Admins Running Commands On Your Client
ICU
Join Date: 2005-01-12 Member: 35126Members
Join Date: 2005-01-12 Member: 35126Members
I was playing on a server a few days back and an admin thought i hacked...well i did not care if I was banned or not because i get banned a lot from newb servers, BUT this time was differnt, not only did the admin ban me but he ruined NS and its settings so bad that i had to reinstall all my NS files, is there any way to prevent admins from attacking your computer files? I also found files that did not belong to NS in my NS folder as well, probaly downloaded to my computer by the admin that banned me. There must be a way to prevent such attacks! please help me!
Comments
if the server [server bashing is prohibitied] is reputable, and you weren't hacking and have proof of the admin effing with your ns to the point of reinstall hopefully the server owned will offer you an apology, other than that the is litte to nothing you can do <!--emo&:)--><img src='http://www.unknownworlds.com/forums/html/emoticons/smile-fix.gif' border='0' style='vertical-align:middle' alt='smile-fix.gif' /><!--endemo-->
edit: to tell which servers do it? Right after connecting to the server pull up your console and look for something like "This server can run commands on your client"
MrRadicalEd beat me to it
If a server runs adminmod, AMX or anything an high level admin can run commands on your client.
Easy solution, read only config.cfg.
Some @$@%@$ admin did that to me too because I was "hacking." It changed the rates to 10 in my userconfig.cfg, and that somehow transferred over to other HL mods and I lagged terribly.
I feel that I would be justified in hacking their server and destroying it. They attempted the same thing on me.
The userconfig.cfg would hold optional aliases and bindings. If all you do is play "stock" NS then just backup your config.cfg in the ns directory.
What it does is set your fps_max to 1, fps_modem to 1, etc... it screws you up bad..
Delete config.cfg and start NS, a new one will be created..
Before you do that, copy your config and post it here, so I can see what all it changed, I'm pretty curious, cause it's happened to me before... But I had copies of my configs.
Open config.cfg and paste it here please... as well as right click on your new one, go to properties, and make it read only.
Also your userconfig.cfg and autoexec.cfg is ruined.. delete them. Make sure to get anything important out of them.
It's something you have to make on your own - you don't have one my default.
Why?
because you don't really need a userconfig.cfg
Like I said.. it holds totally OPTIONAL info like aliases and scripts you write or special binds..
It could - you would just need to write-protect it like your config file. To make one, either copy your config file and rename the copy* or make a text file and rename it userconfig.cfg.
*Make sure that if you copy the config file you must <u>not</u> have the line 'exec userconfig.cfg' in the copy. Otherwise your system will lock up, because it will be endlessly be calling on the userconfig file.
...but cant a smart admin activate devmode?
Some @$@%@$ admin did that to me too because I was "hacking." It changed the rates to 10 in my userconfig.cfg, and that somehow transferred over to other HL mods and I lagged terribly.
I feel that I would be justified in hacking their server and destroying it. They attempted the same thing on me. <!--QuoteEnd--> </td></tr></table><div class='postcolor'> <!--QuoteEEnd-->
Except it's not hacking, it's opening a socket to their server which allows two way communication.
Not only is what you are suggesting illegal now, it's also probably not 'hacking', as 99.99% of 'hackers' can't code their way out of a paper bag.
And if you're running developer 1, you deserve everything that happens to you anyway. For the umpteen billionth time, it doesn't help.
- Shockwave
If so this is a big f..king hole in 1/2life security. Any1 could set up a hacked server
and trojan your system!!!
1. Admins can manipulate the UI and enviroment of half-life. This can be a good or bad thing. IE, modified execalls are what allow admins to post messages in green "HL-text" on your HUD, or send specalized messages. This also, allows on a similar tangent to allow them to apply the "glow" effect to players, or spawn monsters, etc.
2. However, this also allows to admins to mess with your settings. This can range from harmless and annoying (binding all your keys to say "I AM A N00B!") to altering your video and sound settings so severly that HL refuses to run. It is completly possible for a corupt admin to abuse execall to make your HL completly unplayable without you directly editing the config file to fix your settings.
So what do you do?
1. Do not play on servers with corrupt admins. This seems like common sense. Note that a corrupt admin is not an admin that does his job, but an admin who abuses his power, does not follow administrative rules, or uses overly-dangerous commands like execall to manipulate other people's settings as punishment.
2. Keep a backup of your keybind and config. If an admin ever messes up your controls or game in some manner, simply restore from your backup. Otherwise, you may need to borrow a file from someone else or even be forced to reinstall somthing. Also, as previously stated, running dev 0 and making your configs read-only is a good idea too.
And for those wondering, the ONLY files an admin can send and run on your system are files that are directly used in half-life. These include sounds, textures, and maps, but nothing else.
and no, im not telling anyone what the commands are. if your a serverop, you definitely dont need to know them.