Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Assembly.Load Exploit C# #2353

Open
PlantBronze opened this issue Jan 20, 2024 · 6 comments
Open

Assembly.Load Exploit C# #2353

PlantBronze opened this issue Jan 20, 2024 · 6 comments
Assignees
@prikolium-cfx
Labels
bug ScRT: C# Issues/PRs related to either C# scripting runtimes triage Needs a preliminary assessment to determine the urgency and required action

Comments

@PlantBronze
Copy link

What happened?

Assembly.Load and MemoryStream function can be manipulated in client sided c# to load bytes onto the clients pc

Expected result

nothing

Reproduction steps

This is a small example of some c# that returns the bytes from plain UTF8

        string data = "Test UTF8 Data, this will be converted into bytes and printed, which can be manipulated into retrieving it from another source than this current specified one";
        byte[] dataBytes = Encoding.UTF8.GetBytes(data);
        memoryStream.Write(dataBytes, 0, dataBytes.Length);

        byte[] resultBytes = GetMemoryStreamBytes(memoryStream);

        Debug.WriteLine("Original Data: " + data);
        Debug.WriteLine("Bytes from MemoryStream: " + BitConverter.ToString(resultBytes));

Importancy

Security issue

Area(s)

FiveM, ScRT: C#

Specific version(s)

FiveM

Additional information

No response
@PlantBronze PlantBronze added bug triage Needs a preliminary assessment to determine the urgency and required action labels Jan 20, 2024
@github-actions github-actions bot added the ScRT: C# Issues/PRs related to either C# scripting runtimes label Jan 20, 2024
@PlantBronze
Copy link
Author

PlantBronze commented Jan 20, 2024
edited by Disquse
Loading

Also the reporter who deleted it made an own "anticheat" XD

@benzyme16
Copy link

Also the reporter who deleted it made an own "anticheat" XD

which is legitimate, imagine pasting, skiddo

@benzyme16
Copy link

try and make ur own stuff, its great people can see who posted this first

@0x98a
Copy link

0x98a commented Jan 21, 2024

damn imagine looking through deleted issues and reposting them, they would have seen it either way (and they have already)

@0x98a
Copy link

0x98a commented Jan 21, 2024

even making it worse that ur bio is "fivem developer"

@neptunium-cfx
Copy link
Contributor

Please guys - there's no need for any sort of weird drama here.

@citizenfx citizenfx locked as too heated and limited conversation to collaborators Jan 21, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@prikolium-cfx prikolium-cfx

Labels
bug ScRT: C# Issues/PRs related to either C# scripting runtimes triage Needs a preliminary assessment to determine the urgency and required action
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@PlantBronze @0x98a @benzyme16 @neptunium-cfx @prikolium-cfx