奇迹服务端修改技术(Miracle server modification)

奇迹服务端修改技术（Miracle server modification）

Method for modifying character upgrade points

Find absolute address in GS

8B 9 C2, followed by 05 to 06, and the normal

character upgrade is 6

8B 9 C2 07 followed the principle here. You can

change is the sword

Eventitembag file revealed (for 96, 97 edition MUSF)

[mu heads up]

In the muserver/data directory, there are 12 files,

, , and ,

. These files are events,

objects drop files, and each file corresponds to an event.

After a night of testing, we will now test the completed part

of the note to you:

The corresponding events for each file: (if the item is out,

it is set in this file, if not, is money)

correspondence: Lucky chest (Golden Dragon

will fall), sky treasure box and a +4 lucky treasure box (this

system will not be out, but GM can be adjusted)

Note: the sky is set in the file box except items, but also a

man.

corresponds: skeleton King

correspondence: (not clear at present, clear,

please add)

correspondence: the star of Christmas

correspond: firecracker, heart of love

(property is better than firecracker)

correspondence: silver medal

correspondence: gold medal

Eventitembag8.

Txt correspondence: +1 gold chest (gold goblin will fall)

correspondence: +2 gold chest (gold Titan

will fall)

The corresponding : +3 golden casket (gold

fire dragon falls)

correspondence: +4 gold chest (gold witch

Wang Huiluo)

correspondence: +5 gold chest (gold

destruction Knight will fall)

files and below will only be ordinary items,

but and above will also be outstanding items.

Please pay attention to the following when modifying the above

files:

1, you modify things only need to modify the object code and

level value, and its backward lucky, skills, additions and

outstanding attributes are all random, without setting up. If

you want something in the event, you can modify it directly in

the document. But "creating gems" doesn't add up and adds up

to mistakes.

2, please pay attention to the number of items, the best and

the original file corresponding, and sometimes the wrong number

of rows, the server will be reported wrong. For example: if you

want to make life after the death of the skeleton king, then

every line inside is changed into:

14160000

That's all right. Don't just leave one line.

3, and above documents will be outstanding

items, the contents of its documents are also specified.

The document is divided into two parts, the above is NN line

of ordinary goods, the following is NN line of excellence items,

of which fifth items of outstanding items must be 1 digital,

ordinary goods must be 0, this point must pay attention to,

If this is not the case, the server will fail.

The number of lines corresponding to ordinary items and objects

in the file: (I've only checked it once, I suggest you check

it again before you change it and backup it)

