wc3edit.net
https://forum.wc3edit.net/

Warcraft virus vulnerability again.
http://forum.wc3edit.net/general-chat-f7/warcraft-virus-vulnerability-again-t21813.html
Page 1 of 1

Author:  owner123 [ July 4th, 2011, 1:36 pm ]
Post subject:  Warcraft virus vulnerability again.

Quote:
Many of us remember the great type casting problem a while ago where people were able to use Warcraft III as a means to infect computers with harmful software. Blizzard fortunately was able to stop the bug on BattleNet and eventually patched it.

However another equally bad exploit has been discovered, this time permitting Warcraft III to execute some form of scripting language via the Preload native. This can be used to get the game to download files from the internet and place them in dangerous folders (like windows or startup folders). The end result is another means for evil people to infect your computer with dangerous software. Although this method is less direct, it still permits Warcraft III maps to act as trojans to infect your computer.

The exploit apparently is the result of the Preload statement's mechanics. The native works by the use of a scripting language being passed to it but relies on the compiler to spot abuse and terminate the map load. However (like with the previous exploit) you can trick the compiler into thinking that its use is perfectly valid and so permit the compilation of the script with potentially horrible results.

It is advisable to not play any map from a source you do not trust. Avoid downloading maps from BattleNet or playing on bots you do not trust. A trojen map can even take the apparent form of one you already have and can download and run the exploit code before the lobby even loads. Remember that both single player and multiplayer maps are susceptible to this.

Be aware that freshly submitted maps to the Warcraft III map section on this site may also be trojens and if you spot such a map please report it to a map moderator or administrator as soon as possible so it can be removed.

Source : http://www.hiveworkshop.com/forums/late ... it-184310/

Also see this. http://www.thehelper.net/forums/showthr ... rcraft-III

That sucks =\

Author:  Nuuby [ July 4th, 2011, 1:49 pm ]
Post subject:  Re: Warcraft virus vulnerability again.

owner123 wrote:
Quote:
Many of us remember the great type casting problem a while ago where people were able to use Warcraft III as a means to infect computers with harmful software. Blizzard fortunately was able to stop the bug on BattleNet and eventually patched it.

However another equally bad exploit has been discovered, this time permitting Warcraft III to execute some form of scripting language via the Preload native. This can be used to get the game to download files from the internet and place them in dangerous folders (like windows or startup folders). The end result is another means for evil people to infect your computer with dangerous software. Although this method is less direct, it still permits Warcraft III maps to act as trojans to infect your computer.

The exploit apparently is the result of the Preload statement's mechanics. The native works by the use of a scripting language being passed to it but relies on the compiler to spot abuse and terminate the map load. However (like with the previous exploit) you can trick the compiler into thinking that its use is perfectly valid and so permit the compilation of the script with potentially horrible results.

It is advisable to not play any map from a source you do not trust. Avoid downloading maps from BattleNet or playing on bots you do not trust. A trojen map can even take the apparent form of one you already have and can download and run the exploit code before the lobby even loads. Remember that both single player and multiplayer maps are susceptible to this.

Be aware that freshly submitted maps to the Warcraft III map section on this site may also be trojens and if you spot such a map please report it to a map moderator or administrator as soon as possible so it can be removed.

Source : http://www.hiveworkshop.com/forums/late ... it-184310/

Also see this. http://www.thehelper.net/forums/showthr ... rcraft-III

That sucks =\


Lol owner. I've posted this on chat like a few months back but apparently noone gave a damn anyway. Some RPGs already use the preload exploit to save down your save code as it is.

Author:  owner123 [ July 4th, 2011, 2:28 pm ]
Post subject:  Re: Warcraft virus vulnerability again.

o.0. Like which?

Author:  Bushido [ July 4th, 2011, 2:51 pm ]
Post subject:  Re: Warcraft virus vulnerability again.

Doesn't the latest TBR use some sort of that method? Like, when do you a printscreen, it creates a folder in Downloads with a text file?

Author:  Nuuby [ July 4th, 2011, 3:00 pm ]
Post subject:  Re: Warcraft virus vulnerability again.

^Yeah just type -save
Cause apparently RPG makers found out that their users are too dumb to use gamecapture lulz

Page 1 of 1 All times are UTC
Powered by phpBB® Forum Software © phpBB Group
http://www.phpbb.com/