BcStorm/SwiftEMU exploitable and need immediate help.

[rails4ever]

Hello Everyone,

I have spent alot of money on my new Habbo Retro R63, including reverse proxies, domain names, setups, and other firewall systems, but my SQL keeps getting injected through my EMU!!! Everyone keeps tellin' me to switch ,but I know there is a fix, and won't stop until I find one. DOES ANYONE know where I can get a patch to prevent injection through the emulator?

 

[Sledmore]

I'm assuming this is via the navigator, do the following:

Open up the emulator source and search for the following:

internal ServerMessage SerializeSearchResults(string SearchQuery)

Replace the whole ServerMessage with the following:

internal ServerMessage SerializeSearchResults(string SearchQuery)
        {
            DataTable Data = new DataTable();
            using (IQueryAdapter dbClient = ButterflyEnvironment.GetDatabaseManager().getQueryreactor())
            {
                if (SearchQuery.Length > 0)
                {
                    if (SearchQuery.Contains("owner:"))
                    {
                        string[] splitSearch = SearchQuery.Split(':');
                        dbClient.setQuery("SELECT rooms.*, room_active.active_users FROM rooms LEFT JOIN room_active ON (room_active.roomid = rooms.id) WHERE owner = @query AND roomtype = 'private' " + "ORDER BY active_users DESC LIMIT 50");
                        dbClient.addParameter("query", splitSearch[1]);
                        Data = dbClient.getTable();
                    }
                    else
                    {
                        dbClient.setQuery("SELECT rooms.*, room_active.active_users FROM rooms LEFT JOIN room_active ON (room_active.roomid = rooms.id) WHERE owner = @query AND roomtype = 'private' " +
                                    "UNION ALL " + "SELECT rooms.*, room_active.active_users FROM rooms LEFT JOIN room_active ON (room_active.roomid = rooms.id) WHERE caption = @query AND roomtype = 'private' " + "ORDER BY active_users DESC LIMIT 50");
                        dbClient.addParameter("query", SearchQuery);
                        Data = dbClient.getTable();
                    }
                }
            }
            List<RoomData> list = new List<RoomData>();
            if (Data != null)
            {
                foreach (DataRow row in Data.Rows)
                {
                    RoomData item = ButterflyEnvironment.GetGame().GetRoomManager().FetchRoomData(Convert.ToUInt32(row["id"]), row);
                    list.Add(item);
                }
            }
            ServerMessage message = new ServerMessage(Outgoing.NavigatorPacket);
            message.AppendInt32(8);
            message.AppendString(SearchQuery);
            message.AppendInt32(list.Count);
            foreach (RoomData data2 in list)
            {
                data2.Serialize(message, false);
            }
            message.AppendBoolean(false);
            return message;
        }

That should sort that issue, there may be more vulnerable spots in the emulator though.

 

[rails4ever]

Which file do I open?

 

[Sledmore]

Navigator.cs (Butterfly/HabboHotel/Navigators/Navigator.cs) if you CTRL + F and select current project you will find it, make sure you debug the emulator as soon as you do it (by clicking F5 or the green play button).

 

[rails4ever]

Nvm, opened navigator.cs or whatever... How do I find out if there are more possibly exploits? I even installed GreenSQL in my VPS, but that didn't solve it.

When you say Debug it, I don't see a green play button... It's all in a folder...

 

[Sledmore]

Search for querys that require user input and that are not correctly filtered with the MySQL parameters, if my above fixed has worked for you please feel free to mark the post as the 'best answer', .
--
You're meant to open up the PROJECT and debug it via there.

 

[rails4ever]

Sledmore,

Will simply restarting the emulator work instead?

 

[Sledmore]

Sledmore,

Will simply restarting the emulator work instead?

No.. You need to debug the emulator which will build the source.

 

[rails4ever]

I need help How do I debug it... what do you mean open the project? I'm using Notepad++ Is there a certain program I need to do this debugging?

 

[Sledmore]

I need help How do I debug it... what do you mean open the project? I'm using Notepad++ Is there a certain program I need to do this debugging?

Microsoft Visual Studios, I suggest downloading Express edition 2012.

 

[rails4ever]

And open up the .exe emu file right?

 

[Sledmore]

I really suggest you read some tutorials online, I've said above already you open the PROJECT file and debug that.

 

[rails4ever]

There isn't a file named "Project" at all....

 

[Sledmore]

There isn't a file named "Project" at all....

Please go and read some tutorials, I never said there is a file named 'Project' I said open the PROJECT FILE. It really is easy to understand. You cannot open it because for some stupid reason you do not have Visual Studios.

 

[rails4ever]

I am installing Visual Studio, as we speak.. I will read some tutorials, but which tutorials do you suggest on this kind of thing? What should I search?

 

[Sledmore]

You must be registered for see links

Scroll up a little (above breakpoints) to 'How to Start?' and once you have Visual Studios installed you will be able to debug the emulator and then the exe will be updated with the new fixes you've added .

 

[rails4ever]

Visual Studios, is STILL installing... one more question sir, in visual studios do i navigate to the emulator folder as a base then "project" will show up? I've already edited the things in NotePad++ I'm just wondering if I will still be able to debug since I've already made the changes to the .cs file...Will VS still know, hey changed were made?

 

[Sledmore]

Since you've already edited the files once you open up Visual Studios all you need to do is debug the emulator and you're done.

 

[rails4ever]

FYI, I host my retro on a VPS, and I don't have VS installed there, but on my main machine, so when I debugged it, it took 10 seconds, I hope it can debug on my main machine right?

 

[Sledmore]

Yup, you can debug it on your computer and simply copy the exe over (in the bin/ folder).