Sv_allowdownload Abuser

MayhemMayhem Join Date: 2002-11-28 Member: 10128Members
<div class="IPBDescription">Names and Wonid List</div> Hey all,

Last night a guy named "jefe" decided to use the download bug to screw around in Sleepless NS. I've already banned his wonid and his IP to prevent him from causing further damage. He set godmode for himself, rebound the players configurations, and changed peoples names. I'd like to apologize to our players and warn the rest of the community to set sv_allowdownload to zero.

I'd go ahead and ban his info from your servers.

Name: Jefe
IP: 80.24.57.152
WONID: 3725356

Set sv_allowdownload 0

Comments

  • JuniorlJuniorl Join Date: 2003-11-12 Member: 22678Members
    I test this bug in a personal server
    it's crazy
    ALL ARCHIVE IN THE NS FOLDER IS DOWNLOADABLE
    Hunfz
    All servers Brazilians already notifiked by me ...
    =/
  • devicenulldevicenull Join Date: 2003-04-30 Member: 15967Members, NS2 Playtester, Squad Five Blue
    Try this to prevent the rcon password from being stolen.. make a file with a random name.. not something predictable.. so you get like 23y4r9f234.cfg, put your then add +exec 23y4r9f234.cfg on your server cmd line <!--emo&:)--><img src='http://www.unknownworlds.com/forums/html/emoticons/smile.gif' border='0' style='vertical-align:middle' alt='smile.gif'><!--endemo-->
    They wont be able to guess the password unless they try every combination of letters and numbers (with 8+ digits, thats a long time.. you could even go up to as many digits as you want)
  • Lightning_BlueLightning_Blue Sunny Domination Join Date: 2002-12-11 Member: 10647Members, Constellation, Reinforced - Silver
    Old news, from last month.


    <a href='http://www.unknownworlds.com/forums/index.php?act=ST&f=8&t=54104' target='_blank'>http://www.unknownworlds.com/forums/in...=ST&f=8&t=54104</a>
  • Amped1Amped1 Join Date: 2003-02-08 Member: 13287Members
    Wow so they banned this guy in this server a month ago? Um time travel? Read more carefully please.
  • eagleceaglec Join Date: 2002-11-25 Member: 9948Members, Constellation
    edited December 2003
    <!--QuoteBegin--devicenull+Dec 2 2003, 12:56 AM--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> (devicenull @ Dec 2 2003, 12:56 AM)</td></tr><tr><td id='QUOTE'><!--QuoteEBegin--> Try this to prevent the rcon password from being stolen.. make a file with a random name.. not something predictable.. so you get like 23y4r9f234.cfg, put your  then add +exec 23y4r9f234.cfg on your server cmd line <!--emo&:)--><img src='http://www.unknownworlds.com/forums/html/emoticons/smile.gif' border='0' style='vertical-align:middle' alt='smile.gif'><!--endemo-->
    They wont be able to guess the password unless they try every combination of letters and numbers (with 8+ digits, thats a long time.. you could even go up to as many digits as you want) <!--QuoteEnd--></td></tr></table><span class='postcolor'><!--QuoteEEnd-->
    bad advice, they'll just dl your log files (predictable naming conventions) and find the rcon in there. The only solution is to turn off downloads for now.

    //edit// if that doesn't concern you just use +rcon ***** in the command line instead of using another cfg <!--emo&;)--><img src='http://www.unknownworlds.com/forums/html/emoticons/wink.gif' border='0' style='vertical-align:middle' alt='wink.gif'><!--endemo-->
  • Ah_forget_itAh_forget_it Join Date: 2002-12-22 Member: 11331Members, NS1 Playtester, Constellation
    Aye Set downloads to 0


    We had the same recently

    Fluff spotted our NS server being renamed to "****ing twats ooski noob server" , this was quickly changed back after a couple of minutes.

