namreeb / wowned Goto Github PK

Authentication bypass for outdated WoW emulation authentication servers

License: MIT License

C++ 100.00%

authentication-bypass world-of-warcraft exploit srp-6a c-plus-plus memory-hacking

wowned's Introduction

wowned

This application is a proof of concept exploit for the authentication bypass methods in many World of Warcraft emulation authentication servers discovered by Chaosvex (https://github.com/Chaosvex) and Daemon (https://github.com/DevDaemon).

To use, auth_bypass.dll must be injected into wow.exe (versions 1.12.1, 2.4.3 and 3.3.5a are supported). An injector wowned.exe is included.

An example usage would be:

wowned.exe -c -p "f:\wow 3.3.5\WoW.exe" --2

wowned.exe --help output:

wowned v0.1 injector
Allowed options:
  -h [ --help ]                   display help message
  -c [ --console ]                enable wow console
  -p [ --program ] arg (=wow.exe) path to wow binary
  --1                             exploit method one
  --2                             exploit method two

ethics

The bugs which this application will exploit have been publicly disclosed since early November 2016 (see here: https://www.reddit.com/r/wowservers/comments/5b0chc/attention_server_developers_and_administrators/). Some private servers have opted to ignore the warning. It is a common practice among security researched to release a proof of concept exploit after vendors and users have had ample opportunity to apply a patch. Doing so can encourage the remaining vendors or users to follow suit.

For reference, these are two commits which fix 'method one' and 'method two' respectively:

https://github.com/cmangos/mangos-classic/commit/74d51cf70d67f6d4a47321a4226e7473cb8e2601 https://github.com/cmangos/mangos-classic/commit/0d2b7e38c886ddd6828cfa75e2daba5121467383

I have been contacted by several people to thank me for providing a new revenue stream, whereby they abuse these issues (using their own exploits) to steal gold from their victims and re-sell it on private servers. One even offered me a kickback in exchange for not releasing this. For those of you reading this, I am thoroughly unimpressed with your so-called abilities. Any slashdot script kiddie can break something. Show me something positive you've created and then I will take you seriously.

credit

As mentioned above, credit for the initial discovery goes to Chaosvex. Credit for the discovery of method two goes to Daemon of nostalrius.org, who found the second issue when he and I were discussing the first one.

impact

Some of the private servers that I have tested this on are still vulnerable. If you are a private server administrator and for whatever reason are unable to adapt the above-linked commits to your code, please feel free to contact me.

wowned's People

Contributors

Stargazers

Watchers

wowned's Issues

can u update?

hi can u update for 3.3.5 ? or no? delete project!

wowned.exe Close after start

Hey i will inject with the injector wowned.exe to inject in to my wow.exe but i cant open your injector and other dll injectors Dont work with your exploit I use Win 10 why dont open ?

hab install all what i need

help!!

Hello I try to run wowned.exe it opens and closes quickly, could you explain to me how to solve?

Does not work wowned!

Hi, the program does not work on new versions? TrinityCore!

Contact

And how we should contact u ?

List Of Servers Work ? For 3.3.5a and 4.3.4 cant find any server who works pls :D

Wowned not working

i included auth_bypass.dll in path wow client 3.3.5a and runned wowned cmd it error
I'm not doing it right?
OS Win7 x32

UPDATE

pls update for servers 4.3.4 without ASLR for example monster-wow or wow-colombia

How to bypass or disable authenticator for Google account

I know the password of my gmail address. No recovery code and recovery email address and recovery phone number are not registered. It was only protected by authenticator and password. My phone malfunctioned, I had to do a soft reset. I didn't have an Authenticator backup. So I can't login to my gmail account. My important documents were in my drive account. I need access. I wonder if there is a web app so I can bypass or disable gmail authenticator and only login with password? How can I recover? Can this be done with the app?

It does not open (v4.3.4)

In version 3.3.5 works perfect but when trying to open wow.exe in expansion 4.3.4 (Server GPLP Guerreros Por La Paz) does not open, it only says that the process has started but nothing happens.
I tried several Cataclysm servers but it is the same, the WoW does not open.
Yes you can update or see that it works correctly in Cataclyms I would be grateful.

Where Are U !

where are u namreeb!

get update! this autopass for 3.3.5
or
can u create exploit server crasher? send packet..

we need to new hack exploit!
all exploit hacks is fixed on private servers