 |
snoogans
Novice
Joined: 28 Oct 2001
Posts: 43
Location: USA
|
 Posted: Tue Oct 01, 2002 9:20 am
HUGE problem in zmud with html font parsing
|
Okay it has come to my attention that the html parsing of the font can be abused in a huge way. A friend showed it to me earlier. He pasted this line to me in a tell ...
Exploit deleted - already fixed in current beta version. Next public version will also contain the fix.
And what happens is it makes all text after it forever untill you close the window in windigs font, naturally you cant read it :) He also did a font color=black and everything turned black essentially disapearing. I looked through settings and couldnt find a way to turn it off. If someone knows of a way to turn it off please tell me, I dont want to lose all of my stuff because of this and i dont want to stop using zmud either, I hope it will be fixed very soon as it is a huge problem.
P.S. - dont be an ass and abuse this
Edited by - Kjata on 10/02/2002 15:09:58 |
|
|
|
|
Shalla
Newbie
Joined: 01 Oct 2002
Posts: 3
|
Posted: Tue Oct 01, 2002 1:25 pm
|
Wow. I tried saying that block of funny text out loud on the mud I play, and it screwed up everything like you said.
Shutting MXP off fixed things. Maybe there is a better solution somewhere, shrug. |
|
|
|
|
LightBulb
MASTER
Joined: 28 Nov 2000
Posts: 4817
Location: USA
|
Posted: Tue Oct 01, 2002 4:52 pm
|
Try the obvious?
<font type="Times New Roman">
LightBulb
Senior Member |
|
|
|
|
Kjata
GURU
Joined: 10 Oct 2000
Posts: 4379
Location: USA
|
Posted: Tue Oct 01, 2002 10:13 pm
|
Try e-mailing Zugg with this so he is informed about it.
Kjata |
|
|
|
|
Vijilante
SubAdmin
Joined: 18 Nov 2001
Posts: 5182
|
Posted: Tue Oct 01, 2002 10:21 pm
|
This seems to have been corrected in a beta version along the way, so the next public version will handle this correctly.
|
|
|
|
|
Kjata
GURU
Joined: 10 Oct 2000
Posts: 4379
Location: USA
|
Posted: Tue Oct 01, 2002 10:26 pm
|
Heh, there you go.... that's what happens when you don't have zMUD available for testing. 
Kjata |
|
|
|
|
cingulli
Wanderer
Joined: 30 Aug 2001
Posts: 53
Location: Finland
|
Posted: Wed Oct 02, 2002 7:06 pm
|
Whats the version of zMUD you are using Snoogans?
|
|
|
|
|
Charbal
GURU
Joined: 15 Jun 2001
Posts: 654
Location: USA
|
Posted: Wed Oct 02, 2002 7:58 pm
|
This appears to be caused by unmatched tags. From the MXP specification at Nick Gammon's site:
quote:
Automatic closure of modal elements
To guard against room designers (or people chatting) inadvertently forgetting to close their modal elements the client will automatically close outstanding open tags as follows:
Open mode
All outstanding tags are closed at any of the following:
newline n
escape e
mode change to secure mode
link loss (loss of connection to server)
<snip>
Closure of tags out of sequence
It is possible, indeed likely, that closing tags will be received out of sequence.
eg.
<B>This is bold text. <I>This is bold italic text. </B></I>
The </I> should have been sent first. For simplicity of client implementation, the client should close all outstanding tags, up to and including the one requested. In the example above, the </B> would close both the outstanding <I> and the <B>.
zMUD 6.16 had several known bugs in its MXP implementation but until now, they hadn't really been explored and exploited.
I'm not a fan of security through obscurity but since Zugg is in the middle of working on zExplorer and the zMUD beta isn't entirely ready for a public version, can a forum moderator (or Snoogans) edit out the exploit itself and mail it directly to Zugg? No point in making things easier for those who might use this maliciously.
In the meantime, a workaround that doesn't involve disabling MXP: click the Prefs button, click the + next to MXP, click Elements, click the System tab and uncheck the box for <font>. With that disabled, the exploit merely makes your text bold. You could uncheck <b>, <bold>, <i> and <italic> if you want.
- Charbal |
|
|
|
|
Kjata
GURU
Joined: 10 Oct 2000
Posts: 4379
Location: USA
|
Posted: Wed Oct 02, 2002 9:07 pm
|
This is not a case of security by obscurity. This is just a case of a simple bug, an honest human mistake, and Zugg has not gone to any lengths to hide it. He recognized it as a bug, fixed it and implemented it in the very next version after it had been fixed. Unfortunately, that was a beta version and no public version has come out after it until now. However, Zugg just said a few days ago that a public version for zMUD is really near, so all of those that don't use beta version will get the fix very soon.
Kjata |
|
|
|
|
Charbal
GURU
Joined: 15 Jun 2001
Posts: 654
Location: USA
|
Posted: Thu Oct 03, 2002 1:32 am
|
I think you misunderstood my meaning (which, looking back, I stated exceptionally poorly :P)... I did not mean in any way to imply that Zugg was trying to hide it at all. I believe that exploits should be public knowledge but not until it is responsible to disclose them. When the best option is to upgrade to a beta version (honestly, how many zMUD users are actually going to apply my workaround?), it isn't really responsible to expose the customer base.
That's why I suggested that a moderator edit out the exploit. I agree wholeheartedly, Kjata; this is not security through obscurity. But without a non-beta fix at this time, some might see it as that even though leaving it (the exploit) in would be irresponsible. That's all I meant.
- Charbal |
|
|
|
|
Kjata
GURU
Joined: 10 Oct 2000
Posts: 4379
Location: USA
|
Posted: Thu Oct 03, 2002 12:56 pm
|
Oh, I see.
*nod* I agree.
Kjata |
|
|
|
|
|
|
|
