From 59fad6fa63c9fa277b1d7b00771fdc4641f89b32 Mon Sep 17 00:00:00 2001 From: KrewsOrg Date: Sat, 9 May 2020 13:32:08 +0100 Subject: [PATCH] 2.3.2. Fixed exploits. --- src/main/java/com/eu/habbo/Emulator.java | 2 +- .../incoming/catalog/CatalogBuyItemEvent.java | 14 ++++++++++---- .../incoming/catalog/CheckPetNameEvent.java | 15 +++++++-------- .../guilds/forums/GuildForumPostThreadEvent.java | 6 ++++++ 4 files changed, 24 insertions(+), 13 deletions(-) diff --git a/src/main/java/com/eu/habbo/Emulator.java b/src/main/java/com/eu/habbo/Emulator.java index d2323757..a8a37ee2 100644 --- a/src/main/java/com/eu/habbo/Emulator.java +++ b/src/main/java/com/eu/habbo/Emulator.java @@ -32,7 +32,7 @@ public final class Emulator { public final static int MAJOR = 2; public final static int MINOR = 3; - public final static int BUILD = 1; + public final static int BUILD = 2; public static final String ANSI_RED = "\u001B[31m"; public static final String ANSI_BLUE = "\u001B[34m"; public static final String ANSI_PURPLE = "\u001B[35m"; diff --git a/src/main/java/com/eu/habbo/messages/incoming/catalog/CatalogBuyItemEvent.java b/src/main/java/com/eu/habbo/messages/incoming/catalog/CatalogBuyItemEvent.java index 67a89975..460cc103 100644 --- a/src/main/java/com/eu/habbo/messages/incoming/catalog/CatalogBuyItemEvent.java +++ b/src/main/java/com/eu/habbo/messages/incoming/catalog/CatalogBuyItemEvent.java @@ -5,10 +5,7 @@ import com.eu.habbo.habbohotel.catalog.CatalogItem; import com.eu.habbo.habbohotel.catalog.CatalogManager; import com.eu.habbo.habbohotel.catalog.CatalogPage; import com.eu.habbo.habbohotel.catalog.ClubOffer; -import com.eu.habbo.habbohotel.catalog.layouts.ClubBuyLayout; -import com.eu.habbo.habbohotel.catalog.layouts.RecentPurchasesLayout; -import com.eu.habbo.habbohotel.catalog.layouts.RoomBundleLayout; -import com.eu.habbo.habbohotel.catalog.layouts.VipBuyLayout; +import com.eu.habbo.habbohotel.catalog.layouts.*; import com.eu.habbo.habbohotel.items.FurnitureType; import com.eu.habbo.habbohotel.users.HabboBadge; import com.eu.habbo.habbohotel.users.HabboInventory; @@ -24,6 +21,10 @@ import com.eu.habbo.messages.outgoing.users.*; import com.eu.habbo.threading.runnables.ShutdownEmulator; import gnu.trove.map.hash.THashMap; import gnu.trove.procedure.TObjectProcedure; +import org.apache.commons.lang3.StringUtils; + +import static com.eu.habbo.messages.incoming.catalog.CheckPetNameEvent.PET_NAME_LENGTH_MAXIMUM; +import static com.eu.habbo.messages.incoming.catalog.CheckPetNameEvent.PET_NAME_LENGTH_MINIMUM; public class CatalogBuyItemEvent extends MessageHandler { @Override @@ -188,6 +189,11 @@ public class CatalogBuyItemEvent extends MessageHandler { item = this.client.getHabbo().getHabboStats().getRecentPurchases().get(itemId); else item = page.getCatalogItem(itemId); + if (page instanceof PetsLayout) { // checks it's the petlayout + String[] check = extraData.split("\n"); // splits the extradata + if ((check.length != 3) || (check[0].length() < PET_NAME_LENGTH_MINIMUM) || (check[0].length() > PET_NAME_LENGTH_MAXIMUM) || (!StringUtils.isAlphanumeric(check[0])))// checks if there's 3 parts (always is with pets, if not it fucks them off) + return; // if it does it fucks off. + } Emulator.getGameEnvironment().getCatalogManager().purchaseItem(page, item, this.client.getHabbo(), count, extraData, false); diff --git a/src/main/java/com/eu/habbo/messages/incoming/catalog/CheckPetNameEvent.java b/src/main/java/com/eu/habbo/messages/incoming/catalog/CheckPetNameEvent.java index d71897c5..ea5910bb 100644 --- a/src/main/java/com/eu/habbo/messages/incoming/catalog/CheckPetNameEvent.java +++ b/src/main/java/com/eu/habbo/messages/incoming/catalog/CheckPetNameEvent.java @@ -6,17 +6,16 @@ import com.eu.habbo.messages.outgoing.catalog.PetNameErrorComposer; import org.apache.commons.lang3.StringUtils; public class CheckPetNameEvent extends MessageHandler { + public static int PET_NAME_LENGTH_MINIMUM = Emulator.getConfig().getInt("hotel.pets.name.length.min"); + public static int PET_NAME_LENGTH_MAXIMUM = Emulator.getConfig().getInt("hotel.pets.name.length.max"); + @Override public void handle() throws Exception { String petName = this.packet.readString(); - - int minLength = Emulator.getConfig().getInt("hotel.pets.name.length.min"); - int maxLength = Emulator.getConfig().getInt("hotel.pets.name.length.max"); - - if (petName.length() < minLength) { - this.client.sendResponse(new PetNameErrorComposer(PetNameErrorComposer.NAME_TO_SHORT, minLength + "")); - } else if (petName.length() > maxLength) { - this.client.sendResponse(new PetNameErrorComposer(PetNameErrorComposer.NAME_TO_LONG, maxLength + "")); + if (petName.length() < PET_NAME_LENGTH_MINIMUM) { + this.client.sendResponse(new PetNameErrorComposer(PetNameErrorComposer.NAME_TO_SHORT, PET_NAME_LENGTH_MINIMUM + "")); + } else if (petName.length() > PET_NAME_LENGTH_MAXIMUM) { + this.client.sendResponse(new PetNameErrorComposer(PetNameErrorComposer.NAME_TO_LONG, PET_NAME_LENGTH_MAXIMUM + "")); } else if (!StringUtils.isAlphanumeric(petName)) { this.client.sendResponse(new PetNameErrorComposer(PetNameErrorComposer.FORBIDDEN_CHAR, petName)); } else { diff --git a/src/main/java/com/eu/habbo/messages/incoming/guilds/forums/GuildForumPostThreadEvent.java b/src/main/java/com/eu/habbo/messages/incoming/guilds/forums/GuildForumPostThreadEvent.java index c15f6198..ca13c0fb 100644 --- a/src/main/java/com/eu/habbo/messages/incoming/guilds/forums/GuildForumPostThreadEvent.java +++ b/src/main/java/com/eu/habbo/messages/incoming/guilds/forums/GuildForumPostThreadEvent.java @@ -13,6 +13,12 @@ import com.eu.habbo.messages.outgoing.handshake.ConnectionErrorComposer; public class GuildForumPostThreadEvent extends MessageHandler { + + @Override + public int getRatelimit() { + return 1000; + } + @Override public void handle() throws Exception { int guildId = this.packet.readInt();