Forums WoW Modding Support Archives WoWModding Support Archives [DiscordArchive] So someone in here starts showing the first 80% of how it works, then the patcher provides vital inf

[DiscordArchive] So someone in here starts showing the first 80% of how it works, then the patcher provides vital inf

[DiscordArchive] So someone in here starts showing the first 80% of how it works, then the patcher provides vital inf

Pages (4): 1 2 3 4 Next
rektbyfaith
Administrator
Find
0
07-28-2024, 04:56 PM
#1
Archived author: Pursche • Posted: 2024-07-28T16:56:36.823000+00:00
Original source

So someone in here starts showing the first 80% of how it works, then the patcher provides vital information to the last small missing part, and you don't see a problem with explaining that part?
Reply
Reply
rektbyfaith
07-28-2024, 04:56 PM #1

Archived author: Pursche • Posted: 2024-07-28T16:56:36.823000+00:00
Original source

So someone in here starts showing the first 80% of how it works, then the patcher provides vital information to the last small missing part, and you don't see a problem with explaining that part?

Reply
Reply
rektbyfaith
Administrator
Find
0
07-28-2024, 04:58 PM
#2
Archived author: MeFisto94 • Posted: 2024-07-28T16:58:28.538000+00:00
Original source

oh wait, if that was my message with the 80%, then that was not my intention. I just had the feeling that people knew for a long time that warden kinda is a RCE in itself but no one cared to patch it, because some servers used it in good faith (instead of like including it into their launcher for ease of access). That was actually a guess (well, I kind of read it can push modules, or I confused it with vac)
Reply
Reply
rektbyfaith
07-28-2024, 04:58 PM #2

Archived author: MeFisto94 • Posted: 2024-07-28T16:58:28.538000+00:00
Original source

oh wait, if that was my message with the 80%, then that was not my intention. I just had the feeling that people knew for a long time that warden kinda is a RCE in itself but no one cared to patch it, because some servers used it in good faith (instead of like including it into their launcher for ease of access). That was actually a guess (well, I kind of read it can push modules, or I confused it with vac)

Reply
Reply
rektbyfaith
Administrator
Find
0
07-28-2024, 04:58 PM
#3
Archived author: Pursche • Posted: 2024-07-28T16:58:42.109000+00:00
Original source

No, the removed stuff was the first 80%.
Reply
Reply
rektbyfaith
07-28-2024, 04:58 PM #3

Archived author: Pursche • Posted: 2024-07-28T16:58:42.109000+00:00
Original source

No, the removed stuff was the first 80%.

Reply
Reply
rektbyfaith
Administrator
Find
0
07-28-2024, 05:05 PM
#4
Archived author: Pursche • Posted: 2024-07-28T17:05:07.082000+00:00
Original source

Realistically, a vast majority of the players at risk of this won't read this discord, won't read r/wowservers or wherever else you decide to spread the patcher. Those people will be completely vulnerable to a bad actor finding this information, digging deeper into it and then using it for bad.

By announcing about this you've essentially unbottled an arms race with a massive inherent advantage to the malicious actors, and no realistic plan in place for getting the patch out to people.
Reply
Reply
rektbyfaith
07-28-2024, 05:05 PM #4

Archived author: Pursche • Posted: 2024-07-28T17:05:07.082000+00:00
Original source

Realistically, a vast majority of the players at risk of this won't read this discord, won't read r/wowservers or wherever else you decide to spread the patcher. Those people will be completely vulnerable to a bad actor finding this information, digging deeper into it and then using it for bad.

By announcing about this you've essentially unbottled an arms race with a massive inherent advantage to the malicious actors, and no realistic plan in place for getting the patch out to people.

Reply
Reply
rektbyfaith
Administrator
Find
0
07-28-2024, 05:05 PM
#5
Archived author: schlumpf • Posted: 2024-07-28T17:05:08.492000+00:00
Original source

Yes, I don’t, since if someone can exploit this thing, they sure can read two lines of c#. And if they can’t, they surely can’t connect the patch to the exploit.
Reply
Reply
rektbyfaith
07-28-2024, 05:05 PM #5

Archived author: schlumpf • Posted: 2024-07-28T17:05:08.492000+00:00
Original source

Yes, I don’t, since if someone can exploit this thing, they sure can read two lines of c#. And if they can’t, they surely can’t connect the patch to the exploit.

