找回密码
 点一下
查看: 2388|回复: 10

New Warcraft III security exploit... (不知道是不是真的)

[复制链接]
发表于 2010-12-29 09:12:45 | 显示全部楼层 |阅读模式
New Warcraft III security exploit...

Many of us remember the great type casting problem a while ago where people were able to use Warcraft III as a means to infect computers with harmful software. Blizzard fortunately was able to stop the bug on BattleNet and eventually patched it.

However another equally bad exploit has been discovered, this time permitting Warcraft III to execute some form of scripting language via the Preload native. This can be used to get the game to download files from the internet and place them in dangerous folders (like windows or startup folders). The end result is another means for evil people to infect your computer with dangerous software. Although this method is less direct, it still permits Warcraft III maps to act as trojans to infect your computer.

The exploit apparently is the result of the Preload statement's mechanics. The native works by the use of a scripting language being passed to it but relies on the compiler to spot abuse and terminate the map load. However (like with the previous exploit) you can trick the compiler into thinking that its use is perfectly valid and so permit the compilation of the script with potentially horrible results.

It is advisable to not play any map from a source you do not trust. Avoid downloading maps from BattleNet or playing on bots you do not trust. A trojen map can even take the apparent form of one you already have and can download and run the exploit code before the lobby even loads. Remember that both single player and multiplayer maps are susceptible to this.

Be aware that freshly submitted maps to the Warcraft III map section on this site may also be trojens and if you spot such a map please report it to a map moderator or administrator as soon as possible so it can be removed.
发表于 2010-12-29 10:14:49 | 显示全部楼层
这个貌似几个月前就被发现了呢。很神奇的漏洞。

不过war3嘛怎么样都好啦。
回复

使用道具 举报

发表于 2010-12-29 10:26:24 | 显示全部楼层
手机党没看懂。
回复

使用道具 举报

发表于 2010-12-29 10:52:27 | 显示全部楼层
简单地说,可以把你定制的字符输出成一串bat指令并存成一个bat文件,可以执行一些bat命令,比如从网上下个病毒然后塞你启动项里。

而且比jass虚拟机漏洞还方便很多。至少不需要写机器码。
回复

使用道具 举报

发表于 2010-12-29 10:55:34 | 显示全部楼层
soon(R) microsoft will publish its bugdows 8 with ever more limits then 7 or 6 with ever harder DRM and many many "stupid" people will buy it (cos its desktop soooooo beutifullll) and every old game will die, cos it wont support 32 bit applications well.

好吧我看到了这段话联想到了头目……砰……
回复

使用道具 举报

发表于 2010-12-29 11:00:06 | 显示全部楼层
好神奇...
回复

使用道具 举报

发表于 2010-12-29 11:47:55 | 显示全部楼层
1.25要出了~
回复

使用道具 举报

发表于 2010-12-29 12:42:31 | 显示全部楼层
好吧,我写个帖子详细说说原理好老。
回复

使用道具 举报

发表于 2010-12-29 13:01:50 | 显示全部楼层
其实就是PreloadGenEnd可以生成本地文件,内容就是那些Preload语句,然后把它伪装成一个符合bat语法的文件
回复

使用道具 举报

发表于 2010-12-29 13:12:20 | 显示全部楼层
真是简单易用的泄露。
回复

使用道具 举报

发表于 2010-12-29 14:02:18 | 显示全部楼层
回复 1 0

使用道具 举报

您需要登录后才可以回帖 登录 | 点一下

本版积分规则

Archiver|移动端|小黑屋|地精研究院

GMT+8, 2024-11-24 05:06 , Processed in 0.094346 second(s), 18 queries .

Powered by Discuz! X3.5

© 2001-2023 Discuz! Team.

快速回复 返回顶部 返回列表