Haxor

Old server topics and posts from 2010, Read only
Official Member
User avatar
Posts: 636
Joined: Tue May 27, 2008 0:00

Haxor

Postby wuju » Sat Jul 24, 2010 16:12

Heya.

There was werid situation in PS1 about 4 minutes ago.

Conected guy with nick hax0r

said ill crush that server

And he rly did it in 2 seconds :o

server message was exacly the same like yesterday when

server was still crushing

There is moment when he come from my client.log file
[et_code]
16:07:23 Dight^3: ^2Great shot!
16:07:26 ^oT^?!^ogg^?3^or^3*^1[^8TZ^1]^3*^3: ^2Thank you!
16:07:27 ^#Cap^$Rosy^#^@Cheeks^7: ^2hehe
16:07:31 hax0r^7: ^2hey
16:07:37 ^0Cutt^7Off^3: ^2Hi!
16:07:37 (^7Magic^.Man^7)^3(D,4)^7:^5Sorry!
16:07:41 CALLEJON^3: ^2Hallo!
16:07:51 hax0r^7: ^2im gonna crash this server
16:07:52 (Felipe Minchia^7)^3(F,5)^7:^5Thanks!
16:07:54 lb-mouse^3: ^2Jawohl!
[/et_code]
Image

Spam Pro
User avatar
Posts: 239
Joined: Fri Oct 03, 2008 0:00
Location: Germany - Bavaria

Postby eLemenT » Sat Jul 24, 2010 16:43

Client Disconnect Exploit works simply through a cfg and once you execute it all players on the server will get kicked.


New exploit - it doesn't crash the Server, all players get kicked out.
Also theres another thingy which can take down the Server.. but you need to pay for it.. quote..

..luckily I have already created a new private hack which is able to take down ET servers.


So basically Rangeban the Person and it he won't be able to.

BTW.. it would be better you move this one in Membersection.. just incase

Official Member
User avatar
Posts: 636
Joined: Tue May 27, 2008 0:00

Postby wuju » Sat Jul 24, 2010 17:04

ok so plz warren move it to MF :)
Image

Spam Noob
User avatar
Posts: 20
Joined: Sat Mar 13, 2010 1:00

Postby Player » Sat Jul 24, 2010 19:33

You can't solve software security issues by banning people or hiding information.

Spam Pro
User avatar
Posts: 239
Joined: Fri Oct 03, 2008 0:00
Location: Germany - Bavaria

Postby eLemenT » Sat Jul 24, 2010 19:54

So.. let's provide every information that half of the players know howto do and kick every player out each minute, imo it should stay more private.

Chaplja said it will be fixed in SLAC though.

Server High Admin
User avatar
Posts: 373
Joined: Sun Jun 29, 2008 0:00

Postby PolygonWindow » Sat Jul 24, 2010 20:12


Official Member
User avatar
Posts: 636
Joined: Tue May 27, 2008 0:00

Postby wuju » Sat Jul 24, 2010 20:26

looks like solution
Image

Spam Noob
User avatar
Posts: 20
Joined: Sat Mar 13, 2010 1:00

Postby Player » Sat Jul 24, 2010 20:39

It won't stay private anyway. This exploit seems to be already well known.

A minute of Google search leads to a "new" format string or buffer overflow vulnerability. You'd be lucky if this isn't even way more exploitable. The servers should be patched immediately or taken offline.

Website Manager
User avatar
Posts: 6378
Joined: Tue May 09, 2006 0:00
Location: Netherlands

Postby warren-the-ape » Sat Jul 24, 2010 20:52

Player wrote:You can't solve software security issues by banning people or hiding information.


Yes, security through obscurity isn't the best approach ;) People that want to do harm always find a way..

We're aware of the problem and will take care of it asap.
"When the pin is pulled, Mr. Grenade is not our friend." Image

Spam Pro
User avatar
Posts: 239
Joined: Fri Oct 03, 2008 0:00
Location: Germany - Bavaria

Postby eLemenT » Sat Jul 24, 2010 21:17

Here you go PS friends.

http://www.crossfire.nu/?x=forum&mode=item&id=33891

Greetings from LL community, have fun :)

EDIT: Ah, someone was faster than me though. :)


Still, Pales Wolf-SS tool still works, even with this fix.

Talented Spammer
User avatar
Posts: 175
Joined: Mon Sep 21, 2009 0:00
Location: Paris suburbs, France

Postby Spaceman » Wed Jul 28, 2010 20:53

Does every player have to download the patch or is it server side? 8O

Official Member
User avatar
Posts: 2598
Joined: Wed Dec 26, 2007 1:00
Location: Estonia

Postby deep » Wed Jul 28, 2010 21:06

first line says "server patch" - so its not client side

Return to PS Forum Archives - 2010

Who is online

Users browsing this forum: No registered users and 1 guest