UPDATE YOUR SERVERS! file exploit is being actively abused
Moderators: Forum moderators, developers
UPDATE YOUR SERVERS! file exploit is being actively abused
We have had several reports that people are actively exploiting the download vulnerability that exists in et prior to 2.60b and ETTV prior to beta-10. This exploit allows anyone who can connect to your server to download your server.cfg files (and thus obtain your passwords) and depending on your server configuration, may allow them to download other sensitive files outside of the et directory.
Anyone running a server with downloads enabled should update to 2.60b or the latest ettv.
you DO NOT have to update to the new etpro, or require the clients to update. Just update the server.
The bug: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-2082
ET 2.60b binaries (all platforms): ftp://ftp.idsoftware.com/idstuff/et/ET-2.60b.zip
Anyone running a server with downloads enabled should update to 2.60b or the latest ettv.
you DO NOT have to update to the new etpro, or require the clients to update. Just update the server.
The bug: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-2082
ET 2.60b binaries (all platforms): ftp://ftp.idsoftware.com/idstuff/et/ET-2.60b.zip
Last edited by ReyalP on Tue Aug 01, 2006 4:30 pm, edited 1 time in total.
send lawyers, guns and money
I took the liberty of copying your post on the following sites:
- ETPub
- Jaymod
- Xfire.be
- Gamestv.org
I suggest other big news sites should be poked with the same information.
- ETPub
- Jaymod
- Xfire.be
- Gamestv.org
I suggest other big news sites should be poked with the same information.
Our servers now run on 64 bit steroids. Point your ET to:
- Forgotten Ground StopWatch Server with occasional wolfrof 1
- Fraggle Rock ETPub Server - Mix up ET/UT & Duke Nukem
- Forgotten Ground StopWatch Server with occasional wolfrof 1
- Fraggle Rock ETPub Server - Mix up ET/UT & Duke Nukem
Lo all
Upgraded to 2.60b running etpro 3.2.5 due to netcoder/nixcoder tards grabbing the rcon passwords and generally being annoying gimps. All worked fine for a couple of weeks, but now the problems have occurred again.
The server was reset, and the rcon pw was changed. There was no record of it anywhere other than on a piece of paper on a desk, it was in no server config files, or in any password caches.
2 minutes later they had changed the rcon pw again. Any ideas about this? Do we have a new exploit that forces a change in the rcon pw?
Thanks,
Toxic.
Upgraded to 2.60b running etpro 3.2.5 due to netcoder/nixcoder tards grabbing the rcon passwords and generally being annoying gimps. All worked fine for a couple of weeks, but now the problems have occurred again.
The server was reset, and the rcon pw was changed. There was no record of it anywhere other than on a piece of paper on a desk, it was in no server config files, or in any password caches.
2 minutes later they had changed the rcon pw again. Any ideas about this? Do we have a new exploit that forces a change in the rcon pw?
Thanks,
Toxic.
proabably installed a backdoor on your server. wipe and reinstall from scratch, change passwords, etc.
i'd just file criminal charges with the police. done it before, it works. amazingly enough ISPs do respond to subpoenas. skript kiddies mighty suprised when police officers show up on their doorstep.
i'd just file criminal charges with the police. done it before, it works. amazingly enough ISPs do respond to subpoenas. skript kiddies mighty suprised when police officers show up on their doorstep.
what charges did you file bani? Like what was the name of the crime? I guess crashing or attacking any server even a game server is illegal right now.
I would think, with WOW being a billion dollar business, that soon rather than later, they will make hacking games and such also illegal somehow. Probably would have to go after the coders who sell the hacks, I cant see much political/business support for criminal charges against the users.....
But if someone is selling 100 hacks, that mess with a game thats is sold, then that should be illegal. Heck it may even be illegal now? As one cannot make like an ET mod, even though its given away, and sell it right? So if Bani, selling his Banimod, would that be a criminal or just a civil offence?
I would think, with WOW being a billion dollar business, that soon rather than later, they will make hacking games and such also illegal somehow. Probably would have to go after the coders who sell the hacks, I cant see much political/business support for criminal charges against the users.....
But if someone is selling 100 hacks, that mess with a game thats is sold, then that should be illegal. Heck it may even be illegal now? As one cannot make like an ET mod, even though its given away, and sell it right? So if Bani, selling his Banimod, would that be a criminal or just a civil offence?
A while back a script kiddie from the colorado school of mines was attacking a server of mine. I tracked him down, reported him to the police. The police subpoena'd the school, the school provided evidence confirming the attacks. Apparently he had a prior history of script kiddiness and was lready on probation by the school. The police showed up on his doorstep and he confessed on the spot. They confiscated his computers, he was caught with stolen credit cards and was expelled from school. I'm guessing he's probably still in prison.
Did a similar thing with a kiddie at some australian university. Never heard back from the school but the attacks did stop permanently. Which proves that just being in another country is no guarantee you wont get busted.
Did a similar thing with a kiddie at some australian university. Never heard back from the school but the attacks did stop permanently. Which proves that just being in another country is no guarantee you wont get busted.
Last edited by Fusen on Thu Mar 17, 2011 1:16 pm, edited 1 time in total.
OMG this guy had the same IP, look what happened to him!Deus wrote:I know that is was 127.0.0.1
There is no way to escape evar!
Our servers now run on 64 bit steroids. Point your ET to:
- Forgotten Ground StopWatch Server with occasional wolfrof 1
- Fraggle Rock ETPub Server - Mix up ET/UT & Duke Nukem
- Forgotten Ground StopWatch Server with occasional wolfrof 1
- Fraggle Rock ETPub Server - Mix up ET/UT & Duke Nukem