Author: Pachelbel
Table Of Contents
Notes:
#########################################################
From: Pachelbel
To: BoozerBear
Posted: Thu Jun 17, 2004 5:47 am
Subject: write up of exploits
all 3 of my exploits centered around a common flaw in the site.
jick fixed each of them separately, instead of fixing the root problem (which
i pointed out to him), which, based on my php knowledge, should be easy to do
(although there could be other factors in the game design stopping him from
fixing it properly).
because of that, i've found several other exploits using the same common flaw, like an infinite stat gain bug, etc. right now, i'm just collecting a list of the things i can do to send to jick, which i'll probably do today or tomorrow.
i'll give you a proper write up after i've reported the list to jick and gotten a response from him. what form would you like it in?
-Pachelbel
From: BoozerBear
To: Pachelbel
Posted: Thu Jun 17, 2004 3:15 pm
Subject: Re: write up of exploits
yeah, last time I saw the code (some months ago) it was a real patchwork, but
that's because it's been a work of progress on live code over the course of
a year and a half, never an ideal environment for development. Since then he's
been fighting performance issues which has probably dorked the code even more.
when I asked why he didn't do revisions on a development copy first, he said
he didn't like having 2 copies of a project, so I imagine it's a bit of a nightmare,
especially with the recent user glut.
hopefully after reset he'll be able to do a complete re-write so he can turn register_globals off and do proper input verification, consolidate disparate functions into classes for uniformity, etc. Until then, his best defense is those of us who know enough to find the holes and care enough to turn them in (:
Re: writeup, at this point I'm collecting notes and deciding on presentation, and it'll prolly be along the lines of a "secret brotherhood" type manual, with "books" written by each hack developer. (IE: The Book Of Pimonkey, The Book of Boozerbear, The Book of Pachelbel, etc..) where you tell the story of finding and using each hack in chapters based on where the hole existed (IE: The Hermit, Inventory Hacks, The Closet) and linked to actual scripts used and an "Index of Vulnerabilities" where basic concepts are explained (SQL Injection, Variable Poisoning, Variable Substitution, etc..)
In short I want to create not only a history of the game's beta hackers (in which there is great interest based on emails I get) but also something a future game developer could read and learn what kind of things users are going to try, and how to prevent them from succeeding (:
-boozer
Pachelbel wrote:
all 3 of my exploits centered around a common flaw in the site.
jick fixed each of them separately, instead of fixing the root problem (which
i pointed out to him), which, based on my php knowledge, should be easy to do
(although there could be other factors in the game design stopping him from
fixing it properly).
because of that, i've found several other exploits using the same common flaw, like an infinite stat gain bug, etc. right now, i'm just collecting a list of the things i can do to send to jick, which i'll probably do today or tomorrow.
i'll give you a proper write up after i've reported the list to jick and gotten a response from him. what form would you like it in?
-Pachelbel