<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=Content-Type content="text/html; charset=us-ascii">
<meta name=Generator content="Microsoft Word 12 (filtered medium)">
<style>
<!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:Consolas;}
span.EmailStyle19
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=EN-US link=blue vlink=purple>
<div class=WordSection1>
<p class=MsoNormal> “… <span style='font-size:11.0pt;
font-family:"Calibri","sans-serif";color:black'>that word. I do not think it
means what you think it means.” >;o)<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:black'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#0070C0'>con·spic·u·ous (k n-sp k y - s). adj. 1.
Easy to notice; obvious.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:black'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:black'>I believe you meant inconspicuously…<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:black'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#0070C0'>in·con·spic·u·ous ( n k n-sp k y -
s). adj. Not readily noticeable.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in'>
<p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span></b><span
style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> Geoff Goas
[mailto:gitman@gmail.com] <br>
<b>Sent:</b> Monday, September 13, 2010 5:37 PM<br>
<b>To:</b> Call of Duty server admin list.<br>
<b>Subject:</b> Re: [cod] Cfg download hacking<o:p></o:p></span></p>
</div>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal style='margin-bottom:12.0pt'>I had this very same problem
and posted to this list about it not too long ago. Its all Q3-based games.<br>
<br>
Make sure your configs are conspicuously named, and if they do happen to be
available in the same path, that you put some sort of rewrite rule in to deny
access.<o:p></o:p></p>
<div>
<p class=MsoNormal>On Mon, Sep 13, 2010 at 6:04 PM, saimon <<a
href="mailto:saimon@optonline.net">saimon@optonline.net</a>> wrote:<o:p></o:p></p>
<div>
<p class=MsoNormal>Having spent much time in a Soldier of Fortune clan I can
tell you that yes there is a script that can be run against a server with
downloads turned on that will automatically go after the [in Sof it is the
Sof2mp.cfg] config file that has the rcon password. In my experience
acquiring that password was always the goal the attacker [script kiddie] would
then proceed to kick out/ban all clan members and change the name of the server
the idiots that went around doing this really ruined the game for a large
amount of the community. I can't say for sure or not if the same script
works with all Quake based game it could well be from the same source I was
told that leader of the Sof2 clan Heretic, its leard Heretic Death
was a distributor of this script/tool for a price. You may also want to
open a console while in the game and type download and see if any directory
structures you and hit.<o:p></o:p></p>
<div>
<div>
<p class=MsoNormal><br>
<br>
On 9/13/2010 3:33 PM, David@Game-Serve wrote: <o:p></o:p></p>
</div>
</div>
<blockquote style='margin-top:5.0pt;margin-bottom:5.0pt'>
<div>
<div>
<p class=MsoNormal>On 13/09/10 20:16, Morpheus wrote: <o:p></o:p></p>
<p class=MsoNormal>Yes, but it is only relevant with http downloading (I'm
simlinking the folder too, but with a good htaccess restrictions, and stricts
permission on the files--only readable by the owner). Is it possible to use the
client to try downloading the cfg through the built-in protocol ? That could be
the major hack, and it can potentially touch every quake-based game, at least
those using the same net codebase (cod2 is one of them).<br>
<br>
But I'm pretty sure it's not the case, and http is the way to follow, and to
harden...<o:p></o:p></p>
<p class=MsoNormal style='margin-bottom:12.0pt'><br>
You mean like the one that already exists on the quake3 engine based games?
like mohaa which will allow you to download the config files on servers that
dont have downloads disabled (set sv_allowDownload "0"), whats worse
is that mohaa doesn't even use the server-client download functions of the
quake3 engine but the code must still be in there somewhere as the exploit
works<br>
<br>
<o:p></o:p></p>
</div>
</div>
<pre><o:p> </o:p></pre><pre>_______________________________________________<o:p></o:p></pre><pre>cod mailing list<o:p></o:p></pre>
<div><pre><a href="mailto:cod@icculus.org" target="_blank">cod@icculus.org</a><o:p></o:p></pre><pre><a
href="http://icculus.org/mailman/listinfo/cod" target="_blank">http://icculus.org/mailman/listinfo/cod</a><o:p></o:p></pre><pre> <o:p></o:p></pre></div>
</blockquote>
</div>
<p class=MsoNormal style='margin-bottom:12.0pt'><br>
_______________________________________________<br>
cod mailing list<br>
<a href="mailto:cod@icculus.org">cod@icculus.org</a><br>
<a href="http://icculus.org/mailman/listinfo/cod" target="_blank">http://icculus.org/mailman/listinfo/cod</a><o:p></o:p></p>
</div>
<p class=MsoNormal><br>
<br clear=all>
<br>
-- <br>
Geoff Goas<br>
Network Engineer<o:p></o:p></p>
</div>
</body>
</html>