YOUR CORE iS OLD VERSiON OR MYTHCORE - PROJECT

https://github.com/azerothcore/azerothcore-wotlk/issues/2152

PLEASE UPDATE YOUR CORE TO AC / LAST

i prepared this for bounty
and now i think this crash is doing with an software like WPE PRO
i have a log about this, this log some times appear (not always)
1564663015,5,1,0,WorldSession::Update ByteBufferException occured while parsing a packet (opcode: 682) from client xxx,xxx,xxx,xxx, accountid=140224. Skipped packet.,1564663015,5,1,0,WorldSession::Update ByteBufferException occured while parsing a packet (opcode: 682) from client xxx,xxx,xxx,xxx, accountid=140224. Skipped packet.,1564663015,5,1,0,WorldSession::Update ByteBufferException occured while parsing a packet (opcode: 682) from client xxx,xxx,xxx,xxx, accountid=140224. Skipped packet.,1564663014,5,1,0,WorldSession::Update ByteBufferException occured while parsing a packet (opcode: 682) from client xxx,xxx,xxx,xxx, accountid=140224. Skipped packet.,1564663014,5,1,0,WorldSession::Update ByteBufferException occured while parsing a packet (opcode: 682) from client xxx,xxx,xxx,xxx, accountid=140224. Skipped packet.,
more crash logs
https://gist.github.com/blackdev01/be70081dde07f0671d26d3d82a596fa5
https://gist.github.com/blackdev01/d3cc766ac75436e84b607ab63448c3d3
https://gist.github.com/blackdev01/67c946ea33394f2fc73b17d529144e16

@wowmane please stop spam my core is AC + custom codes.
another users have this problem too
https://github.com/azerothcore/azerothcore-wotlk/issues/2150
( last rev )
https://github.com/azerothcore/azerothcore-wotlk/issues/2043
and
https://github.com/azerothcore/azerothcore-wotlk/issues/1895

@wowmane
who are you ?! and why should i Deception you ?!

I saw your reports:
I have nothing more to say, You are deceiving us!

https://github.com/azerothcore/azerothcore-wotlk/issues/2152

https://github.com/azerothcore/azerothcore-wotlk/issues/2170

https://github.com/azerothcore/azerothcore-wotlk/issues/1895#issuecomment-517947804

@wowmane
i heard your idea enough , let others to say their opinionS
i don't know why azerothcore 's admin don't stop you. you are not normall person

this crash log appear today , after 5 crash happend continuously .
https://gist.github.com/blackdev01/5c52ca5937aaf0946ac57c50b909b27a

i know hacker have to be online in a game for this crash .
exploiter can do this crash even with a new character .

hello
i have a crash on my source , that seems to be an exploit
this is my crashlogs
https://gist.github.com/blackdev01/827699f9682ff12155cf770530e09623
https://gist.github.com/blackdev01/88d91dfedfbf789f2e847f7966c7a2a6
https://gist.github.com/blackdev01/fafda762ee8e2fc1a15bb269740fe906
https://gist.github.com/blackdev01/5f7b2cd3d4191227b06027ed257f1ea7

this my rev : a9b981d
os : debian 8
i saw an report about this problem , i think my problem is look like this one

this post is a bounty post i'll pay 20$ for this
my Discord : ProGrammer#8649

Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.

@blackdev01

Your project Core is for:
https://github.com/Darkelmo/Myth-Core

You have a private project, first of all upgrade your core to last rev AC !
Your version is very old and has many problems...
This problem does not exist in AC

Why don't you understand?

@wowmane if you dont have fix of this problem so dont spam and let others check it

hmmm @blackdev01 apparently your core is almost 1 year old

yes but i did most of updates and this crash is reported on last rev too
https://github.com/azerothcore/azerothcore-wotlk/issues/2150
i think this bug is exist on all of azerothcore revision .

@blackdev01 Update your core to the last version, then enable trace/debug logs in worldserver.config then send it.

@BarbzYHOOL @masterking32 This bug isnt related to old versions , I already updated my source but the problem didnt solve

2150

@alihajipoor, Ok, As I said in both issues, enable your trace/debug logs then share it If you have the last version of AC.
And I think both issues are same, so I think need to close #2150.

We will wait for your log,
But, One question, SOAP/Telnet/MySQL port is open in your server?
@alihajipoor @blackdev01

hi
i activated this log ,i'll send that here after first crash

telnet/mysql/soap are closed from out of network
i did some changes on my source ,i'll announce if that fix the issue.

@masterking32 I sent too many logs you can check #2150

Mysql port only acessible on localhost

@blackdev01 So, It's ok, Send feedback and log if needed.
@alihajipoor Enable your trace/debug logs in worldserver.conf and share that log!

