• Welcome to Final Fantasy Hacktics. Please login or sign up.
 
March 19, 2024, 06:37:42 am

News:

Please use .png instead of .bmp when uploading unfinished sprites to the forum!


Be careful Warcraft 3 players! Potential virus attack!

Started by FFMaster, May 02, 2009, 03:27:30 am

FFMaster

I know a few people here who still play Wc3, and I would rather they know about the bytecode exploit.

Quote from: "thehelper.net announcement"Recently a very dangerous exploit was discovered within Warcraft III. Namely, it's possible to execute bytecode through a map using Jass thus allowing practically anything, including distributing malware (viruses, trojans etc).
But, don't take my word for it, try the proof-map found here yourself (it is recommended that you run it in a window).
To make sure Blizzard patches this ASAP, please report it using this form (make sure you download and attach the map when reporting).

However, until Blizzard patches this issue, I wouldn't recommend playing any new maps whatsoever. Better safe than sorry.

I would highly suggest that if you do play, you should avoid downloading any maps from unknown players on battle.net/Garena/Hamachi/whatever.

Link to an example of a map that abuses the exploit. Also in the quote.
http://www.wc3c.net/showpost.php?p=1080706&postcount=7
This map is harmless. All it does is open command prompt and displays some text for you to read. To run the map, just download it and run the map in windows mode or alt+tab once the map is loaded to see the effects.

UPDATE:
It seems this exploit can only occur in versions 1.22 and 1.23. If you wish to still play Wc3, you should find a private server that uses 1.21. That or wait for 1.24. Blizzard knows that this bug exists at least.
  • Modding version: Other/Unknown
☢ CAUTION CAUTION ☢ CAUTION CAUTION ☢

Zalge

May 02, 2009, 08:08:15 am #1 Last Edit: December 31, 1969, 07:00:00 pm by Zalge
Whoa, thanks man. I was actually JUST ABOUT to re-download WC3... Thanks for the news, man.

FFMaster

May 02, 2009, 08:57:47 am #2 Last Edit: December 31, 1969, 07:00:00 pm by FFMaster
Added more info on the exploit.
  • Modding version: Other/Unknown
☢ CAUTION CAUTION ☢ CAUTION CAUTION ☢

Xifanie

May 02, 2009, 10:07:56 am #3 Last Edit: December 31, 1969, 07:00:00 pm by Xifanie
... they "fixed" that years ago by constantly changing the offsets every new version for Starcraft.

DAMN THEM

Seriously it allowed EVERYTHING in a online Starcraft game, the first example was dragoon shooting mutalisk's thing when they attack IIRC. Since then Starcraft has lost many hacks since people don't really to want to bother changing every special hack in their map every new version.
  • Modding version: PSX
Love what you're seeing? https://supportus.ffhacktics.com/ 💜 it's really appreciated

Anything is possible as long as it is within the hardware's limits. (ie. disc space, RAM, Video RAM, processor, etc.)
<R999> My target market is not FFT mod players
<Raijinili> remember that? it was awful

Havermayer

May 05, 2009, 11:26:41 pm #4 Last Edit: December 31, 1969, 07:00:00 pm by Havermayer
Quote from: "Zodiac"Seriously it allowed EVERYTHING in a online Starcraft game, the first example was dragoon shooting mutalisk's thing when they attack IIRC. Since then Starcraft has lost many hacks since people don't really to want to bother changing every special hack in their map every new version.

Also, stuff like iccup has anti-hacking software to prevent you from using hacks :3

FFMaster

May 11, 2009, 06:21:22 am #5 Last Edit: December 31, 1969, 07:00:00 pm by FFMaster
Ok, apparently, Blizzard have made a temporary fix for this exploit. I haven't tested this out yet, but it should be fine on official servers at least.
http://forums.battle.net/thread.html?to ... 6&sid=3000
Quote from: "Blizzard"We have identified an exploit that could allow malicious software to be spread through Warcraft III maps. We have applied a temporary fix to address this issue when playing on Battle.net, and we are working on a patch to permanently address the issue when playing on a LAN or playing single-player custom maps. In the meantime, we recommend that players avoid downloading maps from unofficial sources or websites they do not trust -- be aware that corrupted maps may share the same name as other popular maps. If you encounter custom maps that no longer function or other issues related to this fix, please post details below.
  • Modding version: Other/Unknown
☢ CAUTION CAUTION ☢ CAUTION CAUTION ☢