奇迹服务端修改技术(Miracle server modification)
Method for modifying character upgrade points
Find absolute address in GS
8B 9 C2, followed by 05 to 06, and the normal
character upgrade is 6
8B 9 C2 07 followed the principle here. You can
change is the sword
Eventitembag file revealed (for 96, 97 edition MUSF)
[mu heads up]
In the muserver/data directory, there are 12 files,
, , and ,
. These files are events,
objects drop files, and each file corresponds to an event.
After a night of testing, we will now test the completed part
of the note to you:
The corresponding events for each file: (if the item is out,
it is set in this file, if not, is money)
correspondence: Lucky chest (Golden Dragon
will fall), sky treasure box and a +4 lucky treasure box (this
system will not be out, but GM can be adjusted)
Note: the sky is set in the file box except items, but also a
man.
corresponds: skeleton King
correspondence: (not clear at present, clear,
please add)
correspondence: the star of Christmas
correspond: firecracker, heart of love
(property is better than firecracker)
correspondence: silver medal
correspondence: gold medal
Eventitembag8.
Txt correspondence: +1 gold chest (gold goblin will fall)
correspondence: +2 gold chest (gold Titan
will fall)
The corresponding : +3 golden casket (gold
fire dragon falls)
correspondence: +4 gold chest (gold witch
Wang Huiluo)
correspondence: +5 gold chest (gold
destruction Knight will fall)
files and below will only be ordinary items,
but and above will also be outstanding items.
Please pay attention to the following when modifying the above
files:
1, you modify things only need to modify the object code and
level value, and its backward lucky, skills, additions and
outstanding attributes are all random, without setting up. If
you want something in the event, you can modify it directly in
the document. But "creating gems" doesn't add up and adds up
to mistakes.
2, please pay attention to the number of items, the best and
the original file corresponding, and sometimes the wrong number
of rows, the server will be reported wrong. For example: if you
want to make life after the death of the skeleton king, then
every line inside is changed into:
14160000
That's all right. Don't just leave one line.
3, and above documents will be outstanding
items, the contents of its documents are also specified.
The document is divided into two parts, the above is NN line
of ordinary goods, the following is NN line of excellence items,
of which fifth items of outstanding items must be 1 digital,
ordinary goods must be 0, this point must pay attention to,
If this is not the case, the server will fail.
The number of lines corresponding to ordinary items and objects
in the file: (I've only checked it once, I suggest you check
it again before you change it and backup it)
ordinary 40 lines, excellent 35 lines
ordinary 34 lines, excellent 31 lines
ordinary 26 lines, excellent 24 lines
ordinary 26 lines, excellent 18 lines
ordinary 17 lines, excellent 25 lines
Commonserver is extracted in GS
EventChipServerIp 192.168.10.150; <== sky chest event server
IP
EventChipServerConnect; <== sky events connected with the
switch box
DevilSquareEventServer; <== demon square event server IP
DevilSquareEventConnect; <== demon square events connected
with the switch set to 0 is normal
PORT port
ConnectServerInfo; connect server information
IP; IP address
