First step is to get the account id from the user we want to disconnect. If the user is at the same map you can grab it from the cache recieved from CMSG_NAME_REQUEST (0x0094) packets.
In this example: "SUPERADM" account id = 200000
After I used a normal account (Asag) and login in normally, but rewrite something:
CMSG_XXX (0x00XX) and CMSG_XXX (0x00XX) packets with the new account id from "SUPERADM".
As you can see at the image, "Asag" logs in normally, but using the SUPERADM account id, and as result, SUPERADM is logged off!!
It can block the user re-login if doing loop at the same account id, or even more critical doing a loop searching random accounts connected.
crazy... uh?
Disconnect any user
Disconnect any user
Last edited by playerone on 29 Dec 2018, 16:52, edited 1 time in total.
Re: Disconnect any user
cool you found some very old known tmwa bug. old tmwa devs already know it.
but better not disclosure exploits in tmwa, because very low chances what some one will fix them.
i edited previous post
but better not disclosure exploits in tmwa, because very low chances what some one will fix them.
i edited previous post
Re: Disconnect any user
better try find something interesting in hercules and report it