[cod] Cfg download hacking

saimon saimon at optonline.net
Mon Sep 13 18:04:16 EDT 2010 

Having spent much time in a Soldier of Fortune clan I can tell you that 
yes there is a script that can be run against a server with downloads 
turned on that will automatically go after the [in Sof it is the 
Sof2mp.cfg] config file that has the rcon password.  In my experience 
acquiring that password was always the goal the attacker [script kiddie] 
would then proceed to kick out/ban all clan members and change the name 
of the server the idiots that went around doing this really ruined the 
game for a large amount of the community.  I can't say for sure or not 
if the same script works with all Quake based game it could well be from 
the same source I was told that leader of the Sof2 clan  Heretic,  its 
leard  Heretic Death was a distributor of this script/tool for a price.  
You may also want to open a console while in the game and type download 
and see if any directory structures you and hit.

On 9/13/2010 3:33 PM, David at Game-Serve wrote:
> On 13/09/10 20:16, Morpheus wrote:
>> Yes, but it is only relevant with http downloading (I'm simlinking 
>> the folder too, but with a good htaccess restrictions, and stricts 
>> permission on the files--only readable by the owner). Is it possible 
>> to use the client to try downloading the cfg through the built-in 
>> protocol ? That could be the major hack, and it can potentially touch 
>> every quake-based game, at least those using the same net codebase 
>> (cod2 is one of them).
>>
>> But I'm pretty sure it's not the case, and http is the way to follow, 
>> and to harden...
>
> You mean like the one that already exists on the quake3 engine based 
> games? like mohaa which will allow you to download the config files on 
> servers that dont have downloads disabled (set sv_allowDownload "0"), 
> whats worse is that mohaa doesn't even use the server-client download 
> functions of the quake3 engine but the code must still be in there 
> somewhere as the exploit works
>
>
>
> _______________________________________________
> cod mailing list
> cod at icculus.org
> http://icculus.org/mailman/listinfo/cod
>    
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://icculus.org/pipermail/cod/attachments/20100913/55516fab/attachment.htm>

More information about the cod mailing list