所有案件
花火的案件
#78674: "The entire card deck is exposed to the player via `gameui.gamedatas.deck`"
#78674: "The entire card deck is exposed to the player via `gameui.gamedatas.deck`"
这个案件是关于哪方面的?
发生什么事? 请从下方选择
规则:一条游戏规则没有被写进游戏程序里
发生什么事? 请从下方选择
规则:一条游戏规则没有被写进游戏程序里
请检查是否已有同课题案件
若肯定,请「投票」给这桩案件。最高票的案件将「优先」处理!
# | Status | Votes | Game | Type | Title | Last update |
---|
细节描述
• 如果有的话,请将你在屏幕上所看到的错误信息粘贴出来.
The player's cards aren't completely hidden. The card deck is not hidden.• 请说明你当时想做什么,你做了什么,然后发生了什么
No.• 你的浏览器是什么?
Google Chrome v108
• 请简明而精确地解释您的建议,以便让人明白您想表达的意思。
The player's cards aren't completely hidden. The card deck is not hidden.• 你的浏览器是什么?
Google Chrome v108
• 当你被封锁的时候,屏幕上出现了些什么呢?(空白的屏幕?部分游戏平台画面?错误的信息?)
The player's cards aren't completely hidden. The card deck is not hidden.• 你的浏览器是什么?
Google Chrome v108
• 哪个规则没有被BGA的设计小组写进游戏里?
The player's cards aren't completely hidden. The card deck is not hidden.• 在游戏回放中,是否有不符合游戏规则的地方?如果有的话,请问是在哪一步呢?
No.• 你的浏览器是什么?
Google Chrome v108
• 你当时是想做哪个游戏行动?
The player's cards aren't completely hidden. The card deck is not hidden.• 你在想做什么的时候,触发了这个游戏选项?
No.• 当你想这么做时,发生了什么事(错误信息,游戏状态信息,......)?
• 你的浏览器是什么?
Google Chrome v108
• 请问这个问题发生在游戏的哪个阶段(当前的游戏说明是什么)?
The player's cards aren't completely hidden. The card deck is not hidden.• 当你想进行一个游戏行动时,发生了什么事(错误信息,游戏状态信息,......)?
No.• 你的浏览器是什么?
Google Chrome v108
• 请描述一下显示画面上面的问题。 如果你有这个系统漏洞发生时的屏幕截图(画质不要太差),你可以使用Imgur.com来把它上传到网络,然后将链接复制/粘贴到这里来。
The player's cards aren't completely hidden. The card deck is not hidden.• 你的浏览器是什么?
Google Chrome v108
• 请简明而精确地解释您的建议,以便让人明白您想表达的意思。
The player's cards aren't completely hidden. The card deck is not hidden.• 你的浏览器是什么?
Google Chrome v108
案件历史
2023年1月 5日 22:53 • Spicy • 漏洞尚未被修复:
For some reason the game client knows the entire content of the card deck from the very beginning of the match. This data is passed to `gameui.completesetup(...)` as an argument (location: the page source) and is accessible through `gameui.gamedatas.deck`.
Here's a script that uses this information, which we definitely shouldn't have, and prints the player's hand and the top card of the deck.
```
(function() {
function printPlayerHand() {
const cardsDiv = document.getElementById(`playertablecard_${gameui.player_id}`);
const cards = [...cardsDiv.getElementsByClassName("card")].reverse();
const message = cards.map(card => {
const cardId = card.id.split("_").at(-1);
const info = gameui.gamedatas.deck[cardId];
return info ? `${info.type_arg} ${gameui.colorNames[info.type]}` : "?";
}).join(", ");
console.log(`Your hand: ${message}`);
}
function printNextCard() {
const cardsLeft = Number(document.getElementById("deck_pile_item_1").textContent);
const info = gameui.gamedatas.deck[String(cardsLeft * 2)];
console.log(`The next card in the deck: ${info.type_arg} ${gameui.colorNames[info.type]}`)
}
printPlayerHand();
printNextCard();
})();
```
Output: i.imgur.com/UjiO7xF.png
Now I know my cards are (4 blue, 2 white, 5 green, ?) without needing any clues. "?" means this card is one of my starting cards, so it's not in the `deck` object.
Interestingly enough, I couldn't find any usage of this object in the code. If that's true, I'm guessing it's a pretty easy fix.
Here's a script that uses this information, which we definitely shouldn't have, and prints the player's hand and the top card of the deck.
```
(function() {
function printPlayerHand() {
const cardsDiv = document.getElementById(`playertablecard_${gameui.player_id}`);
const cards = [...cardsDiv.getElementsByClassName("card")].reverse();
const message = cards.map(card => {
const cardId = card.id.split("_").at(-1);
const info = gameui.gamedatas.deck[cardId];
return info ? `${info.type_arg} ${gameui.colorNames[info.type]}` : "?";
}).join(", ");
console.log(`Your hand: ${message}`);
}
function printNextCard() {
const cardsLeft = Number(document.getElementById("deck_pile_item_1").textContent);
const info = gameui.gamedatas.deck[String(cardsLeft * 2)];
console.log(`The next card in the deck: ${info.type_arg} ${gameui.colorNames[info.type]}`)
}
printPlayerHand();
printNextCard();
})();
```
Output: i.imgur.com/UjiO7xF.png
Now I know my cards are (4 blue, 2 white, 5 green, ?) without needing any clues. "?" means this card is one of my starting cards, so it's not in the `deck` object.
Interestingly enough, I couldn't find any usage of this object in the code. If that's true, I'm guessing it's a pretty easy fix.
2023年1月 7日 10:10 • Spicy • 漏洞尚未被修复:
The `deck` object is no longer present in `gameui.gamedatas`. Looks like the issue has already been patched. Thanks for the quick fix.
增加一些新内容到这篇报告
任何可能重现这项漏洞或了解你的建议之相关资讯,都请在此填写:
- 其他的游戏桌 ID / 移动 ID
- 按 F5 是否解决了这个问题?
- 问题是否发生了好几次?还是每次都发生?还是时好时坏?
- 如果你有这个系统漏洞发生时的屏幕截图(画质不要太差),你可以使用Imgur.com来把它上传到网络,然后将链接复制/粘贴到这里来。
更改案件状态为:
bug?id=78674