Secure Wlserver Against "extasis"

tommu00 · Post by **tommu00** » Mon Dec 19, 2005 10:37 pm

yada yada, i didnt have time atm to check if there are any new magnificent
ways to protect your worldlogserver from unauthorized connections, besides
my last "worlogfilter" err heres the topic url, page 2(scroll a bit down):
<a href='index.php?showtopic=4093&hl=filter&st=25' target='_blank'>index.php?...hl=filter&st=25</a>

that didnt earn much "yawn" if i could say so, and the url became wasted so i
post here "new" url to it: <a href='http://members.tiscali.fi/tommi00/World ... Filter.zip' target='_blank'>http://members.tiscali.fi/tommi00/World ... ter.zip</a>

BUT to the new method, its here: <a href='http://members.surfeu.fi/tommi00/wlpatsh_v3.zip' target='_blank'>http://members.surfeu.fi/tommi00/wlpatsh_v3.zip</a>
its nifty executable patcher which launches WorldLogServer when you start
patsh.exe, patches it so that it tried memory compare on
WLServer.cfg with the ip address of the hgserver connecting to your worldlogserver

and if match is found, it allows it, otherwise it goes failed =)

be sure to understand this: it matches the ip against wlserver.cfg as a one
string, so every ip which matches the connecting user's ip, will be allowed
(gateserver ip = blaablaa) will be accepted

(lazy, hurry, well generally
you dont add foreigner's ip's to wlserver.cfg)

if you want to disallow some ip, remove it completely from wlserver.cfg
if the patch cannot open wlserver.cfg for one reason or another, it will
allow every hgserver, be sure to try connecting to it yourself

**********************

usage: extract <a href='http://members.surfeu.fi/tommi00/wlpatsh_v3.zip' target='_blank'>http://members.surfeu.fi/tommi00/wlpatsh_v3.zip</a>
to your worldlogserver's folder, rename your worldlogserver to
_3WorldLServer.exe
and then start patsh.exe and voila (pray that you have even remotely same
kind of worldlogserver as i do, my wlserver's size is 106496bytes

i'm no expert in asm so it might crash but as far as i tested it, it did not
(well not anymore, at _last_

**********************

from. >_<

UPDATE!!!!!! I released version 2 (v2) as I noted BIG FREAKIN' mistake >:(
It let hgservers pass through due to a *drum drum* bug!

Now this wlpatsh_v2.zip does not do it, it also makes check so it can't
be crashed if hgserver sends its information as "zero". Keep posted, if I
find new bugs, I'll try to fix them (hope there's none anymore)

--------

Update!
After friggin stupid wlpatsh-hbhax overwriting-confusion(I just woke up), I managed to put this wlpatsh_v3.zip in the correct thread and correct .zip file..

It should have fixed those crashed on different os'es as it now relocates those functions it's using and doesn't just jump there assuming its in X.
Download the new version: <a href='http://members.surfeu.fi/tommi00/wlpatsh_v3.zip' target='_blank'>http://members.surfeu.fi/tommi00/wlpatsh_v3.zip</a>

Thanks for the patience.

RageIlluminati · Post by **RageIlluminati** » Mon Dec 19, 2005 11:28 pm

about what version files we are talking about?

locobans · Post by **locobans** » Tue Dec 20, 2005 4:02 am

Nice thx B)

tommu00 · Post by **tommu00** » Tue Dec 20, 2005 6:06 pm

dont know wlserver's real version but my hgserver's 3.51 (i suppose & i suppose
i'm out of date) but most probably all non-sql hgservers use the "same" wlserver

so... 3.51? :p 2.20? :p

locobans · Post by **locobans** » Fri Dec 23, 2005 3:35 am

Will this stop all connections to WorldServer with HGServers...

What about character uploading? like a person can upload his entire file into your server :unsure:

tommu00 · Post by **tommu00** » Fri Dec 23, 2005 10:12 am

I don't know about new (or old) hacks that can upload your character file
to server but I suppose that It's done via making some kind og HGServer
connection with the WLServer and if this is the case, then this patch will most
likely block it (unless I made mistakes while coding) but as far as I checked this,
it blocked every connection to WLServer whose real remote Ip address is
not in WLServer.cfg. (And remember that the Ip is searched from WLServer.cfg
as if WLServer.cfg's whole content would be one string, so it doesnt matter
if the ip is commented in there or part of some other line, Ip that's found
in WLServer.cfg will be allowed to connect.)

So in short: yes as far as I know

tommu00 · Post by **tommu00** » Fri Dec 23, 2005 2:04 pm

UPDATE!!!!!! I released version 2 (v2) as I noted
BIG FREAKIN' mistake >:(

It let hgservers pass through due to a *drum drum* bug!

Now this wlpatsh_v2.zip does not do it, it also makes check
so it can't be crashed if hgserver sends its information as
"zero".

Keep posted, if I find new bugs, I'll try to fix them (hope there's none anymore)

The url is (altought I modified it already in the first post):
<a href='http://members.surfeu.fi/tommi00/wlpatsh_v2.zip' target='_blank'>http://members.surfeu.fi/tommi00/wlpatsh_v2.zip</a>

GoldenBoy · Post by **GoldenBoy** » Fri Dec 23, 2005 2:25 pm

against extasis?! wtf?

popic · Post by **popic** » Fri Dec 23, 2005 2:38 pm

GoldenBoy wrote: against extasis?! wtf?

lol the hacked hg is also called "extasis hack", dunno why.
it's not against extasis though lol.

locobans · Post by **locobans** » Fri Dec 23, 2005 9:06 pm

Thanks a lot...tommu00

The thing that i am telling you...is like an outsider can open a conection with the WorldServer and when it does, then kinds of send his character info same way the HG does...so Worldserver accepts it and replace it with the old one...and puff you have it.

So i create a character file in my house named same as my server's character and then send it to WorldServer and i have my edit character.

Thats how i look it...tho :blink:

P.D: hi popic you still on hb?

popic · Post by **popic** » Sat Dec 24, 2005 4:13 pm

locobans wrote: Thanks a lot...tommu00

The thing that i am telling you...is like an outsider can open a conection with the WorldServer and when it does, then kinds of send his character info same way the HG does...so Worldserver accepts it and replace it with the old one...and puff you have it.

So i create a character file in my house named same as my server's character and then send it to WorldServer and i have my edit character.

Thats how i look it...tho :blink:

P.D: hi popic you still on hb?

hi Loco

yea im still in hb, hbzion, i will never leave you

locobans · Post by **locobans** » Sat Dec 24, 2005 8:38 pm

Oh...weird you said were you the one that was hacking the server...you will never leave me and you "hacked" me? lol guess weren't you...anyways

is down and will be till i can fix it B)

popic · Post by **popic** » Sun Dec 25, 2005 5:12 pm

locobans wrote: Oh...weird you said were you the one that was hacking the server...you will never leave me and you "hacked" me? lol guess weren't you...anyways is down and will be till i can fix it B)

-.- you dont need to fix anything, hiski wont hack it if you would talk to him nicely...

locobans · Post by **locobans** » Mon Dec 26, 2005 8:38 pm

If he wanted to talk...he would of contacted me :rolleyes:

popic · Post by **popic** » Tue Dec 27, 2005 9:29 am

locobans wrote: If he wanted to talk...he would of contacted me :rolleyes:

maybe you should contact him?
btw why you not going on msn alot

maybe you go on late hours?