ordinary 40 lines, excellent 35 lines

ordinary 34 lines, excellent 31 lines

ordinary 26 lines, excellent 24 lines

ordinary 26 lines, excellent 18 lines

ordinary 17 lines, excellent 25 lines

Commonserver is extracted in GS

EventChipServerIp 192.168.10.150; <== sky chest event server

IP

EventChipServerConnect; <== sky events connected with the

switch box

DevilSquareEventServer; <== demon square event server IP

DevilSquareEventConnect; <== demon square events connected

with the switch set to 0 is normal

PORT port

ConnectServerInfo; connect server information

IP; IP address

WriteSkillLog recording skills log

StoneDropRate. Bless the shard drop rate. This is 100/10000=1%

bloodbonedroprate；血灵之骷物品掉率这里是100 / 10000 = 1%

angelkingspaperdroprate；血灵之书物品掉率这里是100/10000 = 1%

BloodCastleStartHour；1 / 2血城开始时间

bloodcastleevent；血城堡事件开关

dqchaossuccessratelevel4

dqchaossuccessratelevel3

dqchaossuccessratelevel2

dqchaossuccessratelevel1

speedhackpenalty；速度黑客？处罚

dectimeperattackspeed 5.33

usenpggchecksum

disconnecthackuser；如果发现外挂用户自动断开其连接

writechatlog；记录聊天日志

eledoradodeviltantarosexitemdroprate；卓越物品暴率+ 2黄金泰坦

eledoradodevillizardkingexitemdroprate；卓越物品暴率+ 4黄金巫师王

eledoradogoldderconexitemdroprate；卓越物品暴率+ 1黄金哥布林

eledoradotitanexitemdroprate；

Exceptional items, violent rate, +5, golden damage

EledoradoGoldGoblenExItemDropRate; excellent goods crit rate

+3 gold fire dragon

EledoradoDevilTantarosItemDropRate; rate of goods; +2; golden

Titan

EledoradoDevilLizardKingItemDropRate; goods crit +4 gold

Shaman King

EledoradoGoldDerconItemDropRate; item crit rate +1 gold goblin

EledoradoTitanItemDropRate; goods crit rate; +5 gold damage

EledoradoGoldGoblenItemDropRate; items crit rate +3 gold fire

dragon

EledoradoDevilTantarosRegenTime; refresh time (minutes) +2

gold Titan

EledoradoDevilLizardKingRegenTime; refresh time (minutes) +4

gold Witch King

EledoradoGoldDerconRegenTime; refresh time (minutes) +1 gold

goblin

EledoradoTitanRegenTime; refresh time (min) +5 gold damage

EledoradoGoldGoblenRegenTime; refresh time (minutes) +3 gold

fire dragon

IsEledoradoEvent; gold force event switch

iskicknotattackareacountlimit

notattackareakickcount

iskickdetechackcountlimit黑客检查计数；

detectedhackkickcount黑客检查计数；

minimumattackspeedtime黑客检查计数；

hackcheckcount黑客检查计数；

isignorepackethackdetect

attackspeedtimelimit黑客检查计数；

eventchipdroprateforboxofgold；天空宝箱暴率这里是60/100 = 60%

itemdroprateforboxofgold；天空宝箱暴出物品率

boxofgolddroprate；天空宝箱掉率

eventchipevent；天空宝箱事件开关

itemdroprateforsilvermedal；银质勋章暴出物品率

itemdroprateforgoldmedal；金质勋章暴出物品率

silvermedaldroprate；银质勋章掉率

Goldmedaldroprate; 金质勋章掉率

Medalevent; 勋章事件开关

Zendurationtime; 掉落金钱消失时间 (秒)

Keyofdevilsquaredroprate; 恶魔钥匙掉率 猜测为 3 / 10 = 30%

Eyesofdevilsquaredroprate; 恶魔之眼掉率 猜测为 3 / 10 = 30%

Devilsquareevent; 恶魔开关

Itemdroprateforheartoflove; 爱情之心暴出物品率

Heartoflovedroprate; 爱情之心掉率 这里是200 / 10000 = 2%

Heartofloveevent; 爱情之心事件开关

Onlyfirecrackereffectuse

Itemdroprateforfirecracker; 鞭炮暴出物品率 这里是4 / 10 = 40%

Firecrackerdroprate; 鞭炮掉率 这里是3000 / 10000 = 30%

Firecrackerevent; 鞭炮事件开关 角组队有效

Xmasevent _ itemdroprateforstarofxmas; 圣诞之星暴出物品率

Xmasevent _ starofxmasdroprate; 圣诞之星掉率

Xmasevent; 圣诞之星事件开关

Itemdropper 10; 掉宝率在这里, 原始值为1, 越高掉钱越少.

Pkitemdrop; 角pk死亡后物品是否随机掉落

[option] self looting team set:% d.

Lootingtime 3

Happynewyeartalknpc; npc新年开关.

Merryxmastalknpc; npc圣诞开关.

Event1itemdroptodaypercent 10000000; 心之记忆当天物品掉落百分比

Event1itemdroptodaymax; 心之记忆当天物品最大掉落限制

Event1; 心之记忆事件开关

Monsterhp; 降低怪物生命值 范围 (0 - 100)% 原始值为0, 越高血越少.

Pktime; 角pk头衔变更速度.1为原速度, 一秒一秒的倒数

[option] attackeventregentime =% d

[option] chaoseventserver =% s

[option] chaosevent =% d

[option] chaosbox =% d

attackeventregentime 正当防卫反击时间 (秒).

chaoseventserver 事件对应服务器ip 210.181.89.241.

chaosevent; 事件开关.

chaosbox; 玛雅哥布林允许合成 0: 1: 允许 关闭

trade and 关闭 允许 交易开关 0: 1:

相对于原设计的打怪经验倍数 addexperience.

itemserialcheck; 物品序号检测开关, 关掉可以解决复制物品掉线

问题.

黑软速度检测 speedhackplayerblock.

战盟建立等级 guildcreatelevel 100.

是否可以新建战盟 guilddestroy.

是否可以新建战盟 guildcreate.

characterdeleteminlevel.

