Forum
Hacker Alert
Created 21st March 2010 @ 01:05
Add A Reply Pages: 1 2 Next »
This nub decided to join our gungame server and run some server hacks to steal rcon and delete mani admins. Please feel free to ask for any info to make sure he is banned from every server in europe.
STEAM_0:0:17319648
[HGG]Matt, [HGG]Matt, [HGG]Matt, [HGG]Matt, [HGG]Matt, [HGG]Matt, [HGG]Matt, Matt, Matt, Matt, Matt, Matt, Echo, Echo
Banned permenantly from Wireplay.
thanks
ned
i have all the server logs of the incident, i could post them but then people may know how to do it themselves.
it is all logged nicely though showing all his steps and looks exactly like a hack tool being sold around the place and even on youtube
Quoted from kaidus
What’s the betting he just tricked you into turning cheats on ^