Disconnect any user
Posted: 29 Dec 2018, 02:50
First step is to get the account id from the user we want to disconnect. If the user is at the same map you can grab it from the cache recieved from CMSG_NAME_REQUEST (0x0094) packets.
In this example: "SUPERADM" account id = 200000
After I used a normal account (Asag) and login in normally, but rewrite something:
CMSG_XXX (0x00XX) and CMSG_XXX (0x00XX) packets with the new account id from "SUPERADM".
As you can see at the image, "Asag" logs in normally, but using the SUPERADM account id, and as result, SUPERADM is logged off!!
It can block the user re-login if doing loop at the same account id, or even more critical doing a loop searching random accounts connected.
crazy... uh?
In this example: "SUPERADM" account id = 200000
After I used a normal account (Asag) and login in normally, but rewrite something:
CMSG_XXX (0x00XX) and CMSG_XXX (0x00XX) packets with the new account id from "SUPERADM".
As you can see at the image, "Asag" logs in normally, but using the SUPERADM account id, and as result, SUPERADM is logged off!!
It can block the user re-login if doing loop at the same account id, or even more critical doing a loop searching random accounts connected.
crazy... uh?