Jump to content

Mohaa server file browsing


zelathor

Recommended Posts

That only shows the user's files, not the servers.

 

Sorry to say this, but you are wrong.

 

Try rcon cd .. a 4 or 5 times and then rcon dir.

 

You can actually browse through other folders(clients) accounts.

 

Don´t know if more can be done, but I will explore the game server´s file commands.

 

Regards,

 

ZelathoR

Link to comment
Share on other sites

Hey Jason,

 

I don't see where you logged into Rcon 1st. Also this giude

 

http://thewarlegends.com/rconguide

 

Says you can do it..

 

RCON Commands

 

 

cd

Usage: rcon cd [path]

cd = Change Directory. This is the same command used in dos. You can change directory on the server.

 

Doh...........

 

I just pulled up a cmd list and it appears to be in there

 

 

 

]cmdlist

cmdlist

cvarlist

gamemap

map

set

reloadmap

ai_calltrace

ai_delete

exitintermission

entcount

gamevars

levelvars

snd

cam

classtree

classlist

dumpallclasses

dumpclassevents

classevents

dumpevents

eventhelp

pendingevents

eventlist

dmmessage

secondarydmweapon

primarydmweapon

spectator

join_team

zoomoff

safezoom

safeholster

holster

fov

gameversion

reload

weapnext

weapprev

invnext

invprev

notready

ready

script

kill

noclip

notarget

god

give

seta

exec

netprofiledump

say

difficultyHard

difficultyMedium

difficultyEasy

killserver

devmap

spdevmap

spmap

sectorlist

restart

dumpuser

systeminfo

serverinfo

status

clientkick

kick

heartbeat

midiinfo

net_restart

in_restart

pause

changeVectors

quit

touchFile

cd

fdir

dir

path

append

scale

subtract

add

cvar_savegame_restart

cvar_restart

reset

setu

sets

toggle

alias

wait

echo

vstr

meminfo

93 commands

 

Although this command-line parameter may stop it as well as the basepath or fs_path

]

 

fs_cdpath ""

Link to comment
Share on other sites

oooh and check this out..

 

 

]dir

 

Directory of D:\ClientInstalls\XXXXX\GameServers\TC13246002354177886274860

 

5/31/2008 1:14a <dir> .

5/31/2008 1:14a <dir> ..

10/24/2002 5:18p 150.1k 00000000.016

10/24/2002 5:18p 301.1k 00000000.256

12/12/2001 1:25a 150.1k 00000409.016

12/12/2001 1:25a 301.1k 00000409.256

12/04/2001 7:05p 138.5k 3dfxgl.dll

12/04/2001 7:05p 84.0k Configure.exe

10/02/2002 8:24p 84.0k configure_spearhead.exe

10/24/2002 5:18p 23.0k drvmgt.dll

12/14/2007 0:06p <dir> eReg

12/14/2007 0:22p <dir> Ereg MOHAAS

11/06/2002 2:43p 0.3k ffa.bat

4/03/2002 5:02p 219.5k fpupdate.exe

12/04/2001 7:05p 188.0k IFC22.dll

12/04/2001 7:05p 134.5k ijl10.dll

6/01/2008 2:06a <dir> main

11/04/2008 7:27a <dir> mainta

3/07/2002 3:59p 2.4m MOHAA.exe

3/07/2002 3:59p 544.1k MOHAA_server.exe

3/04/2003 4:26p 2.3m moh_spearhead.exe

3/04/2003 4:27p 576.1k moh_spearhead_server.exe

11/06/2002 2:43p 0.3k objective.bat

3/06/2002 11:24a 2.7k PatchReadme111.txt

11/06/2002 2:44p 0.3k round.bat

10/24/2002 5:18p 12.2k secdrv.sys

11/06/2002 4:13p 3.1k Server_readme.txt

12/14/2007 0:06p <dir> snddrivers

SV packet 66.168.208.39:-2883 : getstatus

 

 

Then I do this command

 

cd C:\

and then

dir and look

 

SV packet 85.197.98.13:-32729 : getstatus

]cd C:\

]dir

 

Directory of C:\

 

4/17/2008 3:10a 0.0k AUTOEXEC.BAT

4/17/2008 3:10a 0.0k CONFIG.SYS

4/17/2008 3:15a <dir> Documents and Settings

10/21/2006 7:28a <dir> I386

4/17/2008 1:02p <dir> Prepp

7/28/2008 11:54p <dir> Program Files

11/24/2008 11:10p <dir> WINDOWS

4/17/2008 3:10a <dir> wmpub

8 file(s) 0 bytes

 

 

WOW!!!