Reply
Reply
rektbyfaith
Administrator
Find
0
07-28-2024, 05:05 PM
#6
Archived author: M'Dic • Posted: 2024-07-28T17:05:22.349000+00:00
Original source

<aTongueopcorn:965247439818854410>
Reply
Reply
rektbyfaith
07-28-2024, 05:05 PM #6

Archived author: M'Dic • Posted: 2024-07-28T17:05:22.349000+00:00
Original source

<aTongueopcorn:965247439818854410>

Reply
Reply
rektbyfaith
Administrator
Find
0
07-28-2024, 05:06 PM
#7
Archived author: Nix • Posted: 2024-07-28T17:06:05.706000+00:00
Original source

Well maybe we should've had no announcement nor a message from you <:pepeShrug:889590131714035783>
Reply
Reply
rektbyfaith
07-28-2024, 05:06 PM #7

Archived author: Nix • Posted: 2024-07-28T17:06:05.706000+00:00
Original source

Well maybe we should've had no announcement nor a message from you <:pepeShrug:889590131714035783>

Reply
Reply
rektbyfaith
Administrator
Find
0
07-28-2024, 05:06 PM
#8
Archived author: Nix • Posted: 2024-07-28T17:06:31.745000+00:00
Original source

Keep grinding brother
Reply
Reply
rektbyfaith
07-28-2024, 05:06 PM #8

Archived author: Nix • Posted: 2024-07-28T17:06:31.745000+00:00
Original source

Keep grinding brother

Reply
Reply
rektbyfaith
Administrator
Find
0
07-28-2024, 05:11 PM
#9
Archived author: Ike • Posted: 2024-07-28T17:11:35.537000+00:00
Original source

I might yet still work on this some more and release a fully working and well documented proof-of-concept, if I find the time to do so. That's because this information is already out there and it's actively being used by, for now, benign actors. The fact that I could gather most of how this works in an afternoon worth of time really doesn't bode well. I'm not a security specialist, I'm a random dude who knows how to press the F5 button in IDA and then read some (pretty ugly) C code. This information should be out there, so that people can defend themselves against anyone trying to do shady things. The fact that nobody malicious cared to look for this or abused this until now was just dumb luck.
<@&512595246438285323> seeing that nearly all the stuff I published so far got deleted, can I assume you don't want me to release any more of it here? If so, that's fine by me, I just want to make sure
Reply
Reply
rektbyfaith
07-28-2024, 05:11 PM #9

Archived author: Ike • Posted: 2024-07-28T17:11:35.537000+00:00
Original source

I might yet still work on this some more and release a fully working and well documented proof-of-concept, if I find the time to do so. That's because this information is already out there and it's actively being used by, for now, benign actors. The fact that I could gather most of how this works in an afternoon worth of time really doesn't bode well. I'm not a security specialist, I'm a random dude who knows how to press the F5 button in IDA and then read some (pretty ugly) C code. This information should be out there, so that people can defend themselves against anyone trying to do shady things. The fact that nobody malicious cared to look for this or abused this until now was just dumb luck.
<@&512595246438285323> seeing that nearly all the stuff I published so far got deleted, can I assume you don't want me to release any more of it here? If so, that's fine by me, I just want to make sure

Reply
Reply
rektbyfaith
Administrator
Find
0
07-28-2024, 05:12 PM
#10
Archived author: Nix • Posted: 2024-07-28T17:12:13.925000+00:00
Original source

<:FacePalm:890122592080510976>
Reply
Reply
rektbyfaith
07-28-2024, 05:12 PM #10

Archived author: Nix • Posted: 2024-07-28T17:12:13.925000+00:00
Original source

<:FacePalm:890122592080510976>

Reply
Reply
Pages (4): 1 2 3 4 Next
Recently Browsing
 1 Guest(s)
Recently Browsing
 1 Guest(s)