Is the crash window still visible on the desktop? There should be something like "click here to see more information" and that opens another window with some more information.

If that window has already been closed, the info may be lost. But which operating system are you using? In some cases a crash report is stored in some folder on your hard drive.

I'm using windows.

I will ask the hacker to turn it off again , please stay tuned , in some mins i give you that information.

Quote from Chriship :

EDIT: Attached replay from the hacker.

What hacker?

I don't see anything strange. You are talking about a different person then the one which this whole thread started with. I guess.

I know how to let LFS clients crash. Just overflow them with insim buttons... But insim behavior is not in replays.

Here you have


Problem Event Name: APPCRASH
Application Name: LFS.exe
Application Version: 0.0.0.0
Application Timestamp: 503d0063
Fault Module Name: LFS.exe
Fault Module Version: 0.0.0.0
Fault Module Timestamp: 503d0063
Exception Code: c0000005
Exception Offset: 00030007
OS Version: 6.1.7601.2.1.0.1296.17
Locale ID: 2057
Additional Information 1: b2b1
Additional Information 2: b2b1225930239f5256c7c685150562f3
Additional Information 3: d181
Additional Information 4: d18132131580abd51c1bdef26ad12e32

Read our privacy statement online:
http://go.microsoft.com/fwlink ... d=104288&clcid=0x0409

If the online privacy statement is not available, please read our privacy statement offline:
C:\Windows\system32\en-US\erofflps.txt


-He shutted it down again.

Quote from cargame.nl :

What hacker?

I don't see anything strange. You are talking about a different person then the one which this whole thread started with. I guess.

I know how to let LFS clients crash. Just overflow them with insim buttons... But insim behavior is not in replays.

ALF ( krup ) he sends packets into a server for shut it down.

Even if no insim online he does it also.

Ah.. Maybe only Windows based servers (f)

Wanna i tell him to shut down cargame.nl server?

Lets see if he can.

Thanks, I'll look into that crash report. Does krup know your admin password, or does he have a way to connect as an admin?

Quote from cargame.nl :

I know how to let LFS clients crash. Just overflow them with insim buttons...

Off topic but... if you can make an LFS client crash with a flood of insim buttons, do you know the crash address? LFS should be able to withstand abuse without crashing.

Please could you make a bug report for that so we discuss it in another thread?

@Scawen.

Nope he doesn't have any way to connect via admin.

Also he just typed the IP server adress...

He said that he scanned the error

Quote from Chriship :

Nope he doesn't have any way to connect via admin.

He is connected as an admin, so he has a way. I guess you mean he doesn't know the password. Are you sure about that?

Quote from Chriship :

Also he just typed the IP server adress...

I'm not exactly sure what you mean. Really he did a few things to be able to connect this way. Do you mean, he didn't contact the master server? Do you have a reply where he said these things, I'd like to hear it from him.

Quote from Chriship :

He said that he scanned the error

I don't have any idea what this means.

Quote from Chriship :

Wanna i tell him to shut down cargame.nl server?

Lets see if he can.

Maybe it's better if he just says what he is doing to let that happen but he can try it on the cargame.nl S0 if he really wants to proof it differently.

Quote from Scawen :

Please could you make a bug report for that so we discuss it in another thread?

If I recreate it, I will describe it in a new thread. Its been long ago since I stumbled upon this so I have no immediate details anymore.

I see from the crash address there is some kind of memory corruption taking place, perhaps a buffer overrun. I'll have to analyse the code very carefully to see what's happening, as I have no reason to think that the new incompatible improvements have changed that.

It would be really helpful if krup or AnakinSkywalker would let us know how they got in as an admin and how they could crash the host. It would take them a few minutes to send us the explanation, which packets they send to exploit the vulnerability. It would mean I could make LFS safe again and we could move on, and I could release the more responsive and reliable version that I have here and intended to release today. There is no development on the tyre physics while there is a security risk in LFS. I remember when Luigi Auriemma found vulnerabilities, he told us about how it was done, and that was great.

In that replay krup isn't connected as admin

Quote from Scawen :

I see from the crash address there is some kind of memory corruption taking place, perhaps a buffer overrun. I'll have to analyse the code very carefully to see what's happening, as I have no reason to think that the new incompatible improvements have changed that.

