ZenHAX
https://zenhax.com/

Half-life "born to be pig" exploit
https://zenhax.com/viewtopic.php?f=18&t=932
Page 1 of 1

Author:  maraakate [ Sat May 09, 2015 7:20 pm ]
Post subject:  Half-life "born to be pig" exploit

Hello, I know this is an older exploit but I am curious as to what caused it. Was the name being sent over a specific internal string in the game, some sort of buffer overflow with the name being longer, etc?

Author:  aluigi [ Sat May 09, 2015 7:37 pm ]
Post subject:  Re: Half-life "born to be pig" exploit

http://aluigi.org/adv/csdos.txt

Author:  maraakate [ Sun May 10, 2015 1:25 am ]
Post subject:  Re: Half-life "born to be pig" exploit

Ah yes, I've come across similar issues getting stuck in Info_ValueForKey loops in Daikatana. Thanks! One interesting one in particular (and may exist in Quake 2) is if the key is longer than 64 chars (the MAX_INFO_KEY value) then it is truncated and you can set null names, model names, etc. Depending on later checks in the userinfo changed code it can crash servers.

Author:  aluigi [ Sun May 10, 2015 4:04 pm ]
Post subject:  Re: Half-life "born to be pig" exploit

Eh, the good old times :)

Author:  maraakate [ Sun May 10, 2015 7:04 pm ]
Post subject:  Re: Half-life "born to be pig" exploit

In the Daikatana 1.3 project I've been working on with a few other people your tools have been great at finding potential flaws like this.

Page 1 of 1 All times are UTC
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/