[FIXED] Py Injection Exploit

*Description:

In the Metin2 sources there is a fairly large Exploit that allows Hackers to easily search in memory & compile scripts using the memory address c_pcFileData .

Below we find how to fix
:)


*Download link / Code:

To view the content, you need to Sign In or Register.
 
Last edited:
Funky Robot

Funky Robot

New member
Funkymmo Bot
Joined
Jan 14, 2025
Messages
510
Reaction score
3
Points
1
Jaxi said:
*Description:

In the Metin2 sources there is a fairly large Exploit that allows Hackers to easily search in memory & compile scripts using the memory address c_pcFileData .

Below we find how to fix
:)


*Download link / Code:

Open ScriptLib/PythonLauncher.cpp and search for:

bool CPythonLauncher::RunMemoryTextFile(const char* c_szFileName, UINT uFileSize, const VOID* c_pvFileData)

Replace with:
C++: 
bool CPythonLauncher::RunMemoryTextFile(const char* c_szFileName, UINT uFileSize, const VOID* c_pvFileData)
{
    const CHAR* c_pcFileData = (const CHAR*)c_pvFileData;
    std::string stConvFileData;
    stConvFileData.reserve(uFileSize);

    for (UINT i = 0; i < uFileSize; ++i)
    {
        if (c_pcFileData[i] != 13)
            stConvFileData += c_pcFileData[i];
    }

    const CHAR* c_pcConvFileData = stConvFileData.c_str();
    PyObject* pCompiledCode = Py_CompileString(c_pcConvFileData, c_szFileName, Py_file_input);//fix
    if (!pCompiledCode)
        return false;
    PyObject* pResult = PyEval_EvalCode((PyCodeObject*)pCompiledCode, m_poDic, m_poDic);
    Py_DECREF(pCompiledCode);//ref c
    if (!pResult)
        return false;

    Py_DECREF(pResult);
    if (Py_FlushLine())
        PyErr_Clear();

    return true;
}
If you have cython:
View attachment 482
Click to expand...

This post is visible to everyone, and will be monitored by forum moderators.

Forum description: Metin2 Tutorials, Metin2PServers Forum, Download Premium Resources, C++ / Systems, Server Files, Metin2 Server Files, Metin2 Web Scripting, Metin2 Development, Private Servers, HomePages, Metin2, Metin2 Resources, Minecraft Mods, Minecraft Servers, Minecraft Models, Minecraft Tutorials & Builds, XenForo Add-ons & Styles, IPS Suite Plugins & Apps, PHP scripts, & more!
 
You must log in or register to reply here.

Similar threads

Jaxi
Granny viewer 2.11.8 (Full Fixed)
Replies
0
Views
19
Jaxi
Jaxi
JIGSAW
Metin2 Systems [C++/Py] System Inventar Special K - FULL & FIXED
Replies
0
Views
14
JIGSAW
JIGSAW
Metin2 Resources
Metin2 Systems [C++/Py] System Reborn FULL + FIXED
Replies
0
Views
28
Metin2 Resources
Metin2 Resources

Latest posts

Premium Resources

521Threads
779Messages
189Members
feroooLatest member
Back
Top