限制角删除等级

Createcharacter; 创建角, 1为允许 0为否.

Clientexeserial

梦之奇迹注册网页漏洞－得到任何你想要的东西

漏洞版本 梦之奇迹注册系统的所有版本!

漏洞原因, 由于梦之奇迹的编写者对用户的输入根本没采取什么过滤, 只是简简单单的通过提交的表单来限制用户的输入长度, 而且对一些最起码的 ',' ＝ '都没有过滤掉, 而这个是编程的大忌, 现在很多高中生都知道过滤的重要, 不知道这样的系统为什么会发布并在网上流传!

拿来源代码一看, 整个系统能渗透的地方很多.在中有这么一段

ACCOUNTNAME = ("username")

= password ("password")

character = ("userchr")

If Instr (ACCOUNTNAME, "'" < > 0 then

If Instr (ACCOUNTNAME "=" < > 0 then

If Instr (ACCOUNTNAME, "%") < > 0 then

If ACCOUNTNAME < > "< >" "password" and then

Connstrs = "DBQ =" + + "h (lifedbnames) defaultdir

=; =; {Microsoft Access driver driver (*. Mdb)};"

......

He knows the user submitted the name of the filter, the user

did not submit a password filter, and directly into the database,

we see:

......

End if

End if

Set rs = Object ("set")

Sql= "select * from, MEMB_INFO, memb___id = where", "and

memb__pwd='", "&password&", "&accountname&""

, SQL, Conn, 1,1

If, , or, , then

"<script language=javascript>alert" ('nn

account information error, please fill );

() </script>"

Did you see that? We can use this code sql=, select, * from,

MEMB_INFO, where, memb___id = &accountname&, 'and, memb__pwd='

', &password&''"

Enter a construction of a special statement

For example, 1 * from; select character; - so you can operate

the database table character, and through insert, update and

other commands to operate the database, add anything you want,

level, so anyone can be a GM.

Want to use the magic dream registration system 4F network

management attention!

Solution, account check, add later

If instr (password, '' ') <>0, then,

If instr (password, = =) <>0, then,

If instr (password,

“%”）<> 0

多机多线，希望大家喜欢

因为我所在的网络，收费是按照流量收的，而每月只有3g免费，流量，因此看了纹身的一机多线，弄了个多机多线，帖出来帮助一下大家，这样可以节省主机很大的资源，多台机器负担，希望大家喜欢。而且流量也分流了，我实验的分机IP地址是外部网的，内部网同样可以。

这种方法设置比较灵活，最重要的就是，一个线瘫痪不影响其他线的运行。主机可以不运行GameServer，也节省主机资源分机如果机器配置好，也可以运行多个线。

下面以三机三条线为例

（1）假设你的亩服务端放在D： muserver。先修改D：

connectserverlist muserver CS。DAT，D： connectserverlist

muserver CS数据。DAT，D： muserver CS dataspxxglxt

serverlist .dat三个文件为如下内容：（好象只修改serverlist .dat也行。安全起见，全改了）

如果要3线共用一个地图，就是3线的玩家互相可见，就写成面这样：

0“服务器名”主机IP”55901“秀”

1“服务器名”分机IP“55901”显示“→注意这里是55901就是2

线共用一个地图

2“服务器名”分机IP“55901”显示“→注意这里是55901就是2线共用一个地图

3线不共用地图，玩家互不可见，

Change it to the following:

0, server name, host IP, 55901, show"

1 "server name", "extension IP", 55902 "show". Note that here

is 55902

2 "server name", "extension IP", 55903 "show". Note that here

is 55903

(2) d:muserver inside the data, GameServer three folders

copied to the d:muserver1

Put it on D: at extension A;

D:muserver inside the data, GameServer three folders copied

to the d:muserver2

Put it on D: at extension B.

(3) using ue to modify your Kaodao d:muserver1 in

. is d:.

because Gameserver now has multiple versions. So the absolute

address before are not necessarily correct. In UE search

WZ_MU_GS_MUTEX. note all uppercase. Remember to find ASCII

search selected. After finding this string corresponding to 16

hexadecimal code changed 0 OK. Modified also

covers MUSERVER2:

(as in Fig.)