WriteSkillLog recording skills log
StoneDropRate. Bless the shard drop rate. This is 100/10000=1%
bloodbonedroprate;血灵之骷物品掉率这里是100 / 10000 = 1%
angelkingspaperdroprate;血灵之书物品掉率这里是100/10000 = 1%
BloodCastleStartHour;1 / 2血城开始时间
dqchaossuccessratelevel4
dqchaossuccessratelevel3
dqchaossuccessratelevel2
dqchaossuccessratelevel1
speedhackpenalty;速度黑客?处罚
dectimeperattackspeed 5.33
usenpggchecksum
disconnecthackuser;如果发现外挂用户自动断开其连接
writechatlog;记录聊天日志
eledoradodeviltantarosexitemdroprate;卓越物品暴率+ 2黄金泰坦
eledoradodevillizardkingexitemdroprate;卓越物品暴率+ 4黄金巫师王
eledoradogoldderconexitemdroprate;卓越物品暴率+ 1黄金哥布林
eledoradotitanexitemdroprate;
Exceptional items, violent rate, +5, golden damage
EledoradoGoldGoblenExItemDropRate; excellent goods crit rate
+3 gold fire dragon
EledoradoDevilTantarosItemDropRate; rate of goods; +2; golden
Titan
EledoradoDevilLizardKingItemDropRate; goods crit +4 gold
Shaman King
EledoradoGoldDerconItemDropRate; item crit rate +1 gold goblin
EledoradoTitanItemDropRate; goods crit rate; +5 gold damage
EledoradoGoldGoblenItemDropRate; items crit rate +3 gold fire
dragon
EledoradoDevilTantarosRegenTime; refresh time (minutes) +2
gold Titan
EledoradoDevilLizardKingRegenTime; refresh time (minutes) +4
gold Witch King
EledoradoGoldDerconRegenTime; refresh time (minutes) +1 gold
goblin
EledoradoTitanRegenTime; refresh time (min) +5 gold damage
EledoradoGoldGoblenRegenTime; refresh time (minutes) +3 gold
fire dragon
IsEledoradoEvent; gold force event switch
iskicknotattackareacountlimit
notattackareakickcount
iskickdetechackcountlimit黑客检查计数;
detectedhackkickcount黑客检查计数;
minimumattackspeedtime黑客检查计数;
hackcheckcount黑客检查计数;
isignorepackethackdetect
attackspeedtimelimit黑客检查计数;
eventchipdroprateforboxofgold;天空宝箱暴率这里是60/100 = 60%
itemdroprateforboxofgold;天空宝箱暴出物品率
boxofgolddroprate;天空宝箱掉率
eventchipevent;天空宝箱事件开关
itemdroprateforsilvermedal;银质勋章暴出物品率
itemdroprateforgoldmedal;金质勋章暴出物品率
silvermedaldroprate;银质勋章掉率
Goldmedaldroprate; 金质勋章掉率
Medalevent; 勋章事件开关
Zendurationtime; 掉落金钱消失时间 (秒)
Keyofdevilsquaredroprate; 恶魔钥匙掉率 猜测为 3 / 10 = 30%
Eyesofdevilsquaredroprate; 恶魔之眼掉率 猜测为 3 / 10 = 30%
Devilsquareevent; 恶魔开关
Itemdroprateforheartoflove; 爱情之心暴出物品率
Heartoflovedroprate; 爱情之心掉率 这里是200 / 10000 = 2%
Heartofloveevent; 爱情之心事件开关
Onlyfirecrackereffectuse
Itemdroprateforfirecracker; 鞭炮暴出物品率 这里是4 / 10 = 40%
Firecrackerdroprate; 鞭炮掉率 这里是3000 / 10000 = 30%
Firecrackerevent; 鞭炮事件开关 角组队有效
Xmasevent _ itemdroprateforstarofxmas; 圣诞之星暴出物品率
Xmasevent _ starofxmasdroprate; 圣诞之星掉率
Xmasevent; 圣诞之星事件开关
Itemdropper 10; 掉宝率在这里, 原始值为1, 越高掉钱越少.
Pkitemdrop; 角pk死亡后物品是否随机掉落
[option] self looting team set:% d.
Lootingtime 3
Happynewyeartalknpc; npc新年开关.
Merryxmastalknpc; npc圣诞开关.
Event1itemdroptodaypercent 10000000; 心之记忆当天物品掉落百分比
Event1itemdroptodaymax; 心之记忆当天物品最大掉落限制
Event1; 心之记忆事件开关
Monsterhp; 降低怪物生命值 范围 (0 - 100)% 原始值为0, 越高血越少.
Pktime; 角pk头衔变更速度.1为原速度, 一秒一秒的倒数
[option] attackeventregentime =% d
[option] chaoseventserver =% s
[option] chaosevent =% d
[option] chaosbox =% d
attackeventregentime 正当防卫反击时间 (秒).
chaoseventserver 事件对应服务器ip 210.181.89.241.
chaosevent; 事件开关.
chaosbox; 玛雅哥布林允许合成 0: 1: 允许 关闭
trade and 关闭 允许 交易开关 0: 1:
相对于原设计的打怪经验倍数 addexperience.
itemserialcheck; 物品序号检测开关, 关掉可以解决复制物品掉线
问题.
黑软速度检测 speedhackplayerblock.
战盟建立等级 guildcreatelevel 100.
是否可以新建战盟 guilddestroy.
是否可以新建战盟 guildcreate.
characterdeleteminlevel.
限制角删除等级
Createcharacter; 创建角, 1为允许 0为否.
