Server hacker

by pimpus 5 Sep 2009, 11:11 ForumsCheaters
etpro IAC: 1 GUID [2A6976F9001765B1284CA5FC69615BFC6C723314] [Jairpie]
01:39.48 ClientUserinfoChanged: 1 n\Jairpie\t\3\c\0\r\0\m\0000000\s\0000000\dn\\dr\0\w\0\lw\0\sw\0\mu\0\ref\0\p\0\ss\0\sc\0\tv\0\lc\1
01:39.48 ClientUserinfoChanged: 1 n\Jairpie\t\2\c\0\r\0\m\0000000\s\0000000\dn\\dr\0\w\0\lw\8\sw\7\mu\0\ref\0\p\0\ss\0\sc\0\tv\0\lc\1
01:39.48 ClientUserinfoChanged: 1 n\Jairpie\t\2\c\1\r\0\m\0000000\s\0000000\dn\\dr\0\w\8\lw\8\sw\7\mu\0\ref\0\p\0\ss\0\sc\0\tv\0\lc\1
01:39.48 ClientBegin: 1
01:39.50 Vote Passed: Change map to test
rconpassword gerpii
01:39.54 WeaponStats: 0 0 0 0 0 0 0 0 0
01:39.54 ClientDisconnect: 0
01:39.54 Vote Passed: Swap Teams

GUID [2A6976F9001765B1284CA5FC69615BFC6C723314] [Jairpie]
N1 tard changed rconpass with hack and ref passes
Comments
18
qzycihio 5 Sep 2009, 12:13
How could you change an rconpass with a hack? Anything related to rcon (admin) is serverside. Probably that old q3 bug again?
caracal 5 Sep 2009, 12:16
u could call it a hack, u need to change ur ET.exe for it
Parent
dualinity 5 Sep 2009, 13:00
its a coded .exe by adawolfa, exploiting a q3 engine bug indeed.
if the vote passes the rcon is changed to the desired password.

this is detected by pb, and as far as i know, the new combinedfixes.lua fixed this
Parent
Sux0r 5 Sep 2009, 14:10
bypassed again.
Parent
suL1v 5 Sep 2009, 13:17
most people use vote bug, but on YCN servers people can steal files from server ftp
Parent
pimpus 5 Sep 2009, 12:16
don't now really
i can see in log he disconnects after a war
he connects again
and votes map test with rconpass after it
01:39.50 Vote Passed: Change map to test
rconpassword gerpii
Uteoz 5 Sep 2009, 12:16
I played against some kids from USA who did the same, except they didn't change the password. They first hacked the ref pw and kicked us and then they banned me from my own server with rcons..
pimpus 5 Sep 2009, 12:18
such peopel should het banned on crossfire / clanbase as well
DeVito 5 Sep 2009, 12:26
on crossfire yes but clanbase or ESL will be hard.
h3ll 5 Sep 2009, 12:40
Theres a qmm fix by John from YCN which fixes this afaik.

And nice only getting his ETPRO guid, do you know these mean shit these days? :p
suL1v 5 Sep 2009, 13:18
that fix doesnt stop people from stealing files from server ftp, if rcon passwords are in server.cfg some people can still see it (YCN servers)
Parent
h3ll 5 Sep 2009, 13:21
Eh, lol, that was fixed in 2.60b ?? :P
And still, this was done with the callvote bug, the qmm plugin fixes that.
Parent
suL1v 5 Sep 2009, 13:26
nope, works on every version

e: it has nothing to do with those vote bug, on ycn there seems to be a bug that some guys can easily steal every file from server ftp with some self wrote thingy. i think the guy who can do it belongs to the hupo/pale bunch
Parent
caracal 5 Sep 2009, 15:19
also a q3 bug, if cl_allowdownload is enabled, clients can download the server.cfg from the ftp, tho renaming ur server.cfg will fix a lot, since u need to guess for the .cfg name
Parent
caracal 5 Sep 2009, 15:20
and pale didnt invent this, but some dude called aluigi, with his q3 bug/exploit forum
stjaernan 5 Sep 2009, 18:56
All you need is ref access to be able to use this exploit..
make yourself ref, and use the callvote bug to change the rconpassword.
The code for it can be found on various sites, even the developers have been given the code to make it harmless, but they keep ignoring.
Back to top