Menu
Forums
All threads
Latest threads
New posts
Trending threads
New posts
Search forums
Trending
What's new
New posts
New profile posts
Latest activity
Members
Current visitors
New profile posts
Search profile posts
Upgrades
Log in
Register
What's new
Search
Search
Search titles only
By:
All threads
Latest threads
New posts
Trending threads
New posts
Search forums
Menu
Log in
Register
Navigation
Install the app
Install
More options
Contact us
Close Menu
Forums
Server Development
Habbo Retros
Habbo Q&A
BcStorm/SwiftEMU exploitable and need immediate help.
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
<blockquote data-quote="Sledmore" data-source="post: 231383" data-attributes="member: 591"><p>I'm assuming this is via the navigator, do the following:</p><p></p><p>Open up the emulator source and search for the following:</p><p></p><p>[PHP]internal ServerMessage SerializeSearchResults(string SearchQuery)[/PHP]</p><p></p><p>Replace the whole ServerMessage with the following:</p><p></p><p>[PHP]</p><p>internal ServerMessage SerializeSearchResults(string SearchQuery)</p><p> {</p><p> DataTable Data = new DataTable();</p><p> using (IQueryAdapter dbClient = ButterflyEnvironment.GetDatabaseManager().getQueryreactor())</p><p> {</p><p> if (SearchQuery.Length > 0)</p><p> {</p><p> if (SearchQuery.Contains("owner:"))</p><p> {</p><p> string[] splitSearch = SearchQuery.Split(':');</p><p> dbClient.setQuery("SELECT rooms.*, room_active.active_users FROM rooms LEFT JOIN room_active ON (room_active.roomid = rooms.id) WHERE owner = @query AND roomtype = 'private' " + "ORDER BY active_users DESC LIMIT 50");</p><p> dbClient.addParameter("query", splitSearch[1]);</p><p> Data = dbClient.getTable();</p><p> }</p><p> else</p><p> {</p><p> dbClient.setQuery("SELECT rooms.*, room_active.active_users FROM rooms LEFT JOIN room_active ON (room_active.roomid = rooms.id) WHERE owner = @query AND roomtype = 'private' " +</p><p> "UNION ALL " + "SELECT rooms.*, room_active.active_users FROM rooms LEFT JOIN room_active ON (room_active.roomid = rooms.id) WHERE caption = @query AND roomtype = 'private' " + "ORDER BY active_users DESC LIMIT 50");</p><p> dbClient.addParameter("query", SearchQuery);</p><p> Data = dbClient.getTable();</p><p> }</p><p> }</p><p> }</p><p> List<RoomData> list = new List<RoomData>();</p><p> if (Data != null)</p><p> {</p><p> foreach (DataRow row in Data.Rows)</p><p> {</p><p> RoomData item = ButterflyEnvironment.GetGame().GetRoomManager().FetchRoomData(Convert.ToUInt32(row["id"]), row);</p><p> list.Add(item);</p><p> }</p><p> }</p><p> ServerMessage message = new ServerMessage(Outgoing.NavigatorPacket);</p><p> message.AppendInt32(8);</p><p> message.AppendString(SearchQuery);</p><p> message.AppendInt32(list.Count);</p><p> foreach (RoomData data2 in list)</p><p> {</p><p> data2.Serialize(message, false);</p><p> }</p><p> message.AppendBoolean(false);</p><p> return message;</p><p> }[/PHP]</p><p></p><p>That should sort that issue, there may be more vulnerable spots in the emulator though.</p></blockquote><p></p>
[QUOTE="Sledmore, post: 231383, member: 591"] I'm assuming this is via the navigator, do the following: Open up the emulator source and search for the following: [PHP]internal ServerMessage SerializeSearchResults(string SearchQuery)[/PHP] Replace the whole ServerMessage with the following: [PHP] internal ServerMessage SerializeSearchResults(string SearchQuery) { DataTable Data = new DataTable(); using (IQueryAdapter dbClient = ButterflyEnvironment.GetDatabaseManager().getQueryreactor()) { if (SearchQuery.Length > 0) { if (SearchQuery.Contains("owner:")) { string[] splitSearch = SearchQuery.Split(':'); dbClient.setQuery("SELECT rooms.*, room_active.active_users FROM rooms LEFT JOIN room_active ON (room_active.roomid = rooms.id) WHERE owner = @query AND roomtype = 'private' " + "ORDER BY active_users DESC LIMIT 50"); dbClient.addParameter("query", splitSearch[1]); Data = dbClient.getTable(); } else { dbClient.setQuery("SELECT rooms.*, room_active.active_users FROM rooms LEFT JOIN room_active ON (room_active.roomid = rooms.id) WHERE owner = @query AND roomtype = 'private' " + "UNION ALL " + "SELECT rooms.*, room_active.active_users FROM rooms LEFT JOIN room_active ON (room_active.roomid = rooms.id) WHERE caption = @query AND roomtype = 'private' " + "ORDER BY active_users DESC LIMIT 50"); dbClient.addParameter("query", SearchQuery); Data = dbClient.getTable(); } } } List<RoomData> list = new List<RoomData>(); if (Data != null) { foreach (DataRow row in Data.Rows) { RoomData item = ButterflyEnvironment.GetGame().GetRoomManager().FetchRoomData(Convert.ToUInt32(row["id"]), row); list.Add(item); } } ServerMessage message = new ServerMessage(Outgoing.NavigatorPacket); message.AppendInt32(8); message.AppendString(SearchQuery); message.AppendInt32(list.Count); foreach (RoomData data2 in list) { data2.Serialize(message, false); } message.AppendBoolean(false); return message; }[/PHP] That should sort that issue, there may be more vulnerable spots in the emulator though. [/QUOTE]
Insert quotes…
Verification
Post reply
Forums
Server Development
Habbo Retros
Habbo Q&A
BcStorm/SwiftEMU exploitable and need immediate help.
Top