Clientexeserial
梦之奇迹注册网页漏洞-得到任何你想要的东西
漏洞版本 梦之奇迹注册系统的所有版本!
漏洞原因, 由于梦之奇迹的编写者对用户的输入根本没采取什么过滤, 只是简简单单的通过提交的表单来限制用户的输入长度, 而且对一些最起码的 ',' = '都没有过滤掉, 而这个是编程的大忌, 现在很多高中生都知道过滤的重要, 不知道这样的系统为什么会发布并在网上流传!
拿来源代码一看, 整个系统能渗透的地方很多.在中有这么一段
ACCOUNTNAME = ("username")
= password ("password")
character = ("userchr")
If Instr (ACCOUNTNAME, "'" < > 0 then
If Instr (ACCOUNTNAME "=" < > 0 then
If Instr (ACCOUNTNAME, "%") < > 0 then
If ACCOUNTNAME < > "< >" "password" and then
Connstrs = "DBQ =" + + "h (lifedbnames) defaultdir
=; =; {Microsoft Access driver driver (*. Mdb)};"
......
He knows the user submitted the name of the filter, the user
did not submit a password filter, and directly into the database,
we see:
......
End if
End if
Set rs = Object ("set")
Sql= "select * from, MEMB_INFO, memb___id = where", "and
memb__pwd='", "&password&", "&accountname&""
, SQL, Conn, 1,1
If, , or, , then
"<script language=javascript>alert" ('nn
account information error, please fill );
() </script>"
Did you see that? We can use this code sql=, select, * from,
MEMB_INFO, where, memb___id = &accountname&, 'and, memb__pwd='
', &password&''"
Enter a construction of a special statement
For example, 1 * from; select character; - so you can operate
the database table character, and through insert, update and
other commands to operate the database, add anything you want,
level, so anyone can be a GM.
Want to use the magic dream registration system 4F network
management attention!
Solution, account check, add later
If instr (password, '' ') <>0, then,
If instr (password, = =) <>0, then,
If instr (password,
“%”)<> 0
多机多线,希望大家喜欢
因为我所在的网络,收费是按照流量收的,而每月只有3g免费,流量,因此看了纹身的一机多线,弄了个多机多线,帖出来帮助一下大家,这样可以节省主机很大的资源,多台机器负担,希望大家喜欢。而且流量也分流了,我实验的分机IP地址是外部网的,内部网同样可以。
这种方法设置比较灵活,最重要的就是,一个线瘫痪不影响其他线的运行。主机可以不运行GameServer,也节省主机资源分机如果机器配置好,也可以运行多个线。
下面以三机三条线为例
(1)假设你的亩服务端放在D: muserver。先修改D:
connectserverlist muserver CS。DAT,D: connectserverlist
muserver CS数据。DAT,D: muserver CS dataspxxglxt
serverlist .dat三个文件为如下内容:(好象只修改serverlist .dat也行。安全起见,全改了)
如果要3线共用一个地图,就是3线的玩家互相可见,就写成面这样:
0“服务器名”主机IP”55901“秀”
1“服务器名”分机IP“55901”显示“→注意这里是55901就是2
线共用一个地图
2“服务器名”分机IP“55901”显示“→注意这里是55901就是2线共用一个地图
3线不共用地图,玩家互不可见,
Change it to the following:
0, server name, host IP, 55901, show"
1 "server name", "extension IP", 55902 "show". Note that here
is 55902
2 "server name", "extension IP", 55903 "show". Note that here
is 55903
(2) d:muserver inside the data, GameServer three folders
copied to the d:muserver1
Put it on D: at extension A;
D:muserver inside the data, GameServer three folders copied
to the d:muserver2
Put it on D: at extension B.
(3) using ue to modify your Kaodao d:muserver1 in
. is d:.
because Gameserver now has multiple versions. So the absolute
address before are not necessarily correct. In UE search
WZ_MU_GS_MUTEX. note all uppercase. Remember to find ASCII
search selected. After finding this string corresponding to 16
hexadecimal code changed 0 OK. Modified also
covers MUSERVER2:
(as in Fig.)
(4) now write the in d:muserverdata as:
[gameserverinfo]
Servername = server name: here unchanged
Servercode, =0. Note here is 0
Connectmemberload =0
The second folder, that is, the muserver1data in
, is written as:
[gameserverinfo]
Servername = server name: here unchanged
→注意这里修改为1 servercode = 1
connectmemberload = 0
第二个文件夹, 就是muserver2 data中的写为.
