[cod] Cfg download hacking
Nosjp Nosjp
nosjpl at gmail.com
Tue Sep 14 14:44:31 EDT 2010
@Marco:
If you have a server
- without custom maps/mods/pam -> disable downloads: seta sv_allowDownload
"0"
- with custom maps/mods/pam -> disable game console (set
sv_disableClientConsole "1") + random .cfg name
On Tue, Sep 14, 2010 at 9:37 PM, Sheepa <sheepa at sheepa.org> wrote:
> Is there even any working POC for this?
>
> --------------------------------------------------
> From: "Marco Padovan" <evolutioncrazy at gmail.com>
> Sent: Tuesday, September 14, 2010 8:14 PM
> To: "Call of Duty server admin list." <cod at icculus.org>
>
> Subject: Re: [cod] Cfg download hacking
>
> I see...
>>
>> will take the "random cfg filename" path as all other workarounds are
>> not acceptable for my use :(
>>
>> On Tue, Sep 14, 2010 at 8:01 PM, Morpheus <morpheus at clantoc.org> wrote:
>>
>>> I think iptables is too low-level to deal with such specific hack
>>> attempts.
>>> At least you can use it to ban IP addresses you catch... It's sad it has
>>> not
>>> been fixed since discovery, with all the games that are using the
>>> codebase...
>>>
>>> Le 14/09/2010 19:32, Marco Padovan a écrit :
>>>
>>>>
>>>> I'm aware of the exploits... was looking for some suggestion on how to
>>>> fix them... even via iptables eventually...
>>>>
>>>> On Tue, Sep 14, 2010 at 6:56 PM, James Landi<jim at landi.net> wrote:
>>>>
>>>>>
>>>>> The exploit I just posted about could be an older version or not the
>>>>> same
>>>>> as described in this mail list thread.
>>>>>
>>>>> using the second link should give you a good list of quake based
>>>>> exploits
>>>>> you may want to watch for.
>>>>>
>>>>> Sorry for the wrong ling
>>>>>
>>>>> Jim Landi
>>>>> Rudedog
>>>>> FPSadmin.com
>>>>> Microsoft MVP, Games for Windows | Twitter@ therealrudedog
>>>>>
>>>>>
>>>>> On 9/14/10 12:25 PM, Morpheus wrote:
>>>>>
>>>>>>
>>>>>> We're talking about the built-in download system, not the http
>>>>>> redirect
>>>>>> one, which you can control with symlinks and htaccess features. It's
>>>>>> about a
>>>>>> security hole that virtually exists in all q3-based games (at least
>>>>>> for
>>>>>> the
>>>>>> net code).
>>>>>>
>>>>>> Le 14/09/2010 18:21, Mavrick a écrit :
>>>>>>
>>>>>>>
>>>>>>> Anyone tried symbolic links?
>>>>>>>
>>>>>>> On 14/09/2010 3:11 AM, Nosjp Nosjp wrote:
>>>>>>>
>>>>>>>>
>>>>>>>> The only one solution: set sv_allowDownload "0"
>>>>>>>>
>>>>>>>> On Mon, Sep 13, 2010 at 7:45 PM, Marco
>>>>>>>> Padovan<evolutioncrazy at gmail.com
>>>>>>>> <mailto:evolutioncrazy at gmail.com>> wrote:
>>>>>>>>
>>>>>>>> We are having major hack attempts that consist in people
>>>>>>>> downloading the cfg files.... currently we had to use random
>>>>>>>> file names...
>>>>>>>>
>>>>>>>> is there any solid work around?
>>>>>>>>
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> cod mailing list
>>>>>>>> cod at icculus.org<mailto:cod at icculus.org>
>>>>>>>> http://icculus.org/mailman/listinfo/cod
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> cod mailing list
>>>>>>>> cod at icculus.org
>>>>>>>> http://icculus.org/mailman/listinfo/cod
>>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> cod mailing list
>>>>>>> cod at icculus.org
>>>>>>> http://icculus.org/mailman/listinfo/cod
>>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> cod mailing list
>>>>>> cod at icculus.org
>>>>>> http://icculus.org/mailman/listinfo/cod
>>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> cod mailing list
>>>>> cod at icculus.org
>>>>> http://icculus.org/mailman/listinfo/cod
>>>>>
>>>>> _______________________________________________
>>>> cod mailing list
>>>> cod at icculus.org
>>>> http://icculus.org/mailman/listinfo/cod
>>>>
>>>
>>> _______________________________________________
>>> cod mailing list
>>> cod at icculus.org
>>> http://icculus.org/mailman/listinfo/cod
>>>
>>> _______________________________________________
>> cod mailing list
>> cod at icculus.org
>> http://icculus.org/mailman/listinfo/cod
>>
> _______________________________________________
> cod mailing list
> cod at icculus.org
> http://icculus.org/mailman/listinfo/cod
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://icculus.org/pipermail/cod/attachments/20100914/38787798/attachment.htm>
More information about the cod
mailing list