[cod] Cfg download hacking

Nosjp Nosjp nosjpl at gmail.com
Wed Sep 15 03:45:24 EDT 2010 

If you set sv_allowdownload "0" - disable all downloads :  built-in download
+ HTTP redirect download ( it doesn't matter value of sv_wwwDownload)

Another solutions: disable console (set sv_disableClientConsole "1") +
random .cfg name
in case of rcon stealer a player must be connected to server, then player
trying to download manually within game console:
 /download server.cfg   or /download main/server.cfg  guessing server config

Take a look here for more details/solutions:
http://game-violations.ggl.com/index.php?page=Thread&postID=99870#post99870

On Tue, Sep 14, 2010 at 9:48 PM, Morpheus <morpheus at clantoc.org> wrote:

>  I have one question : I have these dvar in my server cfg
>
> set sv_allowdownload "1"
> seta sv_wwwDownload "1"
> seta sv_wwwBaseURL "http://whaterver_you_wnat.com/cod"<http://whaterver_you_wnat.com/cod>
> seta sv_wwwDlDisconnected "1"
>
> If you put the allowdownload to 0, does it disable the www capability ? if
> we could restrict the download part to http downloading, things could be
> easier to cope with.
>
> Le 14/09/2010 20:44, Nosjp Nosjp a écrit :
>
> @Marco:
>
> If you have a server
> - without custom maps/mods/pam -> disable downloads:  seta sv_allowDownload
> "0"
> - with custom maps/mods/pam ->  disable game console (set
> sv_disableClientConsole "1")  + random .cfg name
>
>
>
> On Tue, Sep 14, 2010 at 9:37 PM, Sheepa <sheepa at sheepa.org> wrote:
>
>> Is there even any working POC for this?
>>
>> --------------------------------------------------
>> From: "Marco Padovan" <evolutioncrazy at gmail.com>
>> Sent: Tuesday, September 14, 2010 8:14 PM
>> To: "Call of Duty server admin list." <cod at icculus.org>
>>
>> Subject: Re: [cod] Cfg download hacking
>>
>>   I see...
>>>
>>> will take the "random cfg filename" path as all other workarounds are
>>> not acceptable for my use :(
>>>
>>> On Tue, Sep 14, 2010 at 8:01 PM, Morpheus <morpheus at clantoc.org> wrote:
>>>
>>>>  I think iptables is too low-level to deal with such specific hack
>>>> attempts.
>>>> At least you can use it to ban IP addresses you catch... It's sad it has
>>>> not
>>>> been fixed since discovery, with all the games that are using the
>>>> codebase...
>>>>
>>>> Le 14/09/2010 19:32, Marco Padovan a écrit :
>>>>
>>>>>
>>>>> I'm aware of the exploits... was looking for some suggestion on how to
>>>>> fix them... even via iptables eventually...
>>>>>
>>>>> On Tue, Sep 14, 2010 at 6:56 PM, James Landi<jim at landi.net>  wrote:
>>>>>
>>>>>>
>>>>>>  The exploit I just posted about could be an older version or not the
>>>>>> same
>>>>>> as described in this mail list thread.
>>>>>>
>>>>>> using the second link should give you a good list of quake based
>>>>>> exploits
>>>>>> you may want to watch for.
>>>>>>
>>>>>> Sorry for the wrong ling
>>>>>>
>>>>>> Jim Landi
>>>>>> Rudedog
>>>>>> FPSadmin.com
>>>>>> Microsoft MVP, Games for Windows | Twitter@ therealrudedog
>>>>>>
>>>>>>
>>>>>> On 9/14/10 12:25 PM, Morpheus wrote:
>>>>>>
>>>>>>>
>>>>>>> We're talking about the built-in download system, not the http
>>>>>>> redirect
>>>>>>> one, which you can control with symlinks and htaccess features. It's
>>>>>>> about a
>>>>>>> security hole that virtually exists in all q3-based games (at least
>>>>>>> for
>>>>>>> the
>>>>>>> net code).
>>>>>>>
>>>>>>> Le 14/09/2010 18:21, Mavrick a écrit :
>>>>>>>
>>>>>>>>
>>>>>>>> Anyone tried symbolic links?
>>>>>>>>
>>>>>>>> On 14/09/2010 3:11 AM, Nosjp Nosjp wrote:
>>>>>>>>
>>>>>>>>>
>>>>>>>>> The only one solution:  set sv_allowDownload "0"
>>>>>>>>>
>>>>>>>>> On Mon, Sep 13, 2010 at 7:45 PM, Marco
>>>>>>>>> Padovan<evolutioncrazy at gmail.com
>>>>>>>>> <mailto:evolutioncrazy at gmail.com>>  wrote:
>>>>>>>>>
>>>>>>>>>   We are having major hack attempts that consist in people
>>>>>>>>>   downloading the cfg files....  currently we had to use random
>>>>>>>>>   file names...
>>>>>>>>>
>>>>>>>>>   is there any solid work around?
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>   _______________________________________________
>>>>>>>>>   cod mailing list
>>>>>>>>>   cod at icculus.org<mailto:cod at icculus.org>
>>>>>>>>>   http://icculus.org/mailman/listinfo/cod
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> cod mailing list
>>>>>>>>> cod at icculus.org
>>>>>>>>> http://icculus.org/mailman/listinfo/cod
>>>>>>>>>
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> cod mailing list
>>>>>>>> cod at icculus.org
>>>>>>>> http://icculus.org/mailman/listinfo/cod
>>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> cod mailing list
>>>>>>> cod at icculus.org
>>>>>>> http://icculus.org/mailman/listinfo/cod
>>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> cod mailing list
>>>>>> cod at icculus.org
>>>>>> http://icculus.org/mailman/listinfo/cod
>>>>>>
>>>>>>  _______________________________________________
>>>>> cod mailing list
>>>>> cod at icculus.org
>>>>> http://icculus.org/mailman/listinfo/cod
>>>>>
>>>>
>>>> _______________________________________________
>>>> cod mailing list
>>>> cod at icculus.org
>>>> http://icculus.org/mailman/listinfo/cod
>>>>
>>>>  _______________________________________________
>>> cod mailing list
>>> cod at icculus.org
>>> http://icculus.org/mailman/listinfo/cod
>>>
>> _______________________________________________
>> cod mailing list
>> cod at icculus.org
>> http://icculus.org/mailman/listinfo/cod
>>
>
>
> _______________________________________________
> cod mailing listcod at icculus.orghttp://icculus.org/mailman/listinfo/cod
>
>
> _______________________________________________
> cod mailing list
> cod at icculus.org
> http://icculus.org/mailman/listinfo/cod
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://icculus.org/pipermail/cod/attachments/20100915/22a43ac3/attachment.htm>

More information about the cod mailing list