[gameserverinfo]
servername = 服务器名 →这里不变
→注意这里修改为2 servercode = 2
connectmemberload = 0
(5) 除了原来的8个启动外, 主机再加2个, 2台分机一台一个, 全部启动如下.
主机运行.
1 - d: muserver dataserver1 55960.
2 - d: muserver dataserver2 55962.
3 - d: muserver dataserver2 55964 (这个是多加的).
4 - d: muserver dataserver2 55966 (这个也是多加的).
5 - d: muserver and cs.
5 - d: muserver joinserver / p55970 /
ca127.0.0.1 cp55557.
7 - - - - - - - - - d: muserver mu2003 _ event _ server.
_ mu2003 _ event _ wz
8 - d: muserver rankingserver devilsqure _ .
10 - - - - d: muserver exdb .
10 - - - - - - - - - - - - - - d: muserver gameserver
127.0.0.1 55970 127.0.0.1 55960 55901.
分机a运行.
11 - - - - - - - - - d: muserve1 gameserver gameserver.
EXE host IP 55970 host IP 5596455902 (this is extra, pay
attention to the path)
Extension B running
12----D: host IP 55970
host IP 5596655903 (this is also added, pay attention to the
path)
Note: the GAMESERVER of each extension can run at any time after
the host's first 9 programs are running.
Full Chinese character annotation square brush gold blame file
[share] full Chinese character annotation square brush gold
blame file
The contents of the file are modified as
follows:
This is / / closing time, the devil square approach time, time.
/ / closetime, opentime, playtime
Zero
35520
End
"The message here is that each line at the beginning of the 0123
represent demon square 1234
One
1 / square
0907 / Necromancer
0507 / hell hounds blame
01007 / the Dark Knight
03907 / / toxic ghost
0251220 / / ice
0411220 / the devil
2 / square
11807 / the devil Gordon
14107 / the devil
135514 / the death of Gordon
151514 / the bus Hamlet
1641220 / Kamen Archer
1651220 / a warrior
3 / square
23807 / Lord Baroque
25107 / the bus Hamlet
264514 / Kamen Archer
265514 / a warrior
2621220 / / ironspine strange
2601220 / the giant tooth beast
4 / square
36407 / / start is to brush the mask mask Archer 07 on behalf
of the archer and the end time
36507 / a warrior
362514 / / 5-14 ironspine strange brush ironspine strange
360514 / the giant tooth beast
3571220 / / 12-20 fighters iron wheel brush iron wheel Warrior
3611218 / / Black 12-18 black brush the Balrog
End
This is a small boss / square code.
Two
0115 / Lord Baroque
0115
0115
0115
0115
0115 / Titan
0115 / Titan
151184 / metal Baroque
151184
151184
151184
151184
151184 / gold fire dragon
151184 / gold fire dragon
2583 / / destroy Knights
2583
2583
2583
2583
283 / golden wizard King
283 / golden wizard King
366 / / Cursed King
The 366 //15 stands for fifteenth minutes, and the
brush curse king 537483109 represents the scope of the brush
monster. You will find that the range of the Plaza 1-4 is
different
366 / this period a total of 5 lines
366 / / that is to say in fifteenth minutes in total
brush 5 Cursed King
366
382 / / Golden Knight damage
382 / / Golden Knight damage
End
This is a reward / Devil square final, 4 square first experience
10000, Mu $70000, second and so on.
Three
1
2
21600045000
22500040000
23400030000
3
31800060000
32700050000
33600040000
End
Square brush mystery NPC
[watering] my demon square file ()
/ / closetime, opentime, playtime
Zero
45530 / square time adjusted to 30 minutes after entering the
end): Red Square
End
Is / / brush strange file refresh rate is very high
One
0907 / / bad sister house.
0507 / paragraph indigo autumn orifices
01007 / / promote agricultural Laopiao sing
03907 / / Liu for fishing gear splash fast
0251220 / Jiulao gel
0411220 / / single static fast ink
11807 / / foreboom trip
14107 / / single static fast ink
135514 / / single static trip foreboom
151514 / / Qu public float orifices.
1641220 / / Ke agricultural pump recommended
1651220 / / Ke agricultural measures.
23807 / / used to waste
25107 / / Qu public float orifices.