    L 11/20/2003 - 22:40:53: Rcon: "rcon "***" echo HLSW:
    Test" from "81.152.202.112:7130"
    L 11/20/2003 - 22:41:12: Rcon: "rcon "****" hotname"
    from
    "81.152.202.112:7130"
    L 11/20/2003 - 22:41:16: Rcon: "rcon "****" hostname"
    from "81.152.202.112:7130"
    L 11/20/2003 - 22:41:21: [ADMIN] [SCRIPT] Admin command: admin_csay
    Welcome to the Clan TW@ Server
    L 11/20/2003 - 22:41:21: [ADMIN] (centersay) Welcome to the Clan TW@
    Server
    L 11/20/2003 - 22:41:21: [ADMIN] Command: Admin used command
    admin_csay
    Welcome to the Clan TW@ Server
    L 11/20/2003 - 22:41:27: Rcon: "rcon "****" hostname
    "We
    are freaking Twats.NS"" from "81.152.202.112:7130"
    L 11/20/2003 - 22:41:52: Rcon: "rcon "****" hostname
    "We
    are ****ing Twats.NS - OOSKI.NOOB"" from "81.152.202.112:7130"

    We then look about 2 minutes earlier to this and who did we have join the server

    "Danster<172><634010><>" connected, address "81.152.202.112:27005

    Same IP as the HLSW line.

    WonID 634010.
    Has connected:
    7/8/03, 3:04-4:01
    2/11/03, 17:02-17:06
    2/20/03, 22:38-22:39

    What was even more worrying was that this was a UKNSL admin. Thankfully they booted him immediately......
  • That_Annoying_KidThat_Annoying_Kid Sire of Titles Join Date: 2003-03-01 Member: 14175Members, Constellation
    <!--QuoteBegin--Mayhem+Dec 1 2003, 12:33 PM--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> (Mayhem @ Dec 1 2003, 12:33 PM)</td></tr><tr><td id='QUOTE'><!--QuoteEBegin--> Name: Jefe
    IP: 80.24.57.152
    WONID: 3725356 <!--QuoteEnd--> </td></tr></table><span class='postcolor'> <!--QuoteEEnd-->
    whoah,

    is this the same <a href='http://www.unknownworlds.com/forums/index.php?act=Profile&MID=15734' target='_blank'>Jefe</a> That I know?

    He is a member of my clan and he had better have a good explanation if it's the same

    <!--emo&:(--><img src='http://www.unknownworlds.com/forums/html/emoticons/sad.gif' border='0' style='vertical-align:middle' alt='sad.gif'><!--endemo-->
  • eagleceaglec Join Date: 2002-11-25 Member: 9948Members, Constellation
    Dont flame the Jefes' who knows how many there may be - check your server logs for the wonid if you think he might have visited you. Also remember that Mayhem is asking you to take him at his word. I'm not saying that you cant trust him but it'sa fact that no <b>evidence</b> has been given.

    I try to admin by the same system that western law is suppsoed to work by. Innocent until <b>proven</b> guilty beyond a resonable doubt. However I have marked this WonID in my HLSW database as one to keep my eyes open for.
  • JefeJefe Join Date: 2003-04-21 Member: 15734Members, Constellation
    Ah! I've been framed! Just so you know, it's not me, I generally have like...feelings and morals and such.

    'sides, it's not my WONid.
  • loofboteloofbote Join Date: 2002-07-15 Member: 948Members
    edited December 2003
    il hefe never llamas!
    *edit* aka the one who just posted
  • That_Annoying_KidThat_Annoying_Kid Sire of Titles Join Date: 2003-03-01 Member: 14175Members, Constellation
    <!--QuoteBegin--StUpId_Fo0L+Dec 2 2003, 01:47 PM--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> (StUpId_Fo0L @ Dec 2 2003, 01:47 PM)</td></tr><tr><td id='QUOTE'><!--QuoteEBegin--> il hefe never llamas!
    *edit* aka the one who just posted <!--QuoteEnd--> </td></tr></table><span class='postcolor'> <!--QuoteEEnd-->
    yeah, hence why I was confused

    <!--emo&:)--><img src='http://www.unknownworlds.com/forums/html/emoticons/smile.gif' border='0' style='vertical-align:middle' alt='smile.gif'><!--endemo-->
  • Lightning_BlueLightning_Blue Sunny Domination Join Date: 2002-12-11 Member: 10647Members, Constellation, Reinforced - Silver
    Yeah, well, for my sven server, I still needed downloads, so I disabled logging and put the rcon password in the startup line and a fake one in the server.cfg.

