[cod] Cfg download hacking
Mavrick
mavrick.master at gmail.com
Wed Sep 15 04:29:12 EDT 2010
Probably a silly question but can u set the rcon password in the
console query string?
If so, why not database the password then just parse it when the server
loads? This way anyone can use the exploit if they want but wont get the
password?
On 15/09/2010 5:45 PM, Nosjp Nosjp wrote:
> If you set sv_allowdownload "0" - disable all downloads : built-in
> download + HTTP redirect download ( it doesn't matter value of
> sv_wwwDownload)
>
> Another solutions: disable console (set sv_disableClientConsole "1") +
> random .cfg name
> in case of rcon stealer a player must be connected to server, then
> player trying to download manually within game console:
> /download server.cfg or /download main/server.cfg guessing server
> config
>
> Take a look here for more details/solutions:
> http://game-violations.ggl.com/index.php?page=Thread&postID=99870#post99870
> <http://game-violations.ggl.com/index.php?page=Thread&postID=99870#post99870>
>
> On Tue, Sep 14, 2010 at 9:48 PM, Morpheus <morpheus at clantoc.org
> <mailto:morpheus at clantoc.org>> wrote:
>
> I have one question : I have these dvar in my server cfg
>
> set sv_allowdownload "1"
> seta sv_wwwDownload "1"
> seta sv_wwwBaseURL "http://whaterver_you_wnat.com/cod"
> <http://whaterver_you_wnat.com/cod>
> seta sv_wwwDlDisconnected "1"
>
> If you put the allowdownload to 0, does it disable the www
> capability ? if we could restrict the download part to http
> downloading, things could be easier to cope with.
>
> Le 14/09/2010 20:44, Nosjp Nosjp a écrit :
>> @Marco:
>>
>> If you have a server
>> - without custom maps/mods/pam -> disable downloads: seta
>> sv_allowDownload "0"
>> - with custom maps/mods/pam -> disable game console (set
>> sv_disableClientConsole "1") + random .cfg name
>>
>>
>>
>> On Tue, Sep 14, 2010 at 9:37 PM, Sheepa <sheepa at sheepa.org
>> <mailto:sheepa at sheepa.org>> wrote:
>>
>> Is there even any working POC for this?
>>
>> --------------------------------------------------
>> From: "Marco Padovan" <evolutioncrazy at gmail.com
>> <mailto:evolutioncrazy at gmail.com>>
>> Sent: Tuesday, September 14, 2010 8:14 PM
>> To: "Call of Duty server admin list." <cod at icculus.org
>> <mailto:cod at icculus.org>>
>>
>> Subject: Re: [cod] Cfg download hacking
>>
>> I see...
>>
>> will take the "random cfg filename" path as all other
>> workarounds are
>> not acceptable for my use :(
>>
>> On Tue, Sep 14, 2010 at 8:01 PM, Morpheus
>> <morpheus at clantoc.org <mailto:morpheus at clantoc.org>> wrote:
>>
>> I think iptables is too low-level to deal with such
>> specific hack attempts.
>> At least you can use it to ban IP addresses you
>> catch... It's sad it has not
>> been fixed since discovery, with all the games that
>> are using the
>> codebase...
>>
>> Le 14/09/2010 19:32, Marco Padovan a écrit :
>>
>>
>> I'm aware of the exploits... was looking for some
>> suggestion on how to
>> fix them... even via iptables eventually...
>>
>> On Tue, Sep 14, 2010 at 6:56 PM, James
>> Landi<jim at landi.net <mailto:jim at landi.net>> wrote:
>>
>>
>> The exploit I just posted about could be an
>> older version or not the
>> same
>> as described in this mail list thread.
>>
>> using the second link should give you a good
>> list of quake based exploits
>> you may want to watch for.
>>
>> Sorry for the wrong ling
>>
>> Jim Landi
>> Rudedog
>> FPSadmin.com
>> Microsoft MVP, Games for Windows | Twitter@
>> therealrudedog
>>
>>
>> On 9/14/10 12:25 PM, Morpheus wrote:
>>
>>
>> We're talking about the built-in download
>> system, not the http redirect
>> one, which you can control with symlinks
>> and htaccess features. It's
>> about a
>> security hole that virtually exists in
>> all q3-based games (at least for
>> the
>> net code).
>>
>> Le 14/09/2010 18:21, Mavrick a écrit :
>>
>>
>> Anyone tried symbolic links?
>>
>> On 14/09/2010 3:11 AM, Nosjp Nosjp wrote:
>>
>>
>> The only one solution: set
>> sv_allowDownload "0"
>>
>> On Mon, Sep 13, 2010 at 7:45 PM,
>> Marco
>> Padovan<evolutioncrazy at gmail.com
>> <mailto:evolutioncrazy at gmail.com>
>> <mailto:evolutioncrazy at gmail.com
>> <mailto:evolutioncrazy at gmail.com>>>
>> wrote:
>>
>> We are having major hack
>> attempts that consist in people
>> downloading the cfg files....
>> currently we had to use random
>> file names...
>>
>> is there any solid work around?
>>
>>
>>
>> _______________________________________________
>> cod mailing list
>> cod at icculus.org
>> <mailto:cod at icculus.org><mailto:cod at icculus.org
>> <mailto:cod at icculus.org>>
>> http://icculus.org/mailman/listinfo/cod
>>
>>
>>
>> _______________________________________________
>> cod mailing list
>> cod at icculus.org
>> <mailto:cod at icculus.org>
>> http://icculus.org/mailman/listinfo/cod
>>
>>
>> _______________________________________________
>> cod mailing list
>> cod at icculus.org <mailto:cod at icculus.org>
>> http://icculus.org/mailman/listinfo/cod
>>
>>
>> _______________________________________________
>> cod mailing list
>> cod at icculus.org <mailto:cod at icculus.org>
>> http://icculus.org/mailman/listinfo/cod
>>
>>
>> _______________________________________________
>> cod mailing list
>> cod at icculus.org <mailto:cod at icculus.org>
>> http://icculus.org/mailman/listinfo/cod
>>
>> _______________________________________________
>> cod mailing list
>> cod at icculus.org <mailto:cod at icculus.org>
>> http://icculus.org/mailman/listinfo/cod
>>
>>
>> _______________________________________________
>> cod mailing list
>> cod at icculus.org <mailto:cod at icculus.org>
>> http://icculus.org/mailman/listinfo/cod
>>
>> _______________________________________________
>> cod mailing list
>> cod at icculus.org <mailto:cod at icculus.org>
>> http://icculus.org/mailman/listinfo/cod
>>
>> _______________________________________________
>> cod mailing list
>> cod at icculus.org <mailto:cod at icculus.org>
>> http://icculus.org/mailman/listinfo/cod
>>
>>
>>
>> _______________________________________________
>> cod mailing list
>> cod at icculus.org <mailto:cod at icculus.org>
>> http://icculus.org/mailman/listinfo/cod
>
> _______________________________________________
> cod mailing list
> cod at icculus.org <mailto:cod at icculus.org>
> http://icculus.org/mailman/listinfo/cod
>
>
>
> _______________________________________________
> cod mailing list
> cod at icculus.org
> http://icculus.org/mailman/listinfo/cod
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://icculus.org/pipermail/cod/attachments/20100915/a112f2f9/attachment-0001.htm>
More information about the cod
mailing list