Warcraft virus vulnerability again.

Talk about anything you want, but keep it within the rules, please.
owner123
Super Moderator
Posts: 1943
Joined: February 3rd, 2009, 11:28 pm
Been thanked: 1 time

Warcraft virus vulnerability again.

Post by owner123 »

Many of us remember the great type casting problem a while ago where people were able to use Warcraft III as a means to infect computers with harmful software. Blizzard fortunately was able to stop the bug on BattleNet and eventually patched it.

However another equally bad exploit has been discovered, this time permitting Warcraft III to execute some form of scripting language via the Preload native. This can be used to get the game to download files from the internet and place them in dangerous folders (like windows or startup folders). The end result is another means for evil people to infect your computer with dangerous software. Although this method is less direct, it still permits Warcraft III maps to act as trojans to infect your computer.

The exploit apparently is the result of the Preload statement's mechanics. The native works by the use of a scripting language being passed to it but relies on the compiler to spot abuse and terminate the map load. However (like with the previous exploit) you can trick the compiler into thinking that its use is perfectly valid and so permit the compilation of the script with potentially horrible results.

It is advisable to not play any map from a source you do not trust. Avoid downloading maps from BattleNet or playing on bots you do not trust. A trojen map can even take the apparent form of one you already have and can download and run the exploit code before the lobby even loads. Remember that both single player and multiplayer maps are susceptible to this.

Be aware that freshly submitted maps to the Warcraft III map section on this site may also be trojens and if you spot such a map please report it to a map moderator or administrator as soon as possible so it can be removed.
Source : http://www.hiveworkshop.com/forums/late ... it-184310/

Also see this. http://www.thehelper.net/forums/showthr ... rcraft-III

That sucks =\
User avatar
Nuuby
Forum Staff
Posts: 519
Joined: October 18th, 2010, 8:43 am

Re: Warcraft virus vulnerability again.

Post by Nuuby »

owner123 wrote:
Many of us remember the great type casting problem a while ago where people were able to use Warcraft III as a means to infect computers with harmful software. Blizzard fortunately was able to stop the bug on BattleNet and eventually patched it.

However another equally bad exploit has been discovered, this time permitting Warcraft III to execute some form of scripting language via the Preload native. This can be used to get the game to download files from the internet and place them in dangerous folders (like windows or startup folders). The end result is another means for evil people to infect your computer with dangerous software. Although this method is less direct, it still permits Warcraft III maps to act as trojans to infect your computer.

The exploit apparently is the result of the Preload statement's mechanics. The native works by the use of a scripting language being passed to it but relies on the compiler to spot abuse and terminate the map load. However (like with the previous exploit) you can trick the compiler into thinking that its use is perfectly valid and so permit the compilation of the script with potentially horrible results.

It is advisable to not play any map from a source you do not trust. Avoid downloading maps from BattleNet or playing on bots you do not trust. A trojen map can even take the apparent form of one you already have and can download and run the exploit code before the lobby even loads. Remember that both single player and multiplayer maps are susceptible to this.

Be aware that freshly submitted maps to the Warcraft III map section on this site may also be trojens and if you spot such a map please report it to a map moderator or administrator as soon as possible so it can be removed.
Source : http://www.hiveworkshop.com/forums/late ... it-184310/

Also see this. http://www.thehelper.net/forums/showthr ... rcraft-III

That sucks =\
Lol owner. I've posted this on chat like a few months back but apparently noone gave a damn anyway. Some RPGs already use the preload exploit to save down your save code as it is.
owner123
Super Moderator
Posts: 1943
Joined: February 3rd, 2009, 11:28 pm
Been thanked: 1 time

Re: Warcraft virus vulnerability again.

Post by owner123 »

o.0. Like which?
User avatar
Bushido
Not an Admin, and Not Unique
Posts: 1880
Joined: March 1st, 2009, 12:30 pm
Title: Der Boss :D
Location: Germany

Re: Warcraft virus vulnerability again.

Post by Bushido »

Doesn't the latest TBR use some sort of that method? Like, when do you a printscreen, it creates a folder in Downloads with a text file?
Download Senethior's tool package here!
Spoiler for Funny shit:
Kryptonyte wrote:Pew-pew, together, 2pac and I can take over the world. Muhahahahahaha.
Kryptonyte wrote:@2Pac, You're a G. Keep your pimp hand strong.
Kryptonyte wrote:anyways i gtg, PEACE, MR. ZOMG O SO PRO U RAWKZ0RZ SUM BoXZ()RZ

Code: Select all

(23:22:14) FatherSpace: BWAHAHA
(23:22:21) FatherSpace: I am 1337, you must fear my coolness.
(23:22:51) FatherSpace: I got bored, so I made a Python script so now whenever I open Terminal, I get a random haiku from here: http://www.smalltime.com/Haiku
(23:24:12) FatherSpace: afk... Killing myself. :(

Code: Select all

(03:52:56) ChatBot: (673237) logs into the Chat.
 (03:53:08) (673237): plzplzplz, im sorry about before.
 (03:53:26) FatherSpace: I'm sorry you were born.
(03:53:31) ChatBot: (673237) has been logged out (Kicked).

Code: Select all

(21:39:14) GeorgeMots: Jen are you there?
(21:39:44) 2Pac: ...lol?
(21:39:49) 2Pac: (21:22:22) ChatBot: UndeadxAssassin has been logged out (Timeout).
(21:39:52) GeorgeMots: w00t
(21:39:54) GeorgeMots: rofl
(21:39:58) GeorgeMots: *facepalm*
(21:39:59) 2Pac: you definetly fail
Get to know Bushido alias 2Pac alias King-Bushido!
User avatar
Nuuby
Forum Staff
Posts: 519
Joined: October 18th, 2010, 8:43 am

Re: Warcraft virus vulnerability again.

Post by Nuuby »

^Yeah just type -save
Cause apparently RPG makers found out that their users are too dumb to use gamecapture lulz