SickPuppy Posted February 19, 2009 Share Posted February 19, 2009 Has anyone been hit with this hack yet and is there a fix for it Link to comment Share on other sites More sharing options...
jcroom Posted February 19, 2009 Share Posted February 19, 2009 For what game? Link to comment Share on other sites More sharing options...
SickPuppy Posted February 20, 2009 Author Share Posted February 20, 2009 Looks like Wolf ET right now but I think it can also be used on other games Link to comment Share on other sites More sharing options...
jcroom Posted February 20, 2009 Share Posted February 20, 2009 There are several exploits with the Q3 Engine for gaining the rcon password. The most common two are 1. An exploit that allows you to download the server config file (therefore being able to see the rcon password) and 2. an rcon brute forcer. To fix 1. turn off auto downloading. To fix 2. You will need to modify the game executable to limit rcon commands to a half second. ( I do not have this patched for ET.) Hope that helps. Link to comment Share on other sites More sharing options...
{-SMAKU-}_MotorMouth Posted February 20, 2009 Share Posted February 20, 2009 There are several exploits with the Q3 Engine for gaining the rcon password. The most common two are 1. An exploit that allows you to download the server config file (therefore being able to see the rcon password) and 2. an rcon brute forcer. To fix 1. turn off auto downloading. To fix 2. You will need to modify the game executable to limit rcon commands to a half second. ( I do not have this patched for ET.) Hope that helps. I tried the exe patch but that didn't work. It seems to be a problem with 2.55 more that 2.60b. Link to comment Share on other sites More sharing options...
KP-Dallas Posted February 20, 2009 Share Posted February 20, 2009 There is an exploit in etadmin_mod and it allows you to gain access with certin user names but,i wont say in public forums here Link to comment Share on other sites More sharing options...
Todd Holley Posted March 5, 2009 Share Posted March 5, 2009 Just for reference; Luigi Auriemma has made many patches for the quake engine. And although he has addressed this problem he has NOT made a patch for this. The rcon stealing problem CAN be fixed in games such as the Call of Duty 1 series if you disable downloading, or just create a dummy server config that isn't used. The second option I listed always worked for me. Note that this problem died as quickly as it began as it led to the banning of many users, guilty or not and was not looked upon highly by many members of the gaming community. Link to comment Share on other sites More sharing options...
Andy @ UVGaming.co.uk Posted March 5, 2009 Share Posted March 5, 2009 As others have said there is no direct fix for this apart from disabling the auto downloader. However it is suggested that when this isn't possible you make it more difficult by making a dummy server.cfg or setting up the servers to use a different config name i.e instead of using server.cfg you use xxx8.cfg. This just makes it harder for the hacker to find the file but doesn't stop it. Link to comment Share on other sites More sharing options...
Steven Crothers Posted March 5, 2009 Share Posted March 5, 2009 The hack doesn't really seem to work in 2.60, though I notice it in 2.55 and 2.56.... Why people don't upgrade there FREE game is beyond me, because us hosts are stuck hosting it. Link to comment Share on other sites More sharing options...
Creed3020 Posted March 5, 2009 Share Posted March 5, 2009 We had an issue with someone stealing the rcon password but this was in CSS and caused by a security hole in EventScripts, though there is a fix available. Link to comment Share on other sites More sharing options...
KP-Dallas Posted March 6, 2009 Share Posted March 6, 2009 There is a fix for this, If you guys are in need please let me know and i can try to post the fix here if its no problem with ECF there are a couple ways 1st being in ETAdminMod were someuser names gives them admin powers and 2nd being were they just download your server.cfg file all work in 2.60b and 2.55 2.60 is harder Link to comment Share on other sites More sharing options...
Todd Holley Posted March 29, 2009 Share Posted March 29, 2009 Just to update and bring this to light... you need to be extremely careful with games that have the downloading exploit unpatched. I suggest using non default tca userfiles locations. These kids have nothing else to do, and could possibly get ahold of some files that you'd rather them not have. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.