Link to comment
Share on other sites

Hi,

 

It does bother me the fact that a customer can actually browse and knows what other customers have and what I have on my machine.

 

Setting file permissions to the system account out of the question.

 

Creating another account with same system properties, and start TCAdmin service under that account? GPO, etc...?

 

Thinking in Host Intrusion Protection Software (HIPS). Will see what´s around... Been looking for a HIPS solution for my box for some time now, time to get into the action.

 

 

Thanks for the help.

 

 

Regards,

 

ZelathoR

Link to comment
Share on other sites

Hey Jason,

 

I don't see where you logged into Rcon 1st. Also this giude

 

http://thewarlegends.com/rconguide

 

Says you can do it..

 

RCON Commands

 

 

cd

Usage: rcon cd [path]

cd = Change Directory. This is the same command used in dos. You can change directory on the server.

 

Doh...........

 

I just pulled up a cmd list and it appears to be in there

 

 

 

]cmdlist

cmdlist

cvarlist

gamemap

map

set

reloadmap

ai_calltrace

ai_delete

exitintermission

entcount

gamevars

levelvars

snd

cam

classtree

classlist

dumpallclasses

dumpclassevents

classevents

dumpevents

eventhelp

pendingevents

eventlist

dmmessage

secondarydmweapon

primarydmweapon

spectator

join_team

zoomoff

safezoom

safeholster

holster

fov

gameversion

reload

weapnext

weapprev

invnext

invprev

notready

ready

script

kill

noclip

notarget

god

give

seta

exec

netprofiledump

say

difficultyHard

difficultyMedium

difficultyEasy

killserver

devmap

spdevmap

spmap

sectorlist

restart

dumpuser

systeminfo

serverinfo

status

clientkick

kick

heartbeat

midiinfo

net_restart

in_restart

pause

changeVectors

quit

touchFile

cd

fdir

dir

path

append

scale

subtract

add

cvar_savegame_restart

cvar_restart

reset

setu

sets

toggle

alias

wait

echo

vstr

meminfo

93 commands

 

Although this command-line parameter may stop it as well as the basepath or fs_path

]

 

fs_cdpath ""

 

fs_cdpath Only now I read it.

 

Thanks!

Link to comment
Share on other sites

Did you try running the game service as a different user with limited permissions?

 

You can modify the user at Administrative Services >> Services

 

Right click the game server's service and modify the user.

 

Hi,

 

I was thinking in Firedaemon when I said something about TCAdmin´s monitor service account...

 

NT services can only be run under System accounts and administrators accounts. Don´t know about power users... And having windows accept nt services being run under user accounts would mean to change acls.

 

Big headache.

 

Creating an administrator account, running the mohaa service under it, and mess with this user´s file permissions... Could work. But in case of a buffer overflow exploit, it´s an admin account, and someone can spawn and run stuff... This is just an example and I am probably just being paranoid, but we have to be careful. It is our job, isn´t it?

 

Thanks for the help.

 

Regards,

 

Zelathor

Link to comment
Share on other sites

+set fs_cdpath %userfilespath%

 

I assume, I will try it tonight.

 

Just tried it, doesn´t work.

 

Done some research, this variable is actually for the cd-rom´s game location. With another variable enabled, it is possible to have the game copied to the basepath.

 

Of course, this is in theory. Most of the advanced stuff doesn´t work in medal, like map downloading, etc...

 

Will still look for a HIPS.

 

By the way, where can I change which account TCAdmin uses to create NT service?

 

Regards,

 

Zelathor

Link to comment
Share on other sites

  • 9 months later...

You guys do realize that unless someone gets your rcon they cannot use dir to look at the server. all they get to look at are their own files. You can prevent outsiders from getting your server cfg and therefore your rcon by putting sv_allowdownload 0 in your server config.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Who's Online   0 Members, 0 Anonymous, 8 Guests (See full list)

    • There are no registered users currently online
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue. Terms of Use