Authentication Bypass

brian8544 · May 20, 2018

Hello everyone,

I've been goofing around with some old core released a while ago on the VIP forum. Now that core is still vulnurable to the authentication bypass released last year. I've done some research and to my own knowledge 'patched' this exploit.

Now my question is, if this is the right way to fix it?

https://i.gyazo.com/410fef5085c79c14159e489db4406304.png

The bypass program no longer can connect but just wanting to make sure!

Thanks for the replies in advance.

ExO · May 20, 2018

Yes, this would be an ideal way of resolving it.

You might want to look at this commit as well:
https://github.com/TrinityCore/TrinityCore/commit/14abd1f5875d8c8e98ac9c76789d8b439008eba2

As well as:
https://github.com/TrinityCore/TrinityCore/commit/ed2cd6b34f849f9cc9adb86318457155e47f7314

If your current core code matches the old code from the commit you might want to patch that as well.

brian8544 · May 20, 2018

I was affraid that was the case, it does not match one single bit at all. Gotta be alot of work

Authentication Bypass

brian8544

ExO

brian8544