Jump to content

RCON Password Stealer


SickPuppy

Recommended Posts

There are several exploits with the Q3 Engine for gaining the rcon password. The most common two are 1. An exploit that allows you to download the server config file (therefore being able to see the rcon password) and 2. an rcon brute forcer.

 

To fix 1. turn off auto downloading. To fix 2. You will need to modify the game executable to limit rcon commands to a half second. ( I do not have this patched for ET.)

Hope that helps.

Link to comment
Share on other sites

There are several exploits with the Q3 Engine for gaining the rcon password. The most common two are 1. An exploit that allows you to download the server config file (therefore being able to see the rcon password) and 2. an rcon brute forcer.

 

To fix 1. turn off auto downloading. To fix 2. You will need to modify the game executable to limit rcon commands to a half second. ( I do not have this patched for ET.)

Hope that helps.

 

I tried the exe patch but that didn't work. It seems to be a problem with 2.55 more that 2.60b.

Link to comment
Share on other sites

  • 2 weeks later...

Just for reference;

 

Luigi Auriemma has made many patches for the quake engine. And although he has addressed this problem he has NOT made a patch for this. The rcon stealing problem CAN be fixed in games such as the Call of Duty 1 series if you disable downloading, or just create a dummy server config that isn't used. The second option I listed always worked for me. Note that this problem died as quickly as it began as it led to the banning of many users, guilty or not and was not looked upon highly by many members of the gaming community.

Link to comment
Share on other sites

As others have said there is no direct fix for this apart from disabling the auto downloader.

 

However it is suggested that when this isn't possible you make it more difficult by making a dummy server.cfg or setting up the servers to use a different config name i.e instead of using server.cfg you use xxx8.cfg. This just makes it harder for the hacker to find the file but doesn't stop it.

Link to comment
Share on other sites

There is a fix for this,

 

If you guys are in need please let me know and i can try to post the fix here if its no problem with ECF there are a couple ways 1st being in ETAdminMod were someuser names gives them admin powers and 2nd being were they just download your server.cfg file all work in 2.60b and 2.55 2.60 is harder

Link to comment
Share on other sites

  • 4 weeks later...

Just to update and bring this to light... you need to be extremely careful with games that have the downloading exploit unpatched. I suggest using non default tca userfiles locations. These kids have nothing else to do, and could possibly get ahold of some files that you'd rather them not have.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue. Terms of Use