Skip to content

Commit f72a540

Browse files
GavpherkGavpherk
authored
Update README.md
1 parent 53de496 commit f72a540

1 file changed

Lines changed: 22 additions & 1 deletion

File tree

README.md

Lines changed: 22 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,2 +1,23 @@
11
# Wizard101LuaRCE
2-
Simple wizard101 Lua RCE method
2+
Simple wizard101 Lua RCE method.
3+
This method is detected, and will get you banned. But you can still Execute your own Lua code, and communicate with the server with Lua. I recommend reading through other scripts in the scripts folder to get a better idea of what you can do.
4+
5+
1. Backup Root.wad
6+
2. Decompile Root.wad with WizWadWiz.exe (https://github.com/11a10318/WizWadWiz/releases/tag/0.6.1)
7+
2. Navigate to the Tutorials folder, and then into the API folder.
8+
3. Open up TutorialUtility.lua and scroll down to the bottom.
9+
4. Find the SkipTutorial() function.
10+
5. Your if statments to RCE with are at lines 797, 799 and 806.
11+
6. Next open your file explorer and navigate to your installation bin folder and create a file named log.txt
12+
7. Next, open the game bypassing the patch client by navigating to your installation bin folder in command prompt and typing the command "WizardGraphicalClient.exe -l login.us.wizard101.com 12000 -P 1 -K 1 -M 1 -EF_OVERFLOW -EF_UNDERFLOW -G log.txt" -- not all these paramaters are neccesary, but they worked, and have since remained my control paramaters for whatever tests I run, it just enables some backround debugging features. And will generate a log to your file your created earlier.
13+
8. Once your logged in, create a new character. start the tutorial, when you reach the owl press the skip tutorial button, and for example if your code you wanted to run was
14+
15+
Server("SetLevel", "120");
16+
Server("SetPrimarySchool", "Storm");
17+
Server("AddSpell", "Thunder Snake");
18+
19+
You would see the appropriate responses from the server in your chatbox, its pretty neat. You will then be swiftly banned.
20+
21+
I have only been banned trying to modify stats. You can use the Lua Engine to make yourself a CSR (customer support) account that can run commands like this though, they've already made the code, you just need to port it and change it around.
22+
23+
The game knows when your wad is corrupt and crashes when you try to continue with the tutorial, this is why I had to build it into the SkipTutorial() function and thus being one of only vulnerable positions to inject.

0 commit comments

Comments
 (0)