[DiscordArchive] Further more, how long would it take if this t-wow hack went through with the RCE exploit and he did

Forums WoW Modding Support Archives WoWModding Support Archives [DiscordArchive] Further more, how long would it take if this t-wow hack went through with the RCE exploit and he did

[DiscordArchive] Further more, how long would it take if this t-wow hack went through with the RCE exploit and he did

[DiscordArchive] Further more, how long would it take if this t-wow hack went through with the RCE exploit and he did

Pages (3): 1 2 3 Next

rektbyfaith
Administrator

0

07-28-2024, 05:40 PM

#1

Archived author: [GLFY] Mitche • Posted: 2024-07-28T17:40:31.474000+00:00
Original source

Further more, how long would it take if this t-wow hack went through with the RCE exploit and he didn't announce in game that it was hacked for them to notice?

rektbyfaith

07-28-2024, 05:40 PM #1

Archived author: [GLFY] Mitche • Posted: 2024-07-28T17:40:31.474000+00:00
Original source

Further more, how long would it take if this t-wow hack went through with the RCE exploit and he didn't announce in game that it was hacked for them to notice?

rektbyfaith
Administrator

0

07-28-2024, 05:40 PM

#2

Archived author: Nix • Posted: 2024-07-28T17:40:39.851000+00:00
Original source

They can stream warden modules that are signed by them, they also have a couple other ways of doing it

rektbyfaith

07-28-2024, 05:40 PM #2

Archived author: Nix • Posted: 2024-07-28T17:40:39.851000+00:00
Original source

They can stream warden modules that are signed by them, they also have a couple other ways of doing it

rektbyfaith
Administrator

0

07-28-2024, 05:40 PM

#3

Archived author: olive • Posted: 2024-07-28T17:40:48.483000+00:00
Original source

thats a turtlewow issue, not a 3.35 issue

rektbyfaith

07-28-2024, 05:40 PM #3

Archived author: olive • Posted: 2024-07-28T17:40:48.483000+00:00
Original source

thats a turtlewow issue, not a 3.35 issue

rektbyfaith
Administrator

0

07-28-2024, 05:41 PM

#4

Archived author: olive • Posted: 2024-07-28T17:41:03.123000+00:00
Original source

different client, different distribution method

rektbyfaith

07-28-2024, 05:41 PM #4

Archived author: olive • Posted: 2024-07-28T17:41:03.123000+00:00
Original source

different client, different distribution method

rektbyfaith
Administrator

0

07-28-2024, 05:41 PM

#5

Archived author: ram3n • Posted: 2024-07-28T17:41:13.429000+00:00
Original source

rektbyfaith

07-28-2024, 05:41 PM #5

Archived author: ram3n • Posted: 2024-07-28T17:41:13.429000+00:00
Original source

rektbyfaith
Administrator

0

07-28-2024, 05:42 PM

#6

Archived author: gee • Posted: 2024-07-28T17:42:40.566000+00:00
Original source

if you're not gonna disclose it, at least don't publicly advertise ways for malicious actors to go finding it

rektbyfaith

07-28-2024, 05:42 PM #6

Archived author: gee • Posted: 2024-07-28T17:42:40.566000+00:00
Original source

if you're not gonna disclose it, at least don't publicly advertise ways for malicious actors to go finding it

rektbyfaith
Administrator

0

07-28-2024, 05:43 PM

#7

Archived author: stoneharry • Posted: 2024-07-28T17:43:33.849000+00:00
Original source

If you download a launcher, modified wow.exe, etc, then you are running arbitrary code anyway.

Normally the client verifies any content sent from the server is signed by Blizzard. This prevents 3rd parties sending content. Most custom servers disable these checks to allow custom content to be sent, at which point it has similar permissions to the RCE.

The only difference with this RCE is that people can send arbitrary code on login with zero client mods. If a server got hacked, that's quite dangerous. It would happen silently.

2.4.3 and 1.12 have the private key cracked, so they can send content as it is without needing to sign it. You put a lot more trust in these servers.

rektbyfaith

07-28-2024, 05:43 PM #7

Archived author: stoneharry • Posted: 2024-07-28T17:43:33.849000+00:00
Original source

If you download a launcher, modified wow.exe, etc, then you are running arbitrary code anyway.

Normally the client verifies any content sent from the server is signed by Blizzard. This prevents 3rd parties sending content. Most custom servers disable these checks to allow custom content to be sent, at which point it has similar permissions to the RCE.

The only difference with this RCE is that people can send arbitrary code on login with zero client mods. If a server got hacked, that's quite dangerous. It would happen silently.

2.4.3 and 1.12 have the private key cracked, so they can send content as it is without needing to sign it. You put a lot more trust in these servers.

rektbyfaith
Administrator

0

07-28-2024, 05:44 PM

#8

Archived author: Jyria • Posted: 2024-07-28T17:44:17.641000+00:00
Original source

Any Pserver on any game is a trust game

rektbyfaith

07-28-2024, 05:44 PM #8

Archived author: Jyria • Posted: 2024-07-28T17:44:17.641000+00:00
Original source

Any Pserver on any game is a trust game

rektbyfaith
Administrator

0

07-28-2024, 05:44 PM

#9

Archived author: robinsch • Posted: 2024-07-28T17:44:29.061000+00:00
Original source

even if I would fully disclose it 99% of the people would not understand how it works, yet how they would be able to utilize it

rektbyfaith

07-28-2024, 05:44 PM #9

Archived author: robinsch • Posted: 2024-07-28T17:44:29.061000+00:00
Original source

even if I would fully disclose it 99% of the people would not understand how it works, yet how they would be able to utilize it

rektbyfaith
Administrator

0

07-28-2024, 05:44 PM

#10

Archived author: [GLFY] Mitche • Posted: 2024-07-28T17:44:39.207000+00:00
Original source

Flashbacks to the 1.7 minecraft exploits

rektbyfaith

07-28-2024, 05:44 PM #10

Archived author: [GLFY] Mitche • Posted: 2024-07-28T17:44:39.207000+00:00
Original source

Flashbacks to the 1.7 minecraft exploits

Pages (3): 1 2 3 Next

Recently Browsing
1 Guest(s)

Recently Browsing
1 Guest(s)