I have an update about the methods used to test the format string
vulnerability in the Unreal engine I reported yesterday.
I have solved a problem in the windows version of my proof-of-concept
unrfs-poc (now version 0.1.1):
http://aluigi.altervista.org/poc/unrfs-poc.zip
The following instead is a very fast and easy method to test the Unreal
engine based games without using external programs or complicated exploits.
I highly suggest users to use this quick method instead of the previous
proof-of-concept:
-----
Another method to test the vulnerability is the adding of %n after
"Class=" in the file system/user.ini
Example:
From:
Class=Engine.Pawn
To:
Class=%n%nEngine.Pawn
If the game is vulnerable it will crash when launched.
-----
The last news regards an advisory about a server freeze bug in the new game
Battle Mages:
I have an update about the methods used to test the format string
vulnerability in the Unreal engine I reported yesterday.
I have solved a problem in the windows version of my proof-of-concept
unrfs-poc (now version 0.1.1):
http://aluigi.altervista.org/poc/unrfs-poc.zip
The following instead is a very fast and easy method to test the Unreal
engine based games without using external programs or complicated exploits.
I highly suggest users to use this quick method instead of the previous
proof-of-concept:
-----
Another method to test the vulnerability is the adding of %n after
"Class=" in the file system/user.ini
Example:
From:
Class=Engine.Pawn
To:
Class=%n%nEngine.Pawn
If the game is vulnerable it will crash when launched.
-----
The last news regards an advisory about a server freeze bug in the new game
Battle Mages:
http://aluigi.altervista.org/adv/battlemages-adv.txt
BYEZ
---
Luigi Auriemma
http://aluigi.altervista.org
[ reply ]