[cod] Cfg download hacking

Geoff Goas gitman at gmail.com
Mon Sep 13 21:05:54 EDT 2010 

Hmmm... I meant to do that? See, I'm the config stealer...

On Mon, Sep 13, 2010 at 6:46 PM, Leadly <leadbritches at austinservers.com>wrote:

>   “… that word. I do not think it means what you think it means.”  >;o)
>
>
>
> con·spic·u·ous (k n-sp k y - s). adj. 1. Easy to notice; obvious.
>
>
>
> I believe you meant inconspicuously…
>
>
>
> in·con·spic·u·ous ( n k n-sp k y - s). adj. Not readily noticeable.
>
>
>
> *From:* Geoff Goas [mailto:gitman at gmail.com]
> *Sent:* Monday, September 13, 2010 5:37 PM
>
> *To:* Call of Duty server admin list.
> *Subject:* Re: [cod] Cfg download hacking
>
>
>
> I had this very same problem and posted to this list about it not too long
> ago. Its all Q3-based games.
>
>
> Make sure your configs are conspicuously named, and if they do happen to be
> available in the same path, that you put some sort of rewrite rule in to
> deny access.
>
> On Mon, Sep 13, 2010 at 6:04 PM, saimon <saimon at optonline.net> wrote:
>
> Having spent much time in a Soldier of Fortune clan I can tell you that yes
> there is a script that can be run against a server with downloads turned on
> that will automatically go after the [in Sof it is the Sof2mp.cfg] config
> file that has the rcon password.  In my experience acquiring that password
> was always the goal the attacker [script kiddie] would then proceed to kick
> out/ban all clan members and change the name of the server the idiots that
> went around doing this really ruined the game for a large amount of the
> community.  I can't say for sure or not if the same script works with all
> Quake based game it could well be from the same source I was told that
> leader of the Sof2 clan  Heretic,  its leard  Heretic Death was a
> distributor of this script/tool for a price.  You may also want to open a
> console while in the game and type download and see if any directory
> structures you and hit.
>
>
>
> On 9/13/2010 3:33 PM, David at Game-Serve wrote:
>
>  On 13/09/10 20:16, Morpheus wrote:
>
> Yes, but it is only relevant with http downloading (I'm simlinking the
> folder too, but with a good htaccess restrictions, and stricts permission on
> the files--only readable by the owner). Is it possible to use the client to
> try downloading the cfg through the built-in protocol ? That could be the
> major hack, and it can potentially touch every quake-based game, at least
> those using the same net codebase (cod2 is one of them).
>
> But I'm pretty sure it's not the case, and http is the way to follow, and
> to harden...
>
>
> You mean like the one that already exists on the quake3 engine based games?
> like mohaa which will allow you to download the config files on servers that
> dont have downloads disabled (set sv_allowDownload "0"), whats worse is that
> mohaa doesn't even use the server-client download functions of the quake3
> engine but the code must still be in there somewhere as the exploit works
>
>
>
> _______________________________________________
>
> cod mailing list
>
> cod at icculus.org
>
> http://icculus.org/mailman/listinfo/cod
>
>
>
>
> _______________________________________________
> cod mailing list
> cod at icculus.org
> http://icculus.org/mailman/listinfo/cod
>
>
>
>
> --
> Geoff Goas
> Network Engineer
>
> _______________________________________________
> cod mailing list
> cod at icculus.org
> http://icculus.org/mailman/listinfo/cod
>
>


-- 
Geoff Goas
Network Engineer
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://icculus.org/pipermail/cod/attachments/20100913/a055b2b1/attachment.htm>

More information about the cod mailing list