%d]", ch->m_index); // fix Weapon/Pet slot
ch->m_desc->Close("Invalid type WEAPON");
if (!ch->m_wearInventory.DelNormalItem(2))
ch->m_wearInventory.RemoveItem(2);
}
}
break;
Really nice!
I've also added this line of code:
after:
void do_ItemWear(CPC* ch, CNetMsg::SP& msg)
add:
if (packet->wearPos != item->m_itemProto->getItemWearing())
{
CNetMsg::SP rmsg(new CNetMsg);
ResponseClient::ItemWearMsg(rmsg, ResponseClient::WEAR_ERR_INVALID_POS);
SEND_Q(rmsg, ch->m_desc);
return;
}
Posts: 7
Threads: 1
Thanks Received: 0 in 0 posts
Thanks Given: 0
Joined: Sep 2013
Reputation:
0
C:\Users\lolmo\SourceNovember+Fixes\Server\SubHelper\SubHelper.vcxproj : error : The imported project "C:\Users\lolmo\Users\Dethunter12\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\Downloads\server1.props" was not found. Confirm that the path in the <Import> declaration is correct, and that the file exists on disk. C:\Users\lolmo\SourceNovember+Fixes\Server\SubHelper\SubHelper.vcxproj
C:\Users\lolmo\SourceNovember+Fixes\Server\ShareLib\ShareLib.vcxproj : error : The imported project "C:\Users\lolmo\Users\Dethunter12\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\Downloads\server1.props" was not found. Confirm that the path in the <Import> declaration is correct, and that the file exists on disk. C:\Users\lolmo\SourceNovember+Fixes\Server\ShareLib\ShareLib.vcxproj
Help
Posts: 603
Threads: 73
Thanks Received: 0 in 0 posts
Thanks Given: 0
Joined: Aug 2011
Reputation:
0
/index.php?/profile/18868-asylum/&do=hovercard" data-mentionid="18868" href="/index.php?/profile/18868-asylum/" rel="">@Asylum did you download the files i put in the post? this issue shouldn't still be occuring it was a configuration from a old source i used. simply remove the lines where it asks for server1.props
|
