Server HACKER!!! RCON STEALER

Everything technical and nerdy stuff here plz !

Server HACKER!!! RCON STEALER

Postby JackAv » 10.20.09

Hallo Leute.
Seit ein paar tagen werden meine Server regelmäßig gehackt.
Es heist immer in so ner vote:
Code: Select all
map x rconpassword eatmynade

Und dann ist können die alles auf meinen server machen.
Dann geht nichtmal mehr B3.
Angeblich ist das irgendso eiin Bug in der Q3 energie.Gibts da ne alternative methode ohne mapvote zu deaktivieren?
Ich hoff ihr könnt mir helfen. Das dumme ist uc seh im Log nichtmal wer das war.
HAb jetzt meine Server heruntergefahren.
Image
JackAv
posted some :)
 
Posts: 80
Joined: 09.27.09

Re: Server HACKER!!! RCON STEALER

Postby Rylius » 10.20.09

Important Security Update

This is a very important security update. About 2 months ago we released a security fix for the Vote System expoilt that allowed people to steal control of your servers. Up until now the damage has been minimal, however, there are now people activly using this method in Europe and in which case most likely to spread almost everywhere!

It is very important that all server admins use the new server binary. At the moment we only have this file for linux in 32bit. This can be found here. I have had reports from many people within the community about there servers being stolen.

All future released of Urban Terror will have this patch included. If you do not use the above binary, i strongly suggest turning voting off. Thanks!



wtf how does that sloganizer come into my sig? :O
wursti wrote:Anime? wow thats that movies where 100 dicks come out of a monster?
User avatar
Rylius
posted some :)
 
Posts: 312
Joined: 01.24.09
Location: Germany

Re: Server HACKER!!! RCON STEALER

Postby wurst » 10.20.09

plz go to http://www.urbanterror.net/news.php

and read this again:
URT official News wrote:This is a very important security update. About 2 months ago we released a security fix for the Vote System expoilt that allowed people to steal control of your servers. Up until now the damage has been minimal, however, there are now people activly using this method in Europe and in which case most likely to spread almost everywhere!

It is very important that all server admins use the new server binary. At the moment we only have this file for linux in 32bit. This can be found here. I have had reports from many people within the community about there servers being stolen.

All future released of Urban Terror will have this patch included. If you do not use the above binary, i strongly suggest turning voting off. Thanks!


then klick on this link
ftp://ftp.snt.utwente.nl/pub/games/urba ... rTded.i386

btw: we have topic ouselfse somewhere bout that prob.
THing on this site is that we run a custom self-compiled binary.
voting is off..



ps ui rylius, u was faster.
whatever i was faster with the sig lol. its btw the croppalizer since it snipps the sloganizer :D
Image
User avatar
wurst
Godlike
 
Posts: 4648
Joined: 07.15.08
Location: Behind U
-----tdm:  
nick: [dswp]GewitterOma
skill: 1122.83
kills: 25960
deaths: 19847
ratio: 1.30
-----bomb:  
nick: [dswp]GewitterOma
skill: 812.172
kills: 3885
deaths: 3541
ratio: 1.09

Re: Server HACKER!!! RCON STEALER

Postby JackAv » 10.20.09

Ah thx but my server is running windows :cry:
I heard there is a fix fpr windows. Bur i dont know how to find the fix btw wherte i can download this.
Is ist the same problem if i run urt mod under quake 3 ?

PLS help me i am afraid to start my servers :x :?


Now i make a backup of all servers. So i can recover my servers if someone try to crash my server.
Image
JackAv
posted some :)
 
Posts: 80
Joined: 09.27.09

Re: Server HACKER!!! RCON STEALER

Postby SvaRoX » 10.20.09

First disable voting...
You didn't find any Windows binary ??
ut4_he_tennis_v0.1
-------------------------
"We are talking about computers here, compared to those I can read women like a book ;P"
Unclefragger
User avatar
SvaRoX
Leader
 
Posts: 1972
Joined: 11.29.08

Re: Server HACKER!!! RCON STEALER

Postby JackAv » 10.20.09

No i found nothin gi was seaching for urban terror rcon stealer fix and other tags.
Image
JackAv
posted some :)
 
Posts: 80
Joined: 09.27.09

Re: Server HACKER!!! RCON STEALER

Postby AimMe » 10.20.09

They gave source, can't you compile it?
Image
User avatar
AimMe
Godlike
 
Posts: 2318
Joined: 09.28.08
Location: Solar System

Re: Server HACKER!!! RCON STEALER

Postby Unclefragger » 10.20.09

http://forums.urbanterror.net/topic/183 ... ty-update/
I think they did post some binaries as well there
"Always code as if the guy who ends up maintaining your code will be a violent psychopath who knows where you live."
- Martin Golding
User avatar
Unclefragger
Godlike
 
Posts: 2006
Joined: 10.14.08
Location: rooftops
-----tdm:  
nick: [dswp]ucf
skill: 472.479
kills: 532
deaths: 332
ratio: 1.60

Re: Server HACKER!!! RCON STEALER

Postby wurst » 10.20.09

oki i did it, please test my wife force me to go shopping :shock:
hope i didnt screw up any, compiled as usual.
hope i didnt overwrite now the maxclients etc, i hd somehow 2 trunks on my messed up drive...

