Serious bug in lfs2
(89 posts, closed, started )
Oooh, a new exploit mod.

noo not a mod u numpty you have no idea what im on about do you obviously by that statement you don't.With this exploit some one can gain access to your computer download and execute a exe could be a trojan or keyloger inject a dll execute commands's Some of the thing's that can be achieved with our 750 byte's buffer ..

Shame it was made/found by an idiot, but if he can find it so can anyone else here.

First of all you don't know me this kind of comment just make's me want to release it and let the lfs racer's deal with it at the end of the day the vendor has been notified there is nothing they can do if i do release it your just a kid that like's to flame people if you have nothing constructive to post don't,Also i like to point out one thig i've been doing this for 6 year's m8 so i don't think it's just as easy to say hey if he find's it any one can it's wrong kind of attitude you have.I know a few security researcher's who have tested lfs2 one of them a close friend who never came across this bug his name is Luigi Auriemma google it he found the fake player's bug in lfs.Now shut the fuk up.

Bind Shell

Bind DLL Inject

Windows Executable Download and Execute

Executenet user /ADD

Windows Reverse Shell

Just many of the thing's im able to achive it's not a exploit for the actual race to cheat if that's what your thinking any way i've sent the email to dev's so ill let you know of the update's.

It's only a local exploit so it's not a major issue, however it is an issue.

It put's every one with lfs in risk serious risk like i said it wont be to hard to trick some one with this i promise you that,The dev's will take it seriously i can guarantee of that the risk level what security site's give for this is red which is on the scale of 1-10 this would be about 8 to 9 at least.
Did they teach you sarcasm in kindergarten? I know it's hard developing social skills (or any skills judging by how you write) stuck in front of a computer trying to find ways people can access your computer, but do try a bit harder.

I found a HUGE exploit with LFS. I have a keyboard on my computer, and anyone (and I mean ANYONE) could just start a trojan running, or install some nasty virus. I hope the LFS devs can sort it out.
tristancliffe you fail to grasp the whole concept of what im talking about may-be you need to learn to program and may-be learn wtf im talking about if not just don't post please your a flame whore that's think's he is cleaver behind his computer.Yes any one can download a trojan but you have no idea so shut up.The dev's have 24 hour's then im releasing it im just sick if some of you some one tries to do the lfs community some good and you flame well done.

stuck in front of a computer trying to find ways people can access your computer, but do try a bit harder.

Obviously i don't need to try any harder m8 i've already proved lfs is exploitable and able to put other lfs user's at risk.Now please stop spaming in my post ego tripper.

I found a HUGE exploit with LFS. I have a keyboard on my computer, and anyone (and I mean ANYONE) could just start a trojan running, or install some nasty virus.

That's what im talking about the kiddy mentality of some people.
Quote from muhaa :The dev's have 24 hour's then im releasing it...

You had some credibility in my books until this statement.
Your now giving the DEVs an ultimatum or you release your exploit, how mature. For someone who has been around LFS for nearly 2 years i would have thought you'd have more support for the sim and it's future.
I don't understand your mentality, i think your on a bit of a power trip to be honest. Would you like a ladder? Or can you jump down from that high horse?
No lol im just mad at the tristancliffe guy he is flaming for no reason what so ever i do agree that was said in the moment of heat i was pissed off but nah this is safe with me untill it's patched i wont release it till then after patch then i will becouse i can still release the poc after the exploit has been patched.And you are right i love lfs it would be a shame since they done such a great job at it.
Quote from muhaa :No lol im just mad at the tristancliffe guy he is flaming for no reason what so ever i do agree that was said in the moment of heat i was pissed off but nah this is safe with me untill it's patched i wont release it till then after patch then i will becouse i can still release the poc after the exploit has been patched.And you are right i love lfs it would be a shame since they done such a great job at it.

I wouldn't let a few members of the community give you a bad impression.... If this is a genuine threat and you do help solve the problem the kudos to you.
You never know i might even get a free copy of lfs3 when it come's out .
Erm... he isnt flaming... Actually he makes sense... Maybe you're angry at him or disappointed, but you even didnt read his last post'good enough, and misquoted it. He was talking about your social skills.

edit: let me put it this way:
What he's trying to say is: if you use proper sentences and a good topic title, people are taking you more serious.
I'm not that technical, but that doesnt mean I'm dumb. I don't understand a word of the bug you found, but the way you make your bug known doesnt really help yourself. If you would have taken 1 minute longer to write your message, nobody would have questioned your bug.
M8 at the end of the day it don't matter what is typed belongs the bug get's fixed my english is not 100% i've already stated that..

Erm... he isnt flaming

I think he was m8 maybe you need to read the whole thing.Topic tittle sum's it up realy well i thought.Good new's dev's been in touch im sending a poc code tonight so they can find out where the buffer over flow is .
i think this thread needs closing :smileyrai
I'll be your Guinea pig. Get in touch!
Well done muhaa, it sounds like you've found something significant that the dev's should look at.

Ignore Tristan. For some reason he feels the need to abuse those whom he doesn't feel are 'worthy' of holding an opinion. It's a real shame because when he's not spouting bile he has some interesting things to say.

However, your posts are quite difficult to read. Is it really too much to ask that you write in properly punctuated sentences?
contact the people you know you should and stop posting.
When i get more time tonight i will edit the post's .I've already been in touch with the dev's.I've already sent them load's of email's and not much response to tell you the truth i thought they would have been more bothered.Is there any where i can actually speak to the dev's.I've just completed a 1 and a half page poc on the subject.
I couldn't follow the technical details of what muhaa was saying either - and poorly written English annoys me no end...

