PtokaX forum

PtokaX => Bugs => Topic started by: 007etunonna on 24 December, 2004, 11:30:48

Title: 'EAccessViolation' in module PtokaX.exe....
Post by: 007etunonna on 24 December, 2004, 11:30:48
Hello ptaczek, I want inform you about a dangerous bug of ptokax.

The program which uses this bug, don?t logs in, but connects only the socket and sends some commands raw.

This application totality blocks the ptokax (any versions).

 

This is ?debug.log?

 

---------------------------21/12/2004 22.18.58---------------------------

Exception 'EAccessViolation' in module PtokaX.exe at 000DA46F

Access violation at address 004DB46F in module 'PtokaX.exe'. Write of address 00000004

 

Call stack:

:004DB46F [PtokaX.exe]

:004DBDF2 [PtokaX.exe]

:004DBEB9 [PtokaX.exe]

:005551FD [PtokaX.exe]

:004DB964 [PtokaX.exe]

:005550C1 [PtokaX.exe]

:0042D5F8 [PtokaX.exe]

:004144DD [PtokaX.exe] ThubForm::Kick (frmHub.cpp, line 2503)

:77D15CEC [USER32.dll]

:77D15CB7 [USER32.dll]

:00433726 [PtokaX.exe] classUsers:;CheckMaxHubs (colUsers.cpp, line 398)

:77D17E67 [USER32.dll]

:746BC331 [MSCTF.dll]

:746BC336 [MSCTF.dll]

:005202FE [PtokaX.exe]

:005201E4 [PtokaX.exe]

:004C36EA [PtokaX.exe]

:77D13A50 [USER32.dll]

:77D13B1F [USER32.dll]

:77D13D79 [USER32.dll]

:77D14374 [USER32.dll]

:0051CF50 [PtokaX.exe]

:0051CF6F [PtokaX.exe]

:0051D18F [PtokaX.exe]

:0051D1D2 [PtokaX.exe]

:00401B38 [PtokaX.exe] WinMain (PtokaX.cpp, line 44)

:00562C0F [PtokaX.exe]

:00400000 [PtokaX.exe]

:772A4187 [SHLWAPI.dll]

:77E6141A [kernel32.dll]

:772A4187 [SHLWAPI.dll]

 

Main Thread ID = 00000430, Current Thread ID = 00000430

Registers:

EAX = 00000000  CS = 001B  EIP = 004DB46F  Flags = 00010212

EBX = 00148E40  SS = 0023  ESP = 0012FBB0    EBP = 00D6CA1C

ECX = 00000001  DS = 0023  ESI = 00000018    FS  = 0038

EDX = 00D6CE3C  ES = 0023  EDI = 00000014    GS  = 0000

Code at CS:EIP

89 50 04 5B C3 8B 00 89 02 89 50 04 5B C3 90 90

Stack:

00D6CA30 004DBDF2 00000004 00000004 0012FBF0

00000000 00000000 772A4187 004DD105 00DDC9A0

0056CA0B 01475208 0000000B 00000000 00DD9DF0

772A4187 FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF

 

 

 

 

These are the commands

 

(1.2.47.82) > dsfsdfd|

x User removed: (Socket 836)

(1.2.47.82) > dsklfsdkfjdk|

x User removed: (Socket 860)

(1.2.47.82) > dfds|

x User removed: (Socket 800)

- User has closed the connection:

x User removed: (Socket 848)

(1.2.47.82) > dksjfskdjfk|

x User removed: (Socket 860)

(1.2.47.82) > ldskfsdlfkdl|

x User removed: (Socket 848)

(1.2.47.82) > dlskfsdlkfdl|

x User removed: (Socket 848)

(1.2.47.82) > dsfdsf|

x User removed: (Socket 368)

(1.2.47.82) > ldskfsdlkfld|

x User removed: (Socket 368)

(1.2.47.82) > ldskfdslkfdlkfdl|

x User removed: (Socket 368)

 

 

Please, help me!

PS : I?m Italian and my English isn?t excellent but I hope which you?ll understand.

Answer me soon!

Ptokax rulesssssssssssssssssssss!!!! LoL

Thanks Bye.
Title:
Post by: DJ Bert on 25 December, 2004, 22:46:27
1. What is the OS you run ptokax on?
2. What version of ptokax you run?