Code: Select all
florian@FLO /ioq3-source
$ make
make[1]: Entering directory `/ioq3-source'

Building ioquake3 in build/release-mingw32-x86:
  PLATFORM: mingw32
  ARCH: x86
  COMPILE_PLATFORM: mingw32
  COMPILE_ARCH: x86
  CC: gcc

  CFLAGS:
    -MMD
    -Wall
    -fno-strict-aliasing
    -Wimplicit
    -Wstrict-prototypes
    -DUSE_ICON
    -Icode/SDL12/include
    -DUSE_OPENAL=1
    -DUSE_OPENAL_DLOPEN
    -DUSE_CURL
    -DCURL_STATICLIB
    -m32
    -DUSE_LOCAL_HEADERS
    -DNDEBUG
    -O3
    -march=i586
    -fno-omit-frame-pointer
    -ffast-math
    -falign-loops=2
    -funroll-loops
    -falign-jumps=2
    -falign-functions=2
    -fstrength-reduce

  Output:
    build/release-mingw32-x86/ioUrTded.x86.exe

make[2]: Entering directory `/ioq3-source'
DED_CC code/server/sv_bot.c
DED_CC code/server/sv_client.c
DED_CC code/server/sv_ccmds.c
DED_CC code/server/sv_game.c
DED_CC code/server/sv_init.c
DED_CC code/server/sv_main.c
code/server/sv_main.c: In function `SV_Frame':
code/server/sv_main.c:873: warning: implicit declaration of function `SV_CheckClientUserinfoTimer'
DED_CC code/server/sv_net_chan.c
DED_CC code/server/sv_snapshot.c
code/server/sv_snapshot.c: In function `SV_CheckClientUserinfoTimer':
code/server/sv_snapshot.c:719: warning: implicit declaration of function `SV_UpdateUserinfo_f'
DED_CC code/server/sv_world.c
DED_CC code/qcommon/cm_load.c
DED_CC code/qcommon/cm_patch.c
DED_CC code/qcommon/cm_polylib.c
DED_CC code/qcommon/cm_test.c
DED_CC code/qcommon/cm_trace.c
DED_CC code/qcommon/cmd.c
DED_CC code/qcommon/common.c
DED_CC code/qcommon/cvar.c
DED_CC code/qcommon/files.c
DED_CC code/qcommon/md4.c
DED_CC code/qcommon/msg.c
DED_CC code/qcommon/net_chan.c
DED_CC code/qcommon/net_ip.c
DED_CC code/qcommon/huffman.c
DED_CC code/qcommon/q_math.c
DED_CC code/qcommon/q_shared.c
DED_CC code/qcommon/unzip.c
DED_CC code/qcommon/vm.c
DED_CC code/qcommon/vm_interpreted.c
BOT_CC code/botlib/be_aas_bspq3.c
BOT_CC code/botlib/be_aas_cluster.c
BOT_CC code/botlib/be_aas_debug.c
BOT_CC code/botlib/be_aas_entity.c
BOT_CC code/botlib/be_aas_file.c
BOT_CC code/botlib/be_aas_main.c
BOT_CC code/botlib/be_aas_move.c
BOT_CC code/botlib/be_aas_optimize.c
BOT_CC code/botlib/be_aas_reach.c
BOT_CC code/botlib/be_aas_route.c
BOT_CC code/botlib/be_aas_routealt.c
BOT_CC code/botlib/be_aas_sample.c
BOT_CC code/botlib/be_ai_char.c
BOT_CC code/botlib/be_ai_chat.c
BOT_CC code/botlib/be_ai_gen.c
BOT_CC code/botlib/be_ai_goal.c
BOT_CC code/botlib/be_ai_move.c
BOT_CC code/botlib/be_ai_weap.c
BOT_CC code/botlib/be_ai_weight.c
BOT_CC code/botlib/be_ea.c
BOT_CC code/botlib/be_interface.c
BOT_CC code/botlib/l_crc.c
BOT_CC code/botlib/l_libvar.c
BOT_CC code/botlib/l_log.c
BOT_CC code/botlib/l_memory.c
BOT_CC code/botlib/l_precomp.c
BOT_CC code/botlib/l_script.c
BOT_CC code/botlib/l_struct.c
DED_CC code/null/null_client.c
DED_CC code/null/null_input.c
DED_CC code/null/null_snddma.c
DED_CC code/sys/con_log.c
DED_CC code/sys/sys_main.c
AS code/asm/ftola.s
AS code/asm/snapvectora.s
AS code/asm/matha.s
DED_CC code/qcommon/vm_x86.c
WINDRES code/sys/win_resource.rc
DED_CC code/sys/sys_win32.c
code/sys/sys_win32.c:41: warning: 'homePath' defined but not used
DED_CC code/sys/con_win32.c
LD build/release-mingw32-x86/ioUrTded.x86.exe
make[2]: Leaving directory `/ioq3-source'
make[1]: Leaving directory `/ioq3-source'



im back in 2-3h


gg
Attachments
ioUrTded.zip
(376.06 KiB) Downloaded 912 times
Image
User avatar
wurst
Godlike
 
Posts: 4648
Joined: 07.15.08
Location: Behind U
-----tdm:  
nick: [dswp]GewitterOma
skill: 1122.83
kills: 25960
deaths: 19847
ratio: 1.30
-----bomb:  
nick: [dswp]GewitterOma
skill: 812.172
kills: 3885
deaths: 3541
ratio: 1.09

Re: Server HACKER!!! RCON STEALER

Postby Unclefragger » 10.20.09

you do see that you are using gcc in a mingw environment? ^^
I would have to be familiar with the exploit in order to live test it ... maybe someone is ...
"Always code as if the guy who ends up maintaining your code will be a violent psychopath who knows where you live."
- Martin Golding
User avatar
Unclefragger
Godlike
 
Posts: 2006
Joined: 10.14.08
Location: rooftops
-----tdm:  
nick: [dswp]ucf
skill: 472.479
kills: 532
deaths: 332
ratio: 1.60

Next

Who is online

Users browsing this forum: No registered users and 37 guests

Misc