(4) now write the in d:muserverdata as:

[gameserverinfo]

Servername = server name: here unchanged

Servercode, =0. Note here is 0

Connectmemberload =0

The second folder, that is, the muserver1data in

, is written as:

[gameserverinfo]

Servername = server name: here unchanged

→注意这里修改为1 servercode = 1

connectmemberload = 0

第二个文件夹, 就是muserver2 data中的写为.

[gameserverinfo]

servername = 服务器名 →这里不变

→注意这里修改为2 servercode = 2

connectmemberload = 0

(5) 除了原来的8个启动外, 主机再加2个, 2台分机一台一个, 全部启动如下.

主机运行.

1 - d: muserver dataserver1 55960.

2 - d: muserver dataserver2 55962.

3 - d: muserver dataserver2 55964 (这个是多加的).

4 - d: muserver dataserver2 55966 (这个也是多加的).

5 - d: muserver and cs.

5 - d: muserver joinserver / p55970 /

ca127.0.0.1 cp55557.

7 - - - - - - - - - d: muserver mu2003 _ event _ server.

_ mu2003 _ event _ wz

8 - d: muserver rankingserver devilsqure _ .

10 - - - - d: muserver exdb .

10 - - - - - - - - - - - - - - d: muserver gameserver

127.0.0.1 55970 127.0.0.1 55960 55901.

分机a运行.

11 - - - - - - - - - d: muserve1 gameserver gameserver.

EXE host IP 55970 host IP 5596455902 (this is extra, pay

attention to the path)

Extension B running

12----D: host IP 55970

host IP 5596655903 (this is also added, pay attention to the

path)

Note: the GAMESERVER of each extension can run at any time after

the host's first 9 programs are running.

Full Chinese character annotation square brush gold blame file

[share] full Chinese character annotation square brush gold

blame file

The contents of the file are modified as

follows:

This is / / closing time, the devil square approach time, time.

/ / closetime, opentime, playtime

Zero

35520

End

"The message here is that each line at the beginning of the 0123

represent demon square 1234

One

1 / square

0907 / Necromancer

0507 / hell hounds blame

01007 / the Dark Knight

03907 / / toxic ghost

0251220 / / ice

0411220 / the devil

2 / square

11807 / the devil Gordon

14107 / the devil

135514 / the death of Gordon

151514 / the bus Hamlet

1641220 / Kamen Archer

1651220 / a warrior

3 / square

23807 / Lord Baroque

25107 / the bus Hamlet

264514 / Kamen Archer

265514 / a warrior

2621220 / / ironspine strange

2601220 / the giant tooth beast

4 / square

36407 / / start is to brush the mask mask Archer 07 on behalf

of the archer and the end time

36507 / a warrior

362514 / / 5-14 ironspine strange brush ironspine strange

360514 / the giant tooth beast

3571220 / / 12-20 fighters iron wheel brush iron wheel Warrior

3611218 / / Black 12-18 black brush the Balrog

End

This is a small boss / square code.

Two

0115 / Lord Baroque

0115

0115

0115

0115

0115 / Titan

0115 / Titan

151184 / metal Baroque

151184

151184

151184

151184

151184 / gold fire dragon

151184 / gold fire dragon

2583 / / destroy Knights

2583

2583

2583

2583

283 / golden wizard King

283 / golden wizard King

366 / / Cursed King

The 366 //15 stands for fifteenth minutes, and the

brush curse king 537483109 represents the scope of the brush

monster. You will find that the range of the Plaza 1-4 is

different

366 / this period a total of 5 lines

366 / / that is to say in fifteenth minutes in total

brush 5 Cursed King

366

382 / / Golden Knight damage

382 / / Golden Knight damage

End

This is a reward / Devil square final, 4 square first experience

10000, Mu $70000, second and so on.

Three

1

2

21600045000

22500040000

23400030000

3

31800060000

32700050000

33600040000

End

Square brush mystery NPC

[watering] my demon square file ()

/ / closetime, opentime, playtime

Zero

45530 / square time adjusted to 30 minutes after entering the

end): Red Square

End

Is / / brush strange file refresh rate is very high

One

0907 / / bad sister house.

0507 / paragraph indigo autumn orifices

01007 / / promote agricultural Laopiao sing

03907 / / Liu for fishing gear splash fast

0251220 / Jiulao gel

0411220 / / single static fast ink

11807 / / foreboom trip

14107 / / single static fast ink

135514 / / single static trip foreboom

151514 / / Qu public float orifices.

