So, while i was trying out stuff on my hotel, some guy came in with the name "ªnoobª" and he was like "Try a command on me" and i did, and that does not work as most emulators won't recognise those characters.
So what is the exploit? Well, if some user comes in your hotel and starts advertising you can't do anything about it until you restart the emulator and manualy add him to the ban list, and no one wants to do that so.
+ On some hotels, when you enter the client it offers you the ":flagme" aka change name function, and if some hotels have disabled that because it's exploitable then people can activate it by registereing with an unknown name for the emulator.
Screen shots of it in "action"
And here is the fix for it...
Go in app and open class.users
and find the validname function which looks like this for most revcms users
And you replace that with this.
This code will only allow letters from a-z and numbers. So if you want people to register with . - and things like that, you will need to change /^[a-zA-Z0-9]+$/ to something else, you can easily learn how to customisze that by googling preg_match allowing different characters.
Thx to 3M1L for helping me with this
So what is the exploit? Well, if some user comes in your hotel and starts advertising you can't do anything about it until you restart the emulator and manualy add him to the ban list, and no one wants to do that so.
+ On some hotels, when you enter the client it offers you the ":flagme" aka change name function, and if some hotels have disabled that because it's exploitable then people can activate it by registereing with an unknown name for the emulator.
Screen shots of it in "action"
And here is the fix for it...
Go in app and open class.users
and find the validname function which looks like this for most revcms users
PHP:
final public function validName($username)
{
if(strlen($username) <= 25 && ctype_alnum($username))
{
return true;
}
return false;
}And you replace that with this.
PHP:
final public function validName($username)
{
if(strlen($username) <= 25 && preg_match("/^[a-zA-Z0-9]+$/", $username))
{
return true;
}
return false;
}Thx to 3M1L for helping me with this
Last edited:
