<html>
it was easy to do. I downloaded this and no cd key was needed. there were
no servers which could stop it. <br><br>
I'll give it about 2 weeks before this program becomes widespread and all
uk MoH servers get attacked on a daily basis unless something is
done.<br><br>
I've submitted some information to EA and Im going to follow up with a
phone call later. I suspect that if the MoH franchise is of any value to
them, they will release a new patch for allied assault, spearhead and
Breakthrough. All of which are affected by this exploit which has NOT
been patched and CANNOT be patched due to its complexity and the need for
EA's cooperation in developing a patch for this. Otherwise its MoH down
the pan........ and we can all go back to playing
solitaire.....<br><br>
<br><br>
Kim<br><br>
At 09:19 10/08/2004 +0100, you wrote:<br>
<blockquote type=cite class=cite cite>I think ryan mentioned this before
and said that it would be very difficult to do due to the way that cd-key
authentication works.<br>
<br>
i.e. a person has to connect to validate a key.<br><br>
I could be way off but i seem to recall that.<br>
<br>
Richard.<br><br>
<b><i>The Guvnor <guvnor@evildictators.com></i></b> wrote:
<dl>
<dd>Ive found out how people do this, and so far, there is nothing that
can
<dd>stop this.<br><br>
<dd>Ryan, I will email you the dos program they used to do this so you
can look
<dd>at how to patch the current binaries against this.<br><br>
<dd>ps. please make it 64bit compatible.<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<dd>Kim<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<dd>++++++++++++++++++++++++++++++++++++++++++
<dd>Hi ryan et all,<br><br>
<dd>im a little confused as to how the latest mohaa binaries fix the
buffer
<dd>overflow problem. Players are still able to occupy the server slots
with
<dd>fake names using the same ip all in the same minute. Look at the
below:<br><br>
<dd>8th aug 04
<dd>21:18:14 Iamafake/81.156.111.91 has logged on to play
<dd>21:18:14 fakeplayer/81.156.111.91 has logged on to play
<dd>21:20:40 Iamafake/81.156.111.91 has logged on to play
<dd>21:20:40 fakeplayer/81.156.111.91 has logged on to play
<dd>21:20:41 cantseeme/81.156.111.91 has logged on to play<br><br>
<dd>9th aug 04
<dd>16:01:47 Iamafake/81.156.165.154 has logged on to play
<dd>16:01:48 fakeplayer/81.156.165.154 has logged on to play
<dd>16:01:48 cantseeme/81.156.165.154 has logged on to play
<dd>16:01:49 dontkickme/81.156.165.154 has logged on to play
<dd>16:01:49 Iamhere/81.156.165.154 has logged on to play
<dd>16:01:49 wearealot/81.156.165.154 has logged on to play
<dd>16:01:50 kickme/81.156.165.154 has logged on to play
<dd>16:01:57 fake/81.156.165.154 has logged on to play
<dd>16:01:57 whoamI/81.156.165.154 has logged on to play
<dd>16:01:58 whatamI/81.156.165.154 has logged on to play
<dd>16:01:59 whatImustdo/81.156.165.154 has logged on to play
<dd>16:02:00 Ihate/81.156.165.154 has logged on to play
<dd>16:02:00 whoIhate/81.156.165.154 has logged on to play
<dd>16:02:01 whatIhate/81.156.165.154 has logged on to play
<dd>16:02:01 whyIhate/81.156.165.154 has logged on to play
<dd>16:03:54 isthisaPoC/81.156.165.154 has logged on to play<br><br>
<dd>Is the latest binaries supposed to be able to 'stop' the problem or
just
<dd>'limit it' somehow? Whatever it is, the latest binaries dont seem to
be
<dd>stopping the problem, some servers have only have 12 players maximum
and it
<dd>takes just one goofball to take it out. The posted CI logs above are
for a
<dd>server that has the latest mohaa linux binaries.<br><br>
<br><br>
<dd>Kim<br><br>
<br><br>
</dl>This message has been processed by
<a href="http://www.firetrust.com/products/benign/">Firetrust Benign</a>.
</blockquote></html>