[Full-disclosure] Re: Endless loop in Halo 1.06

From: Joel Esler (eslerj_at_gmail.com)
Date: 05/24/05

  • Next message: iDEFENSE Labs: "[Full-disclosure] iDEFENSE Security Advisory 05.24.05: Ipswitch IMail IMAP STATUS Remote Buffer Overflow Vulnerability" 
    Date: Tue, 24 May 2005 14:55:21 -0400
To: Luigi Auriemma <aluigi@autistici.org>

    (I suppose that may have been a little funnier, had I spelled "BASIC" correctly.

    Jeez...

    On 5/24/05, Joel Esler <eslerj@gmail.com> wrote:
    > I heard you can create a loop by using "BASEIC" code by going into the
    > menu running
    >
    > 10 Click on "Settings"
    > 20 Click on "Main Menu"
    > 30 Click on "Settings"
    > 40 Click on "Main Menu"
    > 50 GOTO 10
    >
    >
    > On 5/24/05, Luigi Auriemma <aluigi@autistici.org> wrote:
    > >
    > > #######################################################################
    > >
    > > Luigi Auriemma
    > >
    > > Application: Halo: Combat Evolved
    > > http://www.microsoft.com/games/pc/halo.aspx
    > > Versions: <= 1.06 and Custom Edition 1.00
    > > Platforms: Windows
    > > Bug: endless loop
    > > Exploitation: remote, versus server
    > > Date: 24 May 2005
    > > Author: Luigi Auriemma
    > > e-mail: aluigi@autistici.org
    > > web: http://aluigi.altervista.org
    > >
    > >
    > > #######################################################################
    > >
    > >
    > > 1) Introduction
    > > 2) Bug
    > > 3) The Code
    > > 4) Fix
    > >
    > >
    > > #######################################################################
    > >
    > > ===============
    > > 1) Introduction
    > > ===============
    > >
    > >
    > > Halo is the great FPS game developed by Bungie Studios and ported on PC
    > > by Gearbox Software (http://www.gearboxsoftware.com).
    > > It is published by Microsoft Games (http://www.microsoft.com/games/)
    > > and has been released at the end of 2003.
    > >
    > >
    > > #######################################################################
    > >
    > > ======
    > > 2) Bug
    > > ======
    > >
    > >
    > > The game is not able to handle the malformed data with the conseguence
    > > of entering in an endless loop that continues to check the same data.
    > > The effects are that the server freezes completely, so is no longer
    > > able to handle packets, and the CPU goes to 100%.
    > >
    > >
    > > #######################################################################
    > >
    > > ===========
    > > 3) The Code
    > > ===========
    > >
    > >
    > > http://aluigi.altervista.org/poc/haloloop.zip
    > >
    > >
    > > #######################################################################
    > >
    > > ======
    > > 4) Fix
    > > ======
    > >
    > >
    > > The upcoming version 1.07 should be released in these days, the bug has
    > > been reported to the developers exactly one month ago.
    > >
    > >
    > > #######################################################################
    > >
    > >
    > > ---
    > > Luigi Auriemma
    > > http://aluigi.altervista.org
    > >
    > >
    >
    >
    > --
    > Joel Esler
    > BASE Project Lead
    > http://sourceforge.net/projects/secureideas
    > 

    -- 
Joel Esler
BASE Project Lead
http://sourceforge.net/projects/secureideas
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
  • Next message: iDEFENSE Labs: "[Full-disclosure] iDEFENSE Security Advisory 05.24.05: Ipswitch IMail IMAP STATUS Remote Buffer Overflow Vulnerability"