Grttzzz,
DJ Bert
Title:
Post by: PPK on 26 December, 2004, 03:20:17
Yes this bug is very dangerous and fixed few weeks ;) Anyway thx for report :]
Title:
Post by: 6Marilyn6Manson6 on 26 December, 2004, 10:55:19
Hello:

---------------------------19/12/2004 13.00.04---------------------------
Exception 'EAccessViolation' in module PtokaX.exe at 00035A9D
Access violation at address 00436A9D in module 'PtokaX.exe'. Read of address 4C627788

Call stack:
:00436A9D [PtokaX.exe] theLoop::AddSocketToQueue (serviceLoop.cpp, line 90)
:0044CDEF [PtokaX.exe] ServerThread::Execute (ServerThread.cpp, line 103)
:004C762F [PtokaX.exe]
:004C7689 [PtokaX.exe]
:004E33A6 [PtokaX.exe]
:77E602ED [kernel32.dll]
:77E7BB86 [kernel32.dll]

Main Thread ID = 0000089C, Current Thread ID = 000008BC
Registers:
EAX = 4C627548 CS = 001B EIP = 00436A9D Flags = 00010246
EBX = 00DB11C4 SS = 0023 ESP = 0375FEA4 EBP = 0375FEAC
ECX = 0375FF3C DS = 0023 ESI = 00000000 FS = 0038
EDX = 000004D4 ES = 0023 EDI = 00000000 GS = 0000
Code at CS:EIP
8B 80 40 02 00 00 E8 C8 84 08 00 A1 7C C8 59 00
Stack:
00436A9D 0375FEA4 0375FF70 0044CDEF 00000000
00000000 00000000 77E7BB86 004E2505 052FD0F4
00571F0B 05281318 0000000B 00000000 036514DC
77E7BB86 FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF


bye bye ^^
Title:
Post by: 007etunonna on 27 December, 2004, 13:06:13
We noted simple telnet connections with some random strings, then the server crashed. What is the exactly the bug ? How is it produced ? And what is the exact bug ? How can we simulate to test our hubs ?
Title:
Post by: quebecmachub on 02 January, 2005, 21:45:47
(1.2.47.82) > dsfsdfd|

x User removed: (Socket 836)

(1.2.47.82) > dsklfsdkfjdk|

x User removed: (Socket 860)

(1.2.47.82) > dfds|

x User removed: (Socket 800)

- User has closed the connection:

x User removed: (Socket 848)

(1.2.47.82) > dksjfskdjfk|

x User removed: (Socket 860)

(1.2.47.82) > ldskfsdlfkdl|

x User removed: (Socket 848)

(1.2.47.82) > dlskfsdlkfdl|

x User removed: (Socket 848)

(1.2.47.82) > dsfdsf|

x User removed: (Socket 368)

(1.2.47.82) > ldskfsdlkfld|

x User removed: (Socket 368)

(1.2.47.82) > ldskfdslkfdlkfdl|

x User removed: (Socket 368)

first, this is not a Ptokax bug.....
i did experience the same thing.....
it is cause by the ip of the guy ( 1.2.47.82)

this is a IP that belong to FAKEFILES SERVER  and is use for flood ,
all the IP under the range 6.0.0.0 are mostly use by anti-p2p corporation.....

i recommand to use a firewall or any other software to block those IP range....

most of the crash i encounter on my 2 hub runnig the 0.3.26 4.99 ptokax was because of mass flood......

i have installed PeerGardian + Mcafee firewall, and that stop the flood........ but PeerGardian also block a lot of IP....  so you need to be carefull if you use it.....

quebecmachub.no-ip.com:1090
fq.no-ip.com:4111

proud to use PtokaX ,  the New Beta 0.330
Title:
Post by: ChriStrato on 14 February, 2005, 11:08:51
Hello :D lol

Quoteit is cause by the ip of the guy ( 1.2.47.82)

this is a IP that belong to FAKEFILES SERVER and is use for flood ,
all the IP under the range 6.0.0.0 are mostly use by anti-p2p corporation.....

lol

this ip: 1.2.47.82  is my ip private in FASTWEB :D ! don't is a anti-p2p corporation :D and I  have found this "bug"!

ciauz lol