####################################################################### Luigi Auriemma Application: Battle Mages http://www.bm-game.com Versions: 1.0 Platforms: Windows Bug: server freeze Exploitation: remote, versus server Date: 11 Mar 2004 Author: Luigi Auriemma e-mail: aluigi@autistici.org web: aluigi.org ####################################################################### 1) Introduction 2) Bug 3) The Code 4) Fix ####################################################################### =============== 1) Introduction =============== Battle Mages is a RPG (role playing game) developed by Targem games (http://www.targem.ru). An important note is about the releasing date of this game, in fact at the moment it is available only in Russia while the UK, US and european versions will be released soon (March/April 2004 probably). ####################################################################### ====== 2) Bug ====== The bug is a freeze of the server caused by the sending of incomplete data, in fact the server uses a function that tries to read the expected data block infinite times until it will be received completely. ####################################################################### =========== 3) The Code =========== For testing a specific server: http://aluigi.org/poc/battlemagy.zip The following proof-of-concept instead listens for the UDP packet of a LAN server and automatically freezes it: http://aluigi.org/poc/battlemagx.zip ####################################################################### ====== 4) Fix ====== Developers have been contacted and have confirmed the network problems of this game. They will probably implement the fix when the game will be released in the rest of the world, I don't know if a patch will be released for the russian version. #######################################################################