<<< Date Index >>>     <<< Thread Index >>>

Unreal engine updates and Battle Mages advisory



I have an update about the methods used to test the format string
vulnerability in the Unreal engine I reported yesterday.
I have solved a problem in the windows version of my proof-of-concept
unrfs-poc (now version 0.1.1):

  http://aluigi.altervista.org/poc/unrfs-poc.zip


The following instead is a very fast and easy method to test the Unreal
engine based games without using external programs or complicated exploits.
I highly suggest users to use this quick method instead of the previous
proof-of-concept:

-----
   Another method to test the vulnerability is the adding of %n after
   "Class=" in the file system/user.ini

   Example:

   From:
     Class=Engine.Pawn

   To:
     Class=%n%nEngine.Pawn

   If the game is vulnerable it will crash when launched.
-----


The last news regards an advisory about a server freeze bug in the new game
Battle Mages:

  http://aluigi.altervista.org/adv/battlemages-adv.txt


BYEZ


--- 
Luigi Auriemma
http://aluigi.altervista.org