[cod] Cfg download hacking
Sheepa
sheepa at sheepa.org
Tue Sep 14 14:37:40 EDT 2010
Is there even any working POC for this?
--------------------------------------------------
From: "Marco Padovan" <evolutioncrazy at gmail.com>
Sent: Tuesday, September 14, 2010 8:14 PM
To: "Call of Duty server admin list." <cod at icculus.org>
Subject: Re: [cod] Cfg download hacking
> I see...
>
> will take the "random cfg filename" path as all other workarounds are
> not acceptable for my use :(
>
> On Tue, Sep 14, 2010 at 8:01 PM, Morpheus <morpheus at clantoc.org> wrote:
>> I think iptables is too low-level to deal with such specific hack
>> attempts.
>> At least you can use it to ban IP addresses you catch... It's sad it has
>> not
>> been fixed since discovery, with all the games that are using the
>> codebase...
>>
>> Le 14/09/2010 19:32, Marco Padovan a écrit :
>>>
>>> I'm aware of the exploits... was looking for some suggestion on how to
>>> fix them... even via iptables eventually...
>>>
>>> On Tue, Sep 14, 2010 at 6:56 PM, James Landi<jim at landi.net> wrote:
>>>>
>>>> The exploit I just posted about could be an older version or not the
>>>> same
>>>> as described in this mail list thread.
>>>>
>>>> using the second link should give you a good list of quake based
>>>> exploits
>>>> you may want to watch for.
>>>>
>>>> Sorry for the wrong ling
>>>>
>>>> Jim Landi
>>>> Rudedog
>>>> FPSadmin.com
>>>> Microsoft MVP, Games for Windows | Twitter@ therealrudedog
>>>>
>>>>
>>>> On 9/14/10 12:25 PM, Morpheus wrote:
>>>>>
>>>>> We're talking about the built-in download system, not the http
>>>>> redirect
>>>>> one, which you can control with symlinks and htaccess features. It's
>>>>> about a
>>>>> security hole that virtually exists in all q3-based games (at least
>>>>> for
>>>>> the
>>>>> net code).
>>>>>
>>>>> Le 14/09/2010 18:21, Mavrick a écrit :
>>>>>>
>>>>>> Anyone tried symbolic links?
>>>>>>
>>>>>> On 14/09/2010 3:11 AM, Nosjp Nosjp wrote:
>>>>>>>
>>>>>>> The only one solution: set sv_allowDownload "0"
>>>>>>>
>>>>>>> On Mon, Sep 13, 2010 at 7:45 PM, Marco
>>>>>>> Padovan<evolutioncrazy at gmail.com
>>>>>>> <mailto:evolutioncrazy at gmail.com>> wrote:
>>>>>>>
>>>>>>> We are having major hack attempts that consist in people
>>>>>>> downloading the cfg files.... currently we had to use random
>>>>>>> file names...
>>>>>>>
>>>>>>> is there any solid work around?
>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> cod mailing list
>>>>>>> cod at icculus.org<mailto:cod at icculus.org>
>>>>>>> http://icculus.org/mailman/listinfo/cod
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> cod mailing list
>>>>>>> cod at icculus.org
>>>>>>> http://icculus.org/mailman/listinfo/cod
>>>>>>
>>>>>> _______________________________________________
>>>>>> cod mailing list
>>>>>> cod at icculus.org
>>>>>> http://icculus.org/mailman/listinfo/cod
>>>>>
>>>>> _______________________________________________
>>>>> cod mailing list
>>>>> cod at icculus.org
>>>>> http://icculus.org/mailman/listinfo/cod
>>>>
>>>> _______________________________________________
>>>> cod mailing list
>>>> cod at icculus.org
>>>> http://icculus.org/mailman/listinfo/cod
>>>>
>>> _______________________________________________
>>> cod mailing list
>>> cod at icculus.org
>>> http://icculus.org/mailman/listinfo/cod
>>
>> _______________________________________________
>> cod mailing list
>> cod at icculus.org
>> http://icculus.org/mailman/listinfo/cod
>>
> _______________________________________________
> cod mailing list
> cod at icculus.org
> http://icculus.org/mailman/listinfo/cod
More information about the cod
mailing list