MAP FTL/P

measlesmeasles Join Date: 2007-02-26 Member: 60122Members, Constellation
<div class="IPBDescription">Adding maps</div>
Where is a safe place to download new maps?
Is there any site that anyone knows of that has them NOT in a RAR format?

It would be an idea to create a sticky to direct people to an Official Map Download Site. We wouldn't want any of our members getting infected by malicious *Happy Panda* downloading maps.

Comments

  • playerplayer Join Date: 2010-09-12 Member: 73982Members
    You can catch something from rar-files?

    Anyway, there aren't many maps around, and the ones that are out there you'll find in their own threads in the mapping-forum (probably with a download-link in the first-post).
  • ScardyBobScardyBob ScardyBob Join Date: 2009-11-25 Member: 69528Forum Admins, Forum Moderators, NS2 Playtester, Squad Five Blue, Reinforced - Shadow, WC 2013 - Shadow
    Here's a list of all of the currently released custom maps. They are all in either .zip or .rar format and generally from well-known download sites (I personally prefer dropbox). Also, I haven't really heard of anyone getting malicious software on their computer from a .zip or .rar file (although you can from running executables inside those files). If you're concerned about it, you can submit the link to an online virus checker like <a href="http://www.virustotal.com" target="_blank">Virus Total</a>, first.
    <ul><li><b>ns2_triad</b> <a href="http://www.unknownworlds.com/ns2/forums/index.php?showtopic=113658" target="_blank">Forum</a> <a href="http://www.super-nova-team.com/alex/ns2_triad26.rar" target="_blank">Download</a></li><li><b>ns2_descent</b> <a href="http://www.unknownworlds.com/ns2/forums/index.php?showtopic=115041" target="_blank">Forum</a> <a href="http://dl.dropbox.com/u/43181294/ns2_descent_beta01.zip" target="_blank">Download</a></li><li><b>ns2_veil</b> <a href="http://www.unknownworlds.com/ns2/forums/index.php?showtopic=114979" target="_blank">Forum</a> <a href="http://www.megaupload.com/?d=ROEC7Z5A" target="_blank">Download</a></li><li><b>ns2_junction</b> <a href="http://www.unknownworlds.com/ns2/forums/index.php?showtopic=115172" target="_blank">Forum</a> <a href="http://www.mediafire.com/?2j4rx7pz1ybzafo" target="_blank">Download</a></li><li><b>ns2_turtle</b> <a href="http://www.unknownworlds.com/ns2/forums/index.php?showtopic=113440" target="_blank">Forum</a> <a href="http://dl.dropbox.com/u/42877240/ns2_turtle_b1.rar" target="_blank">Download</a></li></ul>
  • Soylent_greenSoylent_green Join Date: 2002-12-20 Member: 11220Members, Reinforced - Shadow
    edited November 2011
    <!--quoteo(post=1885169:date=Nov 16 2011, 08:00 AM:name=player)--><div class='quotetop'>QUOTE (player @ Nov 16 2011, 08:00 AM) <a href="index.php?act=findpost&pid=1885169"><{POST_SNAPBACK}></a></div><div class='quotemain'><!--quotec-->You can catch something from rar-files?<!--QuoteEnd--></div><!--QuoteEEnd-->

    Lets say you are making a program that reads files(for whatever purpose). You assume a string is going to be null-terminated and at most 32 characters long, so when you make your program you just allocate 32 chars on the stack and read in characters from the file one by one until you encounter the null character.

    As long as the file is properly formatted and the character string is actually no longer than 32 characters and null-terminated, this works just fine. But this is a "latent bug". If a malformed file with a string that is longer 32 characters is ever encountered you will overwrite random stuff on the stack(likely including the return adress!). If the file is malformated due to an error, it will probably just crash the application.

    However, this type of bug is particularly nasty because it is a vulnerability that can often be exploited to allow an attacker to execute arbitrary code. Some tedious ###### can make a file with a string that is malformed in just the right way to overflow the character buffer and overwrite the return adress on the stack with a meaningful adress; when the function returns it does not end up at some random adress that is going to cause the application to crash; it ends up trying to execute the contents of the malformed file, which by design contains a trojan or something nasty.

    Winrar 3.x had a number of such vulnerabilities, some of which turned out to be exploitable.
  • playerplayer Join Date: 2010-09-12 Member: 73982Members
    Buffer-overflows? That's just sloppy coding. WinRAR ftl then, though we've had DEP for a while now on Windows.
  • ArgathorArgathor Join Date: 2011-07-18 Member: 110942Members, Squad Five Blue
    edited November 2011
    It seems we are going to add a maps/mod database to our clan site (along with descriptions and reviews eventually) and while the files will still probably be .rar's you have the added knowledge that any suffering you go through will be felt by the whole Duplex clan too, at the very least! ;-)
  • swalkswalk Say hello to my little friend. Join Date: 2011-01-20 Member: 78384Members, Squad Five Blue
    I'm pretty sure that you can trust the people who as uploaded their maps on this forum.
    They want feedback on their map, I doubt they would put malware in their .rar files.
    Also, Arga is currently working on a download section on our website. *Whip cracks*
  • Soylent_greenSoylent_green Join Date: 2002-12-20 Member: 11220Members, Reinforced - Shadow
    <!--quoteo(post=1885685:date=Nov 19 2011, 08:35 AM:name=player)--><div class='quotetop'>QUOTE (player @ Nov 19 2011, 08:35 AM) <a href="index.php?act=findpost&pid=1885685"><{POST_SNAPBACK}></a></div><div class='quotemain'><!--quotec-->Buffer-overflows? That's just sloppy coding. WinRAR ftl then, though we've had DEP for a while now on Windows.<!--QuoteEnd--></div><!--QuoteEEnd-->

    If I remember correctly the most important vulnerability in winrar was a buffer overflow related to long path names.
  • Fluid CoreFluid Core Join Date: 2007-12-26 Member: 63260Members, Reinforced - Shadow
    <!--quoteo(post=1885735:date=Nov 19 2011, 07:20 PM:name=Soylent_green)--><div class='quotetop'>QUOTE (Soylent_green @ Nov 19 2011, 07:20 PM) <a href="index.php?act=findpost&pid=1885735"><{POST_SNAPBACK}></a></div><div class='quotemain'><!--quotec-->If I remember correctly the most important vulnerability in winrar was a buffer overflow related to long path names.<!--QuoteEnd--></div><!--QuoteEEnd-->

    I find this information you provided in this thread mighty interesting :)
Sign In or Register to comment.