It would be really helpful if krup or AnakinSkywalker would let us know how they got in as an admin and how they could crash the host. It would take them a few minutes to send us the explanation, which packets they send to exploit the vulnerability. It would mean I could make LFS safe again and we could move on, and I could release the more responsive and reliable version that I have here and intended to release today. There is no development on the tyre physics while there is a security risk in LFS. I remember when Luigi Auriemma found vulnerabilities, he told us about how it was done, and that was great.

And now what? Again 3 years to wait or?

Quote from DANIEL-CRO :

In that replay krup isn't connected as admin

Ah, my mistake, thank you and sorry about that. In that case it's possible that B4 did solve the joining as an admin problem. That gives me some more hope!

So I'll restrict my searching to the ordinary packet interpretation code for players that have already connected.

Quote from Scawen :

Ah, my mistake, thank you and sorry about that. In that case it's possible that B4 did solve the joining as an admin problem. That gives me some more hope!

So I'll restrict my searching to the ordinary packet interpretation code for players that have already connected.

http://www.lfsforum.net/showthread.php?t=80093 :bowdown:
The decide your a problem?

No, I was mistaken - krup did not join as an admin. It appears that he has a way to mess up the memory a bit so it causes the host to crash.

So tomorrow I will just work through every packet's response code and every function called by those bits of code, in the hope of finding one that does not have its bounds checked, so a hacker can cause LFS to overwrite the wrong bit of memory.

It's boring and tedious work, the kind that makes my eyes go funny and my head spin. That's why it would be great if the hackers could lend a hand, and save me some pointless hours. Obviously it's only my fault that there is a bug, so I am the one to blame. It's great that the hackers found the bug. It would be even better if they could tell us too.

Quote from Scawen :

No, I was mistaken - krup did not join as an admin. It appears that he has a way to mess up the memory a bit so it causes the host to crash.

So tomorrow I will just work through every packet's response code and every function called by those bits of code, in the hope of finding one that does not have its bounds checked, so a hacker can cause LFS to overwrite the wrong bit of memory.

It's boring and tedious work, the kind that makes my eyes go funny and my head spin. That's why it would be great if the hackers could lend a hand, and save me some pointless hours. Obviously it's only my fault that there is a bug, so I am the one to blame. It's great that the hackers found the bug. It would be even better if they could tell us too.

Gl with that, i hope you'll figure your way out of this quickly.

Scawen, in the yard 2012 year. The hackers develop very fast and they will not to share this information. They these proud!
Donate a license s2 not variant.
Bad guys...

It is all about communication. But what are you trying to say now? You are meepmeep and you are not a hacker? Finding exploits and weaknesses in software for your own personal advantage is all about... Cracking.. Actually.

But a lot would improve when essential strings/values in the memory footprint would be crypted with a nice little crypt/decrypt routine. Sure, for the advanced that also isn't enough but for 99% it gets that hard that further attempts to screw things up are not being made.

Quote from Rhama :

but I find that hacker funny, guess why.

Is it because you are immature...is it because you like to ruin other peoples enjoyment..is it because you feel as if the world owes you something?
I could guess for hours but it would be far easier if you just told us?

Quote from Anthoop :

Is it because you are immature...is it because you like to ruin other peoples enjoyment..is it because you feel as if the world owes you something?
I could guess for hours but it would be far easier if you just told us?

or its him

Just more crap to delay the important updates, good job stupid hackers.

Hacker!!

communication deal with Scawen!

'S3 state/progress report' against 'the flawed code of line'!

you have him under your small command! :tempted:




:hidesbehi

Quote from Scawen :

He is connected as an admin, so he has a way. I guess you mean he doesn't know the password. Are you sure about that?

I'm not exactly sure what you mean. Really he did a few things to be able to connect this way. Do you mean, he didn't contact the master server? Do you have a reply where he said these things, I'd like to hear it from him.

I don't have any idea what this means.

Hello Scawen.

He isnt connected as admin. Since you've released the version 0.6B4 , he needed to update the program he uses for crash servers ( He said cause the old system he had wasnt working , so he found a new way to crash them , wich is not fixed. ).

When he was on server he said, i will scan the error, and he said.
I've got 2 ips.
1- From master server
2- From BPH Server.

And i've checked server ip , and it's the same one what he said.