Re: mysticdeath.com zombie infection plugin
Quote:
Bless you Sawce! But lets say i ban those steam-ids and then chmod my plugins, wouldnt that stop him from doing anything completely? |
Re: mysticdeath.com zombie infection plugin
Quote:
|
Re: mysticdeath.com zombie infection plugin
Quote:
|
Re: mysticdeath.com zombie infection plugin
1 Attachment(s)
The "function to delete files" was the already stated ability to delete any plugin from the server running the plugin.
Here is a version of the plugin which should have all of the known exploits removed NOTE: I do NOT have the sourcecode, I did NOT decompile the entire plugin (parts of it, though to find the exploit). I wrote a small program to manually "remove" opcodes from the binary file; so I "removed" all of the bad crap from it. If you disassemble it again you'll still see that "delete_file" is in the native list, and his STEAMids / the exploit magic words are in the string tables - that's OK. They are no longer accessed anywhere within the plugin itself though. Also I cannot easily change the version number so you can tell this plugin apart from the bad copy. Lastly, I cannot test this too much, but the little bit I did test it I found no issues, and none of the previously known exploits worked. Let me know of any modification-induced issues. If its a bug with his plugin itself I don't care. (Oh, final note. My tool doesn't remove stuff from the 64bit copy of the plugin and I'd have no way to test it; do not run this under 64bit linux servers - although nobody should be using 64bit anyway) |
Re: mysticdeath.com zombie infection plugin
1 Attachment(s)
Lastly, here's the small tool I wrote to work with the opcodes. I do not have cygwin installed and I don't feel like setting up MSVC for a project for this, so you only get the source. It should build with minimal effort on a Linux environment.
|
Re: mysticdeath.com zombie infection plugin
You're loosing your time by doing that ... It's only for the challenge ? ^^
|
Re: mysticdeath.com zombie infection plugin
I'm like a gpl sheriff or something.
The time would just be spent on wow anyway. |
Re: mysticdeath.com zombie infection plugin
FOR THE HORDE!!!! uhh i mean go sawce!!!!
|
Re: mysticdeath.com zombie infection plugin
errrr...fixing that version was a bit of a waste since it is not the newest one out... I already posted about that but it was lost in these 13 pages somewhere...
i also recall vgg125 saying that he could his hands on the binary of the v3.00 of this plugin though |
Re: mysticdeath.com zombie infection plugin
MD says (the stuff in [quote] is what he says, the others are stuff that he quoted)
Quote:
Many people believe that the spirit of the GNU project is that you should not charge money for distributing copies of software, or that you should charge as little as possible — just enough to cover the cost. Actually we encourage people who redistribute free software to charge as much as they wish or can. Does the GPL allow me to sell copies of the program for money? Yes, the GPL allows everyone to do this. The right to sell copies is part of the definition of free software. Except in one special situation, there is no limit on what price you can charge. (The one exception is the required written offer to provide source code that must accompany binary-only release.) Quote:
Does the GPL allow me to charge a fee for downloading the program from my site? Yes. You can charge any fee you wish for distributing a copy of the program. If you distribute binaries by download, you must provide “equivalent access” to download the source—therefore, the fee to download source may not be greater than the fee to download the binary. Quote:
Quote:
No. However, if someone pays your fee and gets a copy, the GPL gives them the freedom to release it to the public, with or without a fee. For example, someone could pay your fee, and then put her copy on a web site for the general public. Quote:
i say: so if we asked for it he would have given it? |
| All times are GMT -4. The time now is 08:32. |
Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.