[cod] A word of advice
Tomé Duarte
tome.duarte at gmail.com
Tue Jan 19 20:19:22 EST 2010
I believe when you're using HTTP redirect the gameserver automatically
redirects all downloads to the configured URL. However, a custom application
to exploit this misconfiguration may somehow be able to download the
server.cfg; this depends on the server code but it's highly probable that it
redirects the request to the webserver.
Does anyone have any more info on this vuln? Is it just the sv_allowdownload
cvar or are there any other "requirements"? Is there a published vuln report
or exploit?
Cheers,
Tomé Duarte
Connect with me via:
Twitter: http://twitter.com/tomeduarte
LinkedIn: http://www.linkedin.com/in/tduarte
On Wed, Jan 20, 2010 at 1:04 AM, Geoff Goas <gitman at gmail.com> wrote:
> I do... I was under the impression that sv_allowdownload had to be enabled
> in order for HTTP redirect to work. Is that not the case?
>
>
> On Mon, Jan 18, 2010 at 7:36 PM, Mavrick Master <mavrick.master at gmail.com>wrote:
>
>> Do you have the http redirect setup?
>>
>> If not, may I suggest you set this up and in the off-server http location
>> only store the mod and not your config files. This should solve your
>> problem.
>>
>>
>> Daniel 'mavrick' Lang
>> www.mavrick.id.au
>>
>>
>> On Sun, Jan 17, 2010 at 2:45 PM, Geoff Goas <gitman at gmail.com> wrote:
>>
>>> That's correct.
>>>
>>>
>>> On Mon, Jan 11, 2010 at 7:25 PM, Mavrick Master <
>>> mavrick.master at gmail.com> wrote:
>>>
>>>> The client auto-download was used because I presume you are running a
>>>> mod?
>>>>
>>>> Daniel 'mavrick' Lang
>>>> www.mavrick.id.au
>>>>
>>>>
>>>>
>>>> On Thu, Dec 31, 2009 at 11:15 PM, Hannu Kumpeli <hannu at shadowstyle.nl>wrote:
>>>>
>>>>> well after they got the rcon pass they could change all non write
>>>>> protected
>>>>>
>>>>> > But they could only download and view, not edit.correct?
>>>>> >
>>>>> >
>>>>> >
>>>>> > From: Geoff Goas [mailto:gitman at gmail.com]
>>>>> > Sent: Thursday, December 31, 2009 1:03 AM
>>>>> > To: Call of Duty server admin list.
>>>>> > Subject: [cod] A word of advice
>>>>> >
>>>>> >
>>>>> >
>>>>> > This may not be news to some, but I just first hand experience with
>>>>> it, so I
>>>>> > think I should share....
>>>>> >
>>>>> > Someone just gained access to the RCON password for my CoD2 server.
>>>>> > Apparently, they were able to use the client auto-download
>>>>> functionality to
>>>>> > download my server configuration, which I (stupidly) had named
>>>>> "server.cfg".
>>>>> >
>>>>> > So a word to the wise - name your server config in such a way that
>>>>> nobody
>>>>> > can guess what it is. This is a Q3 engine bug, so the whole series is
>>>>> > affected.
>>>>> > --
>>>>> > Geoff Goas
>>>>> > Network Engineer
>>>>> >
>>>>> > _______________________________________________
>>>>> > cod mailing list
>>>>> > cod at icculus.org
>>>>> > http://icculus.org/mailman/listinfo/cod
>>>>>
>>>>> _______________________________________________
>>>>> cod mailing list
>>>>> cod at icculus.org
>>>>> http://icculus.org/mailman/listinfo/cod
>>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> cod mailing list
>>>> cod at icculus.org
>>>> http://icculus.org/mailman/listinfo/cod
>>>>
>>>>
>>>
>>>
>>> --
>>> Geoff Goas
>>> Network Engineer
>>>
>>> _______________________________________________
>>> cod mailing list
>>> cod at icculus.org
>>> http://icculus.org/mailman/listinfo/cod
>>>
>>>
>>
>> _______________________________________________
>> cod mailing list
>> cod at icculus.org
>> http://icculus.org/mailman/listinfo/cod
>>
>>
>
>
> --
> Geoff Goas
> Network Engineer
>
> _______________________________________________
> cod mailing list
> cod at icculus.org
> http://icculus.org/mailman/listinfo/cod
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://icculus.org/pipermail/cod/attachments/20100120/2d583cb4/attachment.htm>
More information about the cod
mailing list