Haha, that last post ended up with arguments, but this one is to show you exactly how a few things can be done with packet sniffers. Thus giving you the proof you said we need to have before making a claim about something.
Ok, I believe this works on all versions of MS including playerworlds, assuming encryption was never added to it.
I was playing around with my packet sniffer just to see how dangerous it was to have someone watching the packets and found a few things out. When the client sends the editmap packet, the server checks to see if the user has access before sending the packet "editmap" back. On the client side, this packet just opens up the mapeditor no questions asked. Normally not that big of a deal because the server has checked if the user has access right?
Using a slightly modified packet sniffer than the one I posted here:
http://ms.shannaracorp.com/forums/viewt ... ?p=880#880
I was able to send to the client, the packet "editmap" and the client assuming I was given permission by the server, just naturally opened up the mapeditor. Of course, the user can't upload a new map without access, but he sure can view it. Meaning, let's say you have a quest that's sort of a maze with invisible walls, or let's say you have a quest where there's several maps that look the same and you have to enter them in a certain combination (up, left, up, up, down, right) in order to get out of the maze. They can easily just look at the mapeditor to find their way through.
Also I'm not sure if this will really work (haven't tested it yet), but in theory, I seem to remember that while mapediting, an admin could remove all blocks on the map, get to the otherside of the map cutting straight through where the blocks were, and then leave the map, thus closing the mapeditor without making any changes. Making a complete shortcut straight through blocks he shouldn't be able to go through. So still completely in theory, with a normal user, the same applies to them.
And before you mention the Position Modification, yes, I know that there is that check, but I also seem to remember, that check not always working. May not be the case for you, but again, it's only theory.
What can you do to prevent this? Absolutely nothing, minus encrypting your packets. Because as stated, the client doesn't currently check if you have access. If you add this check, there's another really simple way around it. You can also just send the following packet to yourself in the same way you send the editmap packet to yourself plus all the sep_chars:
Quote:
"playerdata" & WhateverMyIndexIs & name & sprite & map & x & y & dir & 4 & pk
What does this do? Well look near the end, notice the bolded 4? That's setting your access on the client-side, to 4. Meaning you would still have access to viewing the mapeditor.
There's probably other similar packets. Like, item, spell, npc, shop editors?
Again, just about the only thing you can do to prevent any of this, is packet encryption or switching to byte arrays. Yes a skilled hacker could break through either, but I doubt you'll ever get one trying to break into your game. Then again, another way is the whole making the client completely without admin functions...