264514 / / Ke agricultural pump recommended
265514 / / Ke agricultural measures.
2621220 / / Gu pan float
2601220 / / throat alum Diao Kuang skid
36407 / / Ke agricultural pump recommended
36507 / / Ke agricultural measures.
362514 / / Gu pan float
360514 / / throat alum Diao Kuang skid
3571220 / Jiulao seized Rong
3611220 / / Laopiao and sing
3732328 / three increased the most strange sky
3742328 / 23 to 28 minutes in time to brush out
3752328 / / which vacated 3 minutes for you under
End
Here is the boss file monster / brush can brush out some here.
Bao Ge / /% pot caries, glue pan Lao Fu Jiaoai gull, miles, miles
house understanding drill
Two
0115 / / used to waste
0115 / / used to waste
0115 / / used to waste
0115 / / used to waste
0115 / / used to waste
151184 / / Gao Guan waste oh
151184 / / Gao Guan waste oh
151184 / / Gao Guan waste oh
151184 / / Gao Guan waste oh
151184 / / Gao Guan waste oh
2583 / / vomit lotus lung glue
2583 / / vomit lotus lung glue
2583 / / vomit lotus lung glue
2583 / / vomit lotus lung glue
2583 / / vomit lotus lung glue
366 / / Li Lin tank empty basket
366 / / Li Lin tank empty basket
366 / / Li Lin tank empty basket
366 / / Li Lin tank empty basket
324526537483109 / twenty-sixth minutes Lucy Slayers played her
sell mysterious things Oh
37727537483109 / / demons debut
37927537483109 / the gold boss guest square
37927537483109 / Note: remember to remove the Slayers Lucy or
hey in monstersetbase
38
38228537483109
End
The following is the reward / /
/ / Fort% caries. House pot was recommended, welding offset
cyanide g, welding a gel gel
Three
1
2
21600045000
22500040000
23400030000
3
31800060000
32700050000
33600040000
End
2481 "wandering merchants" 20100, 310,
, 0
Give everyone a function that prevents external submissions
Give everyone a function that prevents external submissions
Add a string of code behind
Function, ChkPost ()
Dim, server_v1, server_v2
Chkpost=false
Server_v1=Cstr (Variables ("HTTP_REFERER"))
Server_v2=Cstr (Variables ("SERVER_NAME"))
If mid (server_v1,8,
Len(server_v2))< > server_v2然后
chkpost = false
其他的
chkpost =真
最后如果
端功能
然后在那些问题页面里个合适的位置插入以下代码:
如果不chkpost()然后
”请不要尝试漏洞或者请您关闭防火墙!”
最后如果
看不懂的朋友可以看看下面的例子:
文件:
<!——#包括文件=“配置asp”-->
<!——#包括文件=“”-->
< %
N =请求表单(“用户名”)
P =请求形式(“userchr”)。
如果可以得到(n,“”)< > 0或数(N,“;”)< > 0或数(N,“&”)< > 0或仪器(n,%)> 0
”您所输入的数据包含非法字符,对不起!”
最后如果
如果仪器(P’)<> 0或仪器(P,“;”)< > 0或仪器(P,“&”)< > 0或仪器(P,“%”)> 0
”您所输入的数据包含非法字符,对不起!”
最后如果
如果n“>”和“p”,那么
如果不chkpost()然后
”请不要尝试漏洞或者请您关闭防火墙!”
最后如果
集RS1 =服务器(数据记录集。CreateObject。”)
SQL =“select * from字符在帐号ID =“”& n”和名为“普及”和pklevel <> 3”
sql,conn,1,3
如果或然后
防止通过网页修改数据库的方法之一
对所有。ASP文件进行查,凡MaxLength的地方请注意:
把所有这样的语名通通改为MaxLength = 18及以下,例如角ID你只需要MaxLength = 10就可以了,只有身份证需要18长度,其实的全部改小就可以了。
有的网站就出在了MaxLength = 40在地方,别人可以在那儿打入完整的命令,并且会执行。
另外对每个输入的地方加进判断,不让输入以下字符:“^ <> & @。` =就可以防住大多数的破坏。
本文发布于:2024-09-22 13:33:40,感谢您对本站的认可!
本文链接:https://www.17tex.com/fanyi/43997.html
版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系,我们将在24小时内删除。
留言与评论(共有 0 条评论) |