Jump to content

Name Change Exploit


Guest iTz BinaryX

Recommended Posts

CharacterHandler.cpp :

   // make sure that the character belongs to the current account, that rename at login is enabled
   // and that there is no character with the desired new name
   CharacterDatabase.AsyncPQuery(&WorldSession::HandleChangePlayerNameOpcodeCallBack,
       GetAccountId(), newname,
       "SELECT guid, name FROM characters WHERE guid = %d AND account = %d AND (at_login & %d) = %d AND NOT EXISTS (SELECT NULL FROM characters WHERE name = '%s')",
       GUID_LOPART(guid), GetAccountId(), AT_LOGIN_RENAME, AT_LOGIN_RENAME, escaped_newname.c_str()
   );

Server checks that player can really change his name (AT_LOGIN_RENAME).

So, I don't think it works, but I can be wrong

Link to comment
Share on other sites

    // make sure that the character belongs to the current account, that rename at login is enabled
   // and that there is no character with the desired new name
   CharacterDatabase.AsyncPQuery(&WorldSession::HandleChangePlayerNameOpcodeCallBack,
       GetAccountId(), newname,
       "SELECT guid, name FROM characters WHERE guid = %d AND account = %d AND (at_login & %d) = %d AND NOT EXISTS (SELECT NULL FROM characters WHERE name = '%s')",
       GUID_LOPART(guid), GetAccountId(), AT_LOGIN_RENAME, AT_LOGIN_RENAME, escaped_newname.c_str()
   );

same functionality in mangos zero

it checks if at_login_rename bit is set in at_login column of the character otherwise the SQL-Query will return null rows

afaik AsyncPQuery will give the result of the SQL-Query to its CallBack Handler function ( in this case &WorldSession::HandleChangePlayerNameOpcodeCallBack )

the query should effect 1 or 0 rows ( 1 if at_login is set, 0 if its not set in database)

Link to comment
Share on other sites

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue. Privacy Policy Terms of Use