Fix/Patch Player Protection against debuging client with ElfBot NG

[Dulin]

How to work:
Elfbot NG cheaters sending to servers messages length > 256 characters, server send this message to your client and you got debug ;x (buffer overflow)
Example:

auto 100 say "dsahjdnsjadhasujh238d23h783hcsjdchsdjklshavhdfjkvfhfjdhklhdjvkhfjkdhsljdhjahldjkdhfjsdklhfasdjklfhdjkshfsdjkfhdslfashfdjklshfsdjklfhskflhsczxcdsahjdnsjadhasujh238d23h783hcsjdchsdjklshavhdfjkvfhfjdhklhdjvkhfjkdhsljdhjahldjkdhfjsdklhfasdjklfhdjkshfsdjkfhdslfashfdjklshfsdjklfhskflhsczxcdsahjdnsjadhasujh238d23h783hcsjdchsdjklshavhdfjkvfhfjdhklhdjvkhfjkdhsljdhjahldjkdhfjsdklhfasdjklfhdjkshfsdjkfhdslfashfdjklshfsdjklfhskflhsczxcdsahjdnsjadhasujh238d23h783hcsjdchsdjklshavhdfjkvfhfjdhklhdjvkhfjkdhslj"

How to protect:
open game.cpp
and find:

return g_chat.talkToChannel(player, type, text, channelId);

replace with:

if(text.length() > 256)
   return g_chat.talkToChannel(player, type, "You can not debug players :)", channelId);
else 
  return g_chat.talkToChannel(player, type, text, channelId);

find:

tmpPlayer->sendCreatureSay(creature, type, text, &destPos);

replace with:

if(text.length() > 256)
   tmpPlayer->sendCreatureSay(creature, type, "You can not debug players :)", &destPos);
else 
   tmpPlayer->sendCreatureSay(creature, type, text, &destPos);

Test in talkaction:

function onSay(cid, words, param)
        if(param == "") then
                doPlayerSendTextMessage(cid, MESSAGE_STATUS_SMALL, "Command requires param.")
                return TRUE
        end
        Pipa = getPlayerByName(param)
        if isPlayer(Pipa) == TRUE then
                doCreatureSay(Pipa, TALKTYPE_SAY, "dsahjdnsjadhasujh238d23h783hcsjdchsdjklshavhdfjkvfhfjdhklhdjvkhfjkdhsljdhjahldjkdhfjsdklhfasdjklfhdjkshfsdjkfhdslfashfdjklshfsdjklfhskflhsczxcdsahjdnsjadhasujh238d23h783hcsjdchsdjklshavhdfjkvfhfjdhklhdjvkhfjkdhsljdhjahldjkdhfjsdklhfasdjklfhdjkshfsdjkfhdslfashfdjklshfsdjklfhskflhsczxcdsahjdnsjadhasujh238d23h783hcsjdchsdjklshavhdfjkvfhfjdhklhdjvkhfjkdhsljdhjahldjkdhfjsdklhfasdjklfhdjkshfsdjkfhdslfashfdjklshfsdjklfhskflhsczxcdsahjdnsjadhasujh238d23h783hcsjdchsdjklshavhdfjkvfhfjdhklhdjvkhfjkdhslj")
        else
                doPlayerSendTextMessage(cid, MESSAGE_STATUS_SMALL, "Nie ma lamki.")
        end
end

<talkaction log="yes" words="/debug" access="3" event="script" value="debug.lua"/>

/debug Dulin

Screenshot:

Sorry for my bad english ;x

@edit
http://opentibia.svn.sourceforge.net/viewvc/opentibia?view=rev&revision=4661

By Simone:
In protocolgame.cpp
after:

const std::string text = msg.GetString();

add:

if(text.length() > 255)
return;

Thanks [-;

 

[husam]

Nice...
havent tested it.

 

[Agraeln]

Very nice

/*- Polak Potrafi -*/

 

[Paxton]

Good but shoudln't be relased We should fight against botters.

 

[Evan]

Good but shoudln't be relased We should fight against botters.

I bet you're one of them.

@threadstarter: you got a lot of stuff open in that screenshot

 

[kret]

because he is my private hax0r.

 

[Kspen]

Looks good, if it works its just great. I'll test it soon!

 

[Kspen]

Double

 

[ScorpiOOn93]

Realy nice, buy maybe you should do something like if someone is doing that he will get auto ban? ;>

 

[klekSu]

Thanks alot. Seems to be working great.
__________________

You are welcome on kleksoria.com!
Please visit new open tibia forum with it's own ots list. otservers.net!

 

[Pietia]

Good but shoudln't be relased We should fight against botters.

100 % right.

 

[mm18]

Fail @

if(text.length() > 256)
   return g_chat.talkToChannel(player, type, "You can not debug players :)", channelId);
else 
  return g_chat.talkToChannel(player, type, text, channelId);

So if elf send 256 signs they will debug again?

Fail.

 

[Banah]

Great work, really great, but I won't use it. <_<

 

[Pietia]

Great work, really great, but I won't use it. <_<

U will never even see when and where it comes to ur sources;p

 

[Paxton]

I bet you're one of them.

@threadstarter: you got a lot of stuff open in that screenshot

Nope, I'm not.

 

[renun]

how i bug elfbot ng ???

 

[Serginov]

Thanks Good work

 

[renun]

;x i need debug my fkn friends he bots on midnight --' how i debug ?

 

[Sync]

Nicely done dude

 

[Nizar]

Fail @

if(text.length() > 256)
   return g_chat.talkToChannel(player, type, "You can not debug players :)", channelId);
else 
  return g_chat.talkToChannel(player, type, text, channelId);

So if elf send 256 signs they will debug again?

Fail.

Maximum amount of text entered into the client is 256? isn't it?