@masterking32 Here you are : https://mega.nz/#!y3hVgARR!uk4RqSjRIvMTyAix93LqufRlYrbXeez9msEO8aP46Ms

(Logs download link)

Your code is not clean, Try my last commit and then send logs again.

not fixed .
new crash log
https://gist.github.com/blackdev01/9477f106f977e31fed3d28366a58e252

I have new crash too , and previous fix dosen't solve problems.

https://gist.github.com/alihajipoor/f1a44ce8f7751926d0938011dff1c1e7

hello
i have a crash on my source , that seems to be an exploit
this is my crashlogs
https://gist.github.com/blackdev01/827699f9682ff12155cf770530e09623
https://gist.github.com/blackdev01/88d91dfedfbf789f2e847f7966c7a2a6
https://gist.github.com/blackdev01/fafda762ee8e2fc1a15bb269740fe906
https://gist.github.com/blackdev01/5f7b2cd3d4191227b06027ed257f1ea7

this my rev : a9b981d
os : debian 8
i saw an report about this problem , i think my problem is look like this one

this post is a bounty post i'll pay 20$ for this
my Discord : ProGrammer#8649

Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.

@blackdev01

i just want to help you , Your core need update to the latest version AC
Your version is too old and are many problems...

@wowmane I updated my core recently , but still have crash

Your crash log is different.

There is also a hacker attack
This is the attack macros used by hackers, found in the game character macros

I can only comment on the code to prevent this kind of hacking

Should be a macro with a packet attack we hack
Unable to restore attack environment
All AC cores have this vulnerability

https://pastebin.com/7DH1ghZB - crashlog

The hacker uses the program, just go to the server to press the button and crash happens, unfortunately I do not have a program

"There is no need to carry out any specific actions; just press 1 button"

There are suspicions that the problem is here Map.cpp - void Map :: Update

This crash also works on the latest version of TC

@blackdev01 changed id to @dante6319

Why did you rename it? iD !!

and this crash is for: Spells/ Auras/ SpellAuras

Where do you know , Map! give of packet size for accountid.

There is also a hacker attack
This is the attack macros used by hackers, found in the game character macros

I can only comment on the code to prevent this kind of hacking

cannot reproduce with this macro?

CrashServer() ?

This is another attack, taking advantage of the role available commands and packet injection. @disclosurez @BarbzYHOOL

Thank you. I just found out.

Util.cpp

#include <array>
.......
std::wstring GetMainPartOfName(std::wstring wname, uint32 declension)
{
    // supported only Cyrillic cases
    if (wname.empty() || !isCyrillicCharacter(wname[0]) || declension > 5)
        return wname;

    // Important: end length must be <= MAX_INTERNAL_PLAYER_NAME-MAX_PLAYER_NAME (3 currently)
    static std::wstring const a_End = { wchar_t(0x0430), wchar_t(0x0000) };
    static std::wstring const o_End = { wchar_t(0x043E), wchar_t(0x0000) };
    static std::wstring const ya_End = { wchar_t(0x044F), wchar_t(0x0000) };
    static std::wstring const ie_End = { wchar_t(0x0435), wchar_t(0x0000) };
    static std::wstring const i_End = { wchar_t(0x0438), wchar_t(0x0000) };
    static std::wstring const yeru_End = { wchar_t(0x044B), wchar_t(0x0000) };
    static std::wstring const u_End = { wchar_t(0x0443), wchar_t(0x0000) };
    static std::wstring const yu_End = { wchar_t(0x044E), wchar_t(0x0000) };
    static std::wstring const oj_End = { wchar_t(0x043E), wchar_t(0x0439), wchar_t(0x0000) };
    static std::wstring const ie_j_End = { wchar_t(0x0435), wchar_t(0x0439), wchar_t(0x0000) };
    static std::wstring const io_j_End = { wchar_t(0x0451), wchar_t(0x0439), wchar_t(0x0000) };
    static std::wstring const o_m_End = { wchar_t(0x043E), wchar_t(0x043C), wchar_t(0x0000) };
    static std::wstring const io_m_End = { wchar_t(0x0451), wchar_t(0x043C), wchar_t(0x0000) };
    static std::wstring const ie_m_End = { wchar_t(0x0435), wchar_t(0x043C), wchar_t(0x0000) };
    static std::wstring const soft_End = { wchar_t(0x044C), wchar_t(0x0000) };
    static std::wstring const j_End = { wchar_t(0x0439), wchar_t(0x0000) };

    static std::array<std::array<std::wstring const*, 7>, 6> const dropEnds = { {
        { &a_End,  &o_End,    &ya_End,   &ie_End,  &soft_End, &j_End,    nullptr },
        { &a_End,  &ya_End,   &yeru_End, &i_End,   nullptr,   nullptr,   nullptr },
        { &ie_End, &u_End,    &yu_End,   &i_End,   nullptr,   nullptr,   nullptr },
        { &u_End,  &yu_End,   &o_End,    &ie_End,  &soft_End, &ya_End,   &a_End  },
        { &oj_End, &io_j_End, &ie_j_End, &o_m_End, &io_m_End, &ie_m_End, &yu_End },
        { &ie_End, &i_End,    nullptr,   nullptr,  nullptr,   nullptr,   nullptr }
    } };