However - in this case the CONTENT of what muhaa is saying is far more important than his spelling and grammar, so please stop picking on the presentation of his posts and concentrate on the fact that the guy is trying to help the development of LFS by pointing out an exploitable bug - or would you all rather he didn't bother and down the line some trojan worked its way into YOUR system because YOUR pettiness chased guys like him away? :rolleyes:
Thank's keith yes what your saying is right i just realized,Live for speed is based in the uk maybe there is a phone number for one of the dev's i don't want to talk to any one unless they have some programing or asm experiance.Becouse i think it would be pointless otherwise,Maybe even a msn address im due to go to work i will try and stay off tomorrow to get this resolved might as well missed 1 day off already.
So how exactly would you exploit this iffy buffer? Register a malicious server on LFSWorld and attack anyone who connects to it? It seems like a lot of work for very little return - how many PCs do you think you'd be able to own before it was snuffed out?

It just seems to me that finding exploits in niche software is a waste of everybody's time.
Wow lol well first of all you wouldn't be saying that if i had tricked you in doing some thing that you had no idea of the consequence,Like i've said im not going into detail's about this un-till there is a patch released for it.Simply because i think's it pretty self explanatory,As for you think it's point less,Do you like using un-secure software if your answer is no.Then you are lucky that's there's people around that do care.But like i said you wouldn't be so happy if you got haked through this i would say easy take alot of people who wouldn't even know that it happened the process still run's silently in the back ground till it's to late.

It seems like a lot of work for very little return

Exactly there is alot of work involved if lfs was to pay some one for it they would be charging easy 250 quid an hour.

how many PCs do you think you'd be able to own before it was snuffed out?

Alot considering there is no warning at all i think alot of people i myself would even fall for it straight away with out thinking of any thing till it was too late.
Regardless, I don't think anybody is likely to start using LFS to expand their collection of backdoored home PCs any time soon. How many users do we have; 100,000 tops? I'm sure there are enough available flaws in Internet Explorer which can be exploited with something as simple as an iffy web page - why bother going to the trouble of constructing a knock-off LFS server?
Sure, but if the bug is there, it is still a danger to the community. Think of people like Phlos, or someone who just wants to cause trouble. If the bug is as serious as muhaa says it should be fixed asap.
good job n00b
n00b respect mate, i have a very good idea of what you're talking about as im an informatic by myself. the way you try to handle this is very honest. i know about some people who are doing same stuff like you do but they have no fear to make it public. so keep it up, good job. hope the dev's take you seriuos guess they will as it really seems to be a very dangerous exploit.

Executenet user /ADD

uhhh, dang, door wide open. let's get inside and have a look what we are going to find here now ...

all the people who have no really idea of what hes talking about should really shut up and went back to race, do some pb's or whatever

btw im 0% english, so sorry for my bad spell. also sorry for the way im presenting you this posting .... expecting flames, please show me i am wrong, omg!
Well tbh it's hard enough to read english and if someone doesn't really care about typos etc. it's even harder to read for non-English people like me.

But the tenor of muhaa's posts really annoys me.

- Muhaa first you wasn't sure if the "bug" 100% exists
- Then people/mods told you to contact the Devs (usually the case was closed for the public now)
- Then you were sure the "bug" existed
- Then people told you again to contact the Devs (2nd time to close this case for the public)

-Then you try to threaten people/the devs? with things like
Quote from muhaa :"...That's just a hand full that i've released due to vendor taking no notice"

Quote from muhaa :"The dev's have 24 hour's then im releasing it"

and now in the end you
Quote from muhaa :"don't want to talk to any one unless they have some programing or asm experiance"

If you really want to help the community (like you said) and to not look like a cheap attention whore, like you did.

Just send the infos about it and maybe your poc, if you now got one, to the devs and that's it. (others doing it exactly this way)

There is no need to act like "I'm the mega exploit dev and if no one is listening to me right here right now I'm making everything public.

Quote from muhaa :That's what im talking about the kiddy mentality of some people.

Me too
thisnameistaken you have no idea haw this bug is exploitable which will be released here once the dev's have fixed the over flow i think you will be surprised,Just wait untill i release the detail's before you go making any comment's,It has nothing to do with an iffy server m8 nothing at all.The dev's want me to provide a full working poc code in c++ tonight so they can get it fixed,Any buffer over flow is a major threat it's just a shame you don't realize it,Let the dev's do there work then i will release the full detail's of the exploit with poc provided so if you want to test it your self before you update lfs you can.
I think some of the feed back is totally unessesry i could have kept my mouth shut about it and just released it to the public haw the hell am i supposed to write a poc and give them the info about it,When im siting here arguing with kid's,Just let me get it done then it will get fixed.There is no law to say i have to hand the detail's over i am doing so the lfs community can get a better experience from the game and not have to worry about stuff like this.And as for the comment's you made on the post's and what i've said i was pretty pissed of at the way people over reacted to stuff i had posted.When i said it wasn't exploitable i coulndn't reacreate the seh over write method but stumbled upon a more sinister way of exploiting the bug...Just let the dev's do there work.
ok so if i caught your drift youve found a non remote exploitable buffer overflow right ?
so basically you need to inject a malicious exe into somebody elses pc to be able to execute malicious code on his machine ?

doesnt sound quite as serious as you make it with the obvious hurdle of infecting the machine before you can actually do anything
if he is really able to execute calculator.exe, well i think that shows the risk level of this exploit
This thread is closed

