New Wc3 exploit

Bl00D R3av3r · Post by **Bl00D R3av3r** » April 30th, 2009, 2:17 pm

Recently a very dangerous exploit was discovered within Warcraft III.
Namely, it's possible to execute bytecode through a map using Jass thus allowing practically anything, including distributing malware (viruses, trojans etc).
But, don't take my word for it, try the proof-map found here yourself (it is recommended that you run it in a window).

Source: thehelper

X-Isle · Post by **X-Isle** » April 30th, 2009, 6:37 pm

thanks for the info... well unless you are almost playing in public places and you use public computers that you dont own... well you might as well wouldnt mind it... This is a good heads up for those computer cafe owners, so that they would be able to prevent any harms this exploit can bring.

Post by **Bartimaeus** » May 1st, 2009, 4:47 am

Dekar has confirmed this.

Bl00D R3av3r · Post by **Bl00D R3av3r** » May 1st, 2009, 2:14 pm

for more informations you could try this link

IceMan · Post by **IceMan** » May 4th, 2009, 10:50 am

What versions of Warcraft 3 does this exploit apply to? Is it only 1.23? If a private server were to downgrade to a slightly older version would they be safe from this exploit? Lol maybe this could be an excuse to convince whatever private server you play on to downgrade from 1.23. =D

Post by **Ozzapoo** » May 4th, 2009, 10:54 am

Post by **rnbby** » May 7th, 2009, 2:53 am

anyone interested in making an exploit? hehe

There's already a PoC of it which execs cmd.exe.

Dang! I'm too noob to understand all the code in PoC.

Post by **Hillo** » May 7th, 2009, 12:32 pm

Blizzard wrote:Warcraft III Custom Map Security Warning
We have identified an exploit that could allow malicious software to be spread through Warcraft III maps. We have applied a temporary fix to address this issue when playing on Battle.net, and we are working on a patch to permanently address the issue when playing on a LAN or playing single-player custom maps. In the meantime, we recommend that players avoid downloading maps from unofficial sources or websites they do not trust -- be aware that corrupted maps may share the same name as other popular maps. If you encounter custom maps that no longer function or other issues related to this fix, please post details below.

IceMan · Post by **IceMan** » May 28th, 2009, 3:06 pm

Perhaps this link can help:

http://forums.boredaussie.com/viewtopic ... 2cc8a01d75

Note I did not make this application.
Below I have copied and pasted directly from the website part of that post:

Fixes:

I have written an application that mimics the actions of the official Blizzard hotfix for this issue. I can't and won't put any guarantees on this working or causing damage. Unlike the blizzard patch, however, you don't have to login for this to work, works for singleplayer and most likely LAN games also, I highly advise its use.

Instructions:
Extract the executable anywhere.
Run this application.
Run Warcraft III.
You should now be safe from maps that contain bad code.
You will need to do this everytime you restart Wc3.

Link: http://files.filefront.com/OverflowFixr ... einfo.html

wc3edit.net

New Wc3 exploit

New Wc3 exploit

Re: New Wc3 exploit

Re: New Wc3 exploit

Re: New Wc3 exploit

Re: New Wc3 exploit

Re: New Wc3 exploit

Re: New Wc3 exploit

Re: New Wc3 exploit

Re: New Wc3 exploit