Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Bugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Full-disclosure] Re: Endless loop in Halo 1.06

from [Joel Esler] Network Security [Permanent Link]
Subject: [Full-disclosure] Re: Endless loop in Halo 1.06
Date: Tue, 24 May 2005 14:55:21 -0400 
(I suppose that may have been a little funnier, had I spelled "BASIC" correctly.

Jeez...

On 5/24/05, Joel Esler <eslerj@gmail.com> wrote:

I heard you can create a loop by using "BASEIC" code by going into the
menu running

10 Click on "Settings"
20 Click on "Main Menu"
30 Click on "Settings"
40 Click on "Main Menu"
50 GOTO 10


On 5/24/05, Luigi Auriemma <aluigi@autistici.org> wrote:


#######################################################################

                            Luigi Auriemma

Application:  Halo: Combat Evolved
             http://www.microsoft.com/games/pc/halo.aspx
Versions:     <= 1.06 and Custom Edition 1.00
Platforms:    Windows
Bug:          endless loop
Exploitation: remote, versus server
Date:         24 May 2005
Author:       Luigi Auriemma
             e-mail: aluigi@autistici.org
             web:    http://aluigi.altervista.org


#######################################################################


1) Introduction
2) Bug
3) The Code
4) Fix


#######################################################################

===============
1) Introduction
===============


Halo is the great FPS game developed by Bungie Studios and ported on PC
by Gearbox Software (http://www.gearboxsoftware.com).
It is published by Microsoft Games (http://www.microsoft.com/games/)
and has been released at the end of 2003.


#######################################################################

======
2) Bug
======


The game is not able to handle the malformed data with the conseguence
of entering in an endless loop that continues to check the same data.
The effects are that the server freezes completely, so is no longer
able to handle packets, and the CPU goes to 100%.


#######################################################################

===========
3) The Code
===========


http://aluigi.altervista.org/poc/haloloop.zip


#######################################################################

======
4) Fix
======


The upcoming version 1.07 should be released in these days, the bug has
been reported to the developers exactly one month ago.


#######################################################################


---
Luigi Auriemma
http://aluigi.altervista.org





--
Joel Esler
BASE Project Lead
http://sourceforge.net/projects/secureideas




-- 
Joel Esler
BASE Project Lead
http://sourceforge.net/projects/secureideas
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Full-disclosure] Re: Endless loop in Halo 1.06, Joel Esler
Next by Date:  [Full-disclosure] iDEFENSE Security Advisory 05.24.05: Ipswitch IMail IMAP LSUB DoS Vulnerability, iDEFENSE Labs
Previous by Thread:  [Full-disclosure] Re: Endless loop in Halo 1.06, Joel Esler
Next by Thread:  CAID 32896 - Computer Associates Vet Antivirus engine heap overflow vulnerability, Williams, James K
Indexes:  [Date] [Thread] [Top] [All Lists]