[PI] Recent Client Exploit
Base: Project Insanity
Classes Edited: PlayerAssistant class, PrivateMessaging class
Difficulty: C+P+Removing so 1/10 ish
If you were aware of the exploit then you probably had a lot of fun on servers, I know i did. I won't share the full exploit because some servers haven't fixed this yet but it is on here so you could just go search.
Explanation: After decompiling a client, editing and adding a comand, re-compiling and playing you were able to "Spawn" item(s).
Step 1.) Open PlayerAssistant and search for:
Code:
public void handleStatus
or
Code:
public void checkStatus
in there you should find something similar to this:
Code:
public void handleStatus(int i, int i2, int i3) {
if (i == 1)
c.getItems().addItem(i2,i3);
else if (i == 2) {
c.playerXP[i2] = c.getPA().getXPForLevel(i3)+5;
c.playerLevel[i2] = c.getPA().getLevelForXP(c.playerXP[i2]);
}
}
As you can see it's pretty self explanatory ;), just remove it so it looks like this:
Code:
public void handleStatus(int i, int i2, int i3) {
//Sanity u so smart
}
Close that class
Step 2.) Removing it all together (You're welcome Russian):
Open PrivateMessaging.java (src\server\model\players\packets)
search for:
Code:
ccase REMOVE_IGNORE:
it should look like this:
Code:
case REMOVE_IGNORE:
int ii = c.getInStream().readDWord();
int i2i = c.getInStream().readDWord();
int i3i = c.getInStream().readDWord();
//for other status changing
c.getPA().handleStatus(ii,i2i,i3i);
c.friendUpdate = true;
long ignore = c.getInStream().readQWord();
for(int i = 0; i < c.ignores.length; i++) {
if(c.ignores[i] == ignore) {
c.ignores[i] = 0;
break;
}
}
break;
replace it with this:
Code:
case REMOVE_IGNORE:
//for other status changing
c.friendUpdate = true;
long ignore = c.getInStream().readQWord();
for(int i = 0; i < c.ignores.length; i++) {
if(c.ignores[i] == ignore) {
c.ignores[i] = 0;
break;
}
}
break;
Search for this:
Code:
c.getPA().handleStatus(a,a2,j3);
Comment it out
All done, hope this helped.
