Remove Overhead text

charros commented

2016-09-22 16:48:23 -06:00

(Migrated from github.com)

Hello, im trying to disable overhead chat text from pvpgn (diablo 2) ( the one you use with ! ) , i know there is a way because i saw a couple servers who got it done but cant figure it out, has anyone tried to do this to prevent users crashing d2gs with redvex ascii macros? This is really a serious security problem with D2GS and should be disabled imo.

RElesgoe commented

2016-09-22 21:33:00 -06:00

(Migrated from github.com)

I don't know what you mean by "overheard text".

charros commented

2016-09-22 23:39:15 -06:00

(Migrated from github.com)

My bad for not explaining in deep, when i say overhead text im referring to ingame chat, after you join a game there is a way to speak over your character head by pressing enter and using "!whateveryouwanttosay" without quotes. After that you will see floating text over your head. So here is the problem, there is a hack around the corner in which you can configure an ascii macro with tons of characters, enter a game, type a word to activate the macro and boom, d2gs is wiped out, everyone in the server is kicked back to the lobby and you cant create games anymore unless you end d2gs process and start it again (this can be done thousands of times and there is nothing you can do server side) I know there is a way to disable that overhead chat because i saw plenty of servers where you cant use it, being so easy to crash d2gs with redvex (even for someone with zero knowledge) i think this should be an urgent issue to solve. In the other hand there is a repo here from a guy (Tesseract2048) who solved this issue modifying something inside d2cs and d2gs but there is something wrong with the code and need some tweaks. Dunno if you were aware of this security hole inside pvpgn , makes the whole thing totally useless.

Sorry for the wall of text, thanks.

My bad for not explaining in deep, when i say overhead text im referring to ingame chat, after you join a game there is a way to speak over your character head by pressing enter and using "!whateveryouwanttosay" without quotes. After that you will see floating text over your head. So here is the problem, there is a hack around the corner in which you can configure an ascii macro with tons of characters, enter a game, type a word to activate the macro and boom, d2gs is wiped out, everyone in the server is kicked back to the lobby and you cant create games anymore unless you end d2gs process and start it again (this can be done thousands of times and there is nothing you can do server side) I know there is a way to disable that overhead chat because i saw plenty of servers where you cant use it, being so easy to crash d2gs with redvex (even for someone with zero knowledge) i think this should be an urgent issue to solve. In the other hand there is a repo here from a guy (Tesseract2048) who solved this issue modifying something inside d2cs and d2gs but there is something wrong with the code and need some tweaks. Dunno if you were aware of this security hole inside pvpgn , makes the whole thing totally useless. Sorry for the wall of text, thanks.

RElesgoe commented

2016-09-22 23:48:22 -06:00

(Migrated from github.com)

How is this a security hole inside of PvPGN if it's affecting D2GS? How is PvPGN relevant?

charros commented

2016-09-23 00:01:41 -06:00

(Migrated from github.com)

Well you are right at some point, that proxy/hack affects only D2GS but none of the services detect it, you can go all the way through pvpgn > d2dbs > d2cs >d2gs without no one noticing it, is pvpgn capable of detecting this kind of things at any point?

RElesgoe commented

2016-09-23 00:05:21 -06:00

(Migrated from github.com)

In-game chat does not go through PvPGN at all as far I as know, D2GS likely handles that.

Rows
Columns

Remove Overhead text #258