    /me watches the IP banned list <!--emo&:p--><img src='http://www.unknownworlds.com/forums/html/emoticons/tounge.gif' border='0' style='vertical-align:middle' alt='tounge.gif'><!--endemo-->


    Just so you know, it is possible to change the logs folder as well as the server.cfg and the autoexec.cfg, then you can run more then one server from one folder... <!--emo&::nerdy::--><img src='http://www.unknownworlds.com/forums/html/emoticons/nerd.gif' border='0' style='vertical-align:middle' alt='nerd.gif'><!--endemo-->
  • QwertyQwerty Join Date: 2003-06-30 Member: 17817Members
    why dont you tell us how ^_^
  • JefeJefe Join Date: 2003-04-21 Member: 15734Members, Constellation
    Because that would make more people who know how to exploit it.

    And that's bad.

    Doh, this reputation is following me in-game. Framing is bad!
  • QwertyQwerty Join Date: 2003-06-30 Member: 17817Members
    <!--QuoteBegin--Lightning Blue+Dec 2 2003, 02:46 PM--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> (Lightning Blue @ Dec 2 2003, 02:46 PM)</td></tr><tr><td id='QUOTE'><!--QuoteEBegin--> Yeah, well, for my sven server, I still needed downloads, so I disabled logging and put the rcon password in the startup line and a fake one in the server.cfg.

    /me watches the IP banned list <!--emo&:p--><img src='http://www.unknownworlds.com/forums/html/emoticons/tounge.gif' border='0' style='vertical-align:middle' alt='tounge.gif'><!--endemo-->


    Just so you know, it is possible to change the logs folder as well as the server.cfg and the autoexec.cfg, then you can run more then one server from one folder... <!--emo&::nerdy::--><img src='http://www.unknownworlds.com/forums/html/emoticons/nerd.gif' border='0' style='vertical-align:middle' alt='nerd.gif'><!--endemo--> <!--QuoteEnd--> </td></tr></table><span class='postcolor'> <!--QuoteEEnd-->
    i ment how to use something besides server.cfg and change log dir -_- i already know how to do the other thing
  • Lightning_BlueLightning_Blue Sunny Domination Join Date: 2002-12-11 Member: 10647Members, Constellation, Reinforced - Silver
    edited December 2003
    <a href='http://quake2.telestream.com/multihlds.htm' target='_blank'>http://quake2.telestream.com/multihlds.htm</a>


    There you go! <!--emo&::nerdy::--><img src='http://www.unknownworlds.com/forums/html/emoticons/nerd.gif' border='0' style='vertical-align:middle' alt='nerd.gif'><!--endemo-->


    <!--QuoteBegin--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> </td></tr><tr><td id='QUOTE'><!--QuoteEBegin-->There is no method that I am aware of for using a different file in leu of the autoexec.cfg file. This file gets run at server startup automatically for all your servers. So only put things in here that are the same on all the servers you run such as log on, rcon_password, etc.<!--QuoteEnd--></td></tr></table><span class='postcolor'><!--QuoteEEnd-->

    So yah, don't do that <!--emo&:p--><img src='http://www.unknownworlds.com/forums/html/emoticons/tounge.gif' border='0' style='vertical-align:middle' alt='tounge.gif'><!--endemo-->
  • Abaddono1Abaddono1 Join Date: 2003-07-13 Member: 18133Members
    edited December 2003
    ya its a gaping hole, well i tried it on my server

    207.13.199.240:27015

    Scotts House of Alien Rampage(v2.01) | Home of |-YcSp-|


    any way i accidentaly joined the wrong server and grabbed there's, hopefuly i did not get banned but i dont play any wehre other than my home server.

    any way make sure you patch it. and rember that rcon logs everyhing so you can watch what they do, when they log on etc. just rotate the pass every week or so.
  • Mythr1lMythr1l Join Date: 2003-01-26 Member: 12772Members
    lol the internet would be such a boring place without all this **** flying around <!--emo&:)--><img src='http://www.unknownworlds.com/forums/html/emoticons/smile.gif' border='0' style='vertical-align:middle' alt='smile.gif'><!--endemo-->

    GOGOGOGOGOGO #b0rk!
Sign In or Register to comment.