1641220 / / Ke agricultural pump recommended

1651220 / / Ke agricultural measures.

23807 / / used to waste

25107 / / Qu public float orifices.

264514 / / Ke agricultural pump recommended

265514 / / Ke agricultural measures.

2621220 / / Gu pan float

2601220 / / throat alum Diao Kuang skid

36407 / / Ke agricultural pump recommended

36507 / / Ke agricultural measures.

362514 / / Gu pan float

360514 / / throat alum Diao Kuang skid

3571220 / Jiulao seized Rong

3611220 / / Laopiao and sing

3732328 / three increased the most strange sky

3742328 / 23 to 28 minutes in time to brush out

3752328 / / which vacated 3 minutes for you under

End

Here is the boss file monster / brush can brush out some here.

Bao Ge / /% pot caries, glue pan Lao Fu Jiaoai gull, miles, miles

house understanding drill

Two

0115 / / used to waste

0115 / / used to waste

0115 / / used to waste

0115 / / used to waste

0115 / / used to waste

151184 / / Gao Guan waste oh

151184 / / Gao Guan waste oh

151184 / / Gao Guan waste oh

151184 / / Gao Guan waste oh

151184 / / Gao Guan waste oh

2583 / / vomit lotus lung glue

2583 / / vomit lotus lung glue

2583 / / vomit lotus lung glue

2583 / / vomit lotus lung glue

2583 / / vomit lotus lung glue

366 / / Li Lin tank empty basket

366 / / Li Lin tank empty basket

366 / / Li Lin tank empty basket

366 / / Li Lin tank empty basket

324526537483109 / twenty-sixth minutes Lucy Slayers played her

sell mysterious things Oh

37727537483109 / / demons debut

37927537483109 / the gold boss guest square

37927537483109 / Note: remember to remove the Slayers Lucy or

hey in monstersetbase

38

38228537483109

End

The following is the reward / /

/ / Fort% caries. House pot was recommended, welding offset

cyanide g, welding a gel gel

Three

1

2

21600045000

22500040000

23400030000

3

31800060000

32700050000

33600040000

End

2481 "wandering merchants" 20100, 310,

, 0

Give everyone a function that prevents external submissions

Give everyone a function that prevents external submissions

Add a string of code behind

Function, ChkPost ()

Dim, server_v1, server_v2

Chkpost=false

Server_v1=Cstr (Variables ("HTTP_REFERER"))

Server_v2=Cstr (Variables ("SERVER_NAME"))

If mid (server_v1,8,

Len（server_v2））< > server_v2然后

chkpost = false

其他的

chkpost =真

最后如果

端功能

然后在那些问题页面里个合适的位置插入以下代码：

如果不chkpost()然后

”请不要尝试漏洞或者请您关闭防火墙！”

最后如果

看不懂的朋友可以看看下面的例子：

文件：

<！——#包括文件=“配置asp”-->

<！——#包括文件=“”-->

< %

N =请求表单（“用户名”）

P =请求形式（“userchr”）。

如果可以得到（n，“”）< > 0或数（N，“；”）< > 0或数（N，“&”）< > 0或仪器（n，%）> 0

”您所输入的数据包含非法字符，对不起！”

最后如果

如果仪器（P’）<> 0或仪器（P，“；”）< > 0或仪器（P，“&”）< > 0或仪器（P，“%”）> 0

”您所输入的数据包含非法字符，对不起！”

最后如果

如果n“>”和“p”，那么

如果不chkpost()然后

”请不要尝试漏洞或者请您关闭防火墙！”

最后如果

集RS1 =服务器（数据记录集。CreateObject。”）

SQL =“select * from字符在帐号ID =“”& n”和名为“普及”和pklevel <> 3”

sql，conn，1,3

如果或然后

防止通过网页修改数据库的方法之一

对所有。ASP文件进行查，凡MaxLength的地方请注意：

把所有这样的语名通通改为MaxLength = 18及以下，例如角ID你只需要MaxLength = 10就可以了，只有身份证需要18长度，其实的全部改小就可以了。

有的网站就出在了MaxLength = 40在地方，别人可以在那儿打入完整的命令，并且会执行。

另外对每个输入的地方加进判断，不让输入以下字符：“^ <> & @。` =就可以防住大多数的破坏。