| View previous topic :: View next topic |
| Author |
Message |
Anonymous2
Joined: 18 Mar 2006
Posts: 3
|
 Posted: Tue Mar 28, 2006 6:42 am Post subject: Auto-downloading executable code? |
 |
|
I'm sorry if this has been addressed before, I can't find it.
When you connect to a server, it's possible to autodownload .PK3s, which in turn may contain .DLLs. Wouldn't this allow to take complete control of the machine (install virus, etc.)?
In Quake3, only QVMs (Quake Virtual Machines) were allowed inside PK3s, and those couldn't cause much harm (in fact, this was a motivation behind the .QVM desing, along with portability). |
|
| Back to top |
|
 |
Xeon_vl
Joined: 10 Feb 2006
Posts: 33
|
| Posted: Tue Mar 28, 2006 10:02 am Post subject: |
|
|
this is possible but , (i talk from my limited programming experiences!)
A) they have to be executed. ET.exe loads the lib's, but it won't load whatever what lib, only the ET libs.
B) Libraries are libraries. They contain functions classes and their definitions and declarations. You can write for instance a function format_c() but i am sure ET.exe will never execute that function.
Again, afaik. |
|
| Back to top |
|
|
Anonymous2
Joined: 18 Mar 2006
Posts: 3
|
| Posted: Tue Mar 28, 2006 10:10 am Post subject: |
|
|
No, but ET.exe will surely call the normal functions. You just have to replace one of these with the code you want...
A .DLL is just as dangerous as an .EXE :'( |
|
| Back to top |
|
|
gotenks
Joined: 15 Nov 2002
Posts: 4040
Location: out of my mind
|
| Posted: Tue Mar 28, 2006 10:54 am Post subject: |
|
|
of course it's possible, but it hasn't happened yet, and the server would have to be running a mod that would allow this (afaik) so it should show up as a "different" mod
_________________
My Website
After a night of binge drinking:
| =FF=im2good4u wrote: | | WTF wanst i on top ? |
|
|
| Back to top |
|
|
Anonymous2
Joined: 18 Mar 2006
Posts: 3
|
| Posted: Tue Mar 28, 2006 2:38 pm Post subject: |
|
|
Of course somebody needs to run a malicious server for this to happen.
What is not so "of couse" is that this should be allowed: games should *NEVER* autodownload executable code. Servers are not to be trusted, anybody may run a malicious one.
So everytime you connect it's a lottery :'(
OTOH, I doubt the media handling code (images, models, maps, PK3 ZIP itselves) is free of buffer overflows of stuff like that so you'd have more attack vectors over there... It's not like it doesn't crash on invalid/random data/garbage.
Oh well, I guess the safest thing to do is run ET.exe with very limited user account permissions... but I guess PB will get angry... bah  |
|
| Back to top |
|
|
ReyalP
Joined: 25 Jul 2003
Posts: 1663
|
| Posted: Tue Mar 28, 2006 3:32 pm Post subject: Re: Auto-downloading executable code? |
|
|
| Anonymous2 wrote: | I'm sorry if this has been addressed before, I can't find it.
When you connect to a server, it's possible to autodownload .PK3s, which in turn may contain .DLLs. Wouldn't this allow to take complete control of the machine (install virus, etc.)?
|
Short answer is yes. ET extracts and runs the cgame and ui dlls from a .pk3 file in fs_game. (I assume it uses the first .pk3 it finds in the search order with these .dlls, although I haven't actually tested multiple .pk3 files with the .dlls in them. The search order is normally reverse alphabetical.)
| Quote: |
In Quake3, only QVMs (Quake Virtual Machines) were allowed inside PK3s, and those couldn't cause much harm (in fact, this was a motivation behind the .QVM desing, along with portability). |
FWIW, qvms had vulnerabilities too. AFAIK, the main motivation for QVMs was portability rather than security. There certainly have also been bugs where invalid data from the server could cause an overflow on the client.
| Quote: |
Oh well, I guess the safest thing to do is run ET.exe with very limited user account permissions... but I guess PB will get angry... bah
|
You should be able to still run ET on a very limited account under linux. If you are very paranoid, you might be able to run it under something like vmware.
You can also turn auto downloads off, and then manually download any files required by the server. That way you can ensure that you get any mods from their authors official site, rather than the server.
_________________
send lawyers, guns and money |
|
| Back to top |
|
|
=FF=im2good4u
Joined: 05 Feb 2003
Posts: 3924
Location: The Netherlands, HOLLAND
|
| Posted: Wed Mar 29, 2006 4:14 am Post subject: |
|
|
if u got multiple packs the dlls are loaded just like any other things in a .pk3 is laoded
first out of the fs_dir if not fonud i tryis "etmain"
if more thne 1 match in the fs_game tthen it will look at the name of the .pk3 like files whit zzzz will be laoded over aaaa 
but yeh its indeed a risk and i also hears something aout et downloding and running artbinary code or wutever it was lol.
_________________
  |
|
| Back to top |
|
|
kracho
Joined: 17 Aug 2005
Posts: 8
|
| Posted: Sat Jul 01, 2006 5:08 am Post subject: |
|
|
| Anonymous2 wrote: | | So everytime you connect it's a lottery :'( |
You can disable autodownload and get the stuff you need manually.
_________________
Storyline:
You kill stuff - The end. |
|
| Back to top |
|
|
bani
Site Admin
Joined: 21 Jul 2002
Posts: 3685
|
| Posted: Tue Jul 04, 2006 12:17 am Post subject: Re: Auto-downloading executable code? |
|
|
| Anonymous2 wrote: | I'm sorry if this has been addressed before, I can't find it.
When you connect to a server, it's possible to autodownload .PK3s, which in turn may contain .DLLs. Wouldn't this allow to take complete control of the machine (install virus, etc.)?
In Quake3, only QVMs (Quake Virtual Machines) were allowed inside PK3s, and those couldn't cause much harm (in fact, this was a motivation behind the .QVM desing, along with portability). |
quake3 allowed DLLs inside pk3s also. in fact it looks for a dll before it looks for a qvm.
it is possible to break out of QVMs and cause damage though.
if you dont trust a server, dont connect. simple as that. same goes for everything else on the intarweb. |
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