    std::size_t const thisLen = wname.length();
    std::array<std::wstring const*, 7> const& endings = dropEnds[declension];
    for (auto itr = endings.begin(), end = endings.end(); (itr != end) && *itr; ++itr)
    {
        std::wstring const& ending = **itr;
        std::size_t const endLen = ending.length();
        if (!(endLen <= thisLen))
            continue;

        if (wname.substr(thisLen - endLen, thisLen) == ending)
            return wname.substr(0, thisLen - endLen);
    }

    return wname;
}

ObjectMgr.cpp

bool normalizePlayerName(std::string& name)
{
    if (name.empty())
        return false;

    std::wstring tmp;
    if (!Utf8toWStr(name, tmp))
        return false;

    wstrToLower(tmp);
    if (!tmp.empty())
        tmp[0] = wcharToUpper(tmp[0]);

    if (!WStrToUtf8(tmp, name))
        return false;

    return true;
}

Can this fix it?
Can a friend test it?

Crash with auras is a separate crash, it has nothing to do with normalizePlayerName https://pastebin.com/U4HLdcPr CONFIM

@blackdev01 & @dante6319

Why are you spamming so much?
stop creat fake id/acc for spam confirm

What's your problem ? crashes logs !
maps? spells? chats? gobjects? auras? instaces?

WTF / Troll

I left 2 messages, why are you writing something here, friend, we provided a specific log. The problem really is, and it is critical.

That's just your problem, You confirm with other accounts!

This is not a kind of crash, crash/logs is different!

In my server 580x online player and I have no problem.

wowmane
please give me link your server ;)

wowmane
please give me link your server ;)

@blackdev01 & @dante6319 and other fake your id accounts

please tell me!

First you, what is your server site, and where are u from ?!

Please remove the offtopic wowmane, it is so stupid that it does not understand that these are not random falls, but purposeful caused crashes

@BarbzYHOOL
Please clear everything from offtopic, this is a very serious problem

https://pastebin.com/kcEiMFjX
This crash is used by the script kiddy and then blackmailed.

@wowmane This crash happened for me too, don't be stupid and don't repeat your words when you cant help us just leave this topic and go away, maybe somone would help us to fix this problem

I notice : this crash is doing by someone not from server, consider that is exploite

Software allows you to modify any package sent by the client. By sending garbage in data block, you can crash the kernel because there are too few checks on the data received from the client. Well, I ask you to apologize for my poor English.

@Viste said it would fix it for $ 50

Собираю сумму чтобы повысить стоимость за фикс, до 50$
https://yasobe.ru/na/fiks_krawei_azerothcore_issues2170

Был бы человек который смог это исправить, быстро бы собрали.

Был бы человек который смог это исправить, быстро бы собрали.

Человек как раз есть, и он уже сделал, но никто пока не помог со бором
тут ценник 20$ надо просто добавить еще 30$ или 2000руб

Ещё не до конца сделал

Скинул, немного

what to delete here?

@BarbzYHOOL, what?

Dante asked me to delete comments

Is anybody trying to update?

This problem persists.

there is a crash log for a long time ago : https://pastebin.com/f7erSPWc
but i have this log on azerothcore for 3days ago
crash start :
MotionMaster::UpdateMotion

@blackdev01

there is a crash log for a long time ago : https://pastebin.com/f7erSPWc
but i have this log on azerothcore for 3days ago
crash start :
MotionMaster::UpdateMotion

this crash not related to this issue need make another

I know the bug.

If anyone can explain me how to reproduce this bug, I'll try to fix it.

Hope this PR could help: https://github.com/azerothcore/azerothcore-wotlk/pull/2407

@Helias Close ?

No, I don't know, because I don't know how to reproduce this issue and @blackdev01 didn't say anything.

@blackdev01 Could you explain how to reproduce this bug and if possible send us a new bug report we need to understand in order to find a solution

prolly same boat as #1895 but no idea how to reproduce @blackdev01

unconfirmed until further notice

I can't confirm the problem either. If the problem persists, please open a new issue with full instructions on how to reproduce the problem.

I close this as there is no reason to keep this open longer than unconfirmed.

@FrancescoBorzi please take a look at this too and remove the bounty

Bountysource does not let me claim the bounty yet (it's still marked as "open" on Bountysource, I think we just need to wait).

So marking this with the new label "unclaimed bounty" to not lose it. As soon as Bountysource will let me claim it, I will get this money and re-invest it on AzerothCore.

any news?

@pak3935 we weren't able to reproduce the issue

@FrancescoBorzi this happens by spoofing packets through wpe when sending information about the spell, all I know

@pak3935 if you find a way to reproduce the issue (with detailed information so other devs can reproduce it locally) please open a new issue report with all the details

@FrancescoBorzi , hi. I have soft for crash(sor for my eng lang) concretely this crash i dont know, but i have code for 2 crashes, (you already fix this) I hope you understand how this soft working :)

@FrancescoBorzi @Viste https://yadi.sk/d/-jVsLNZ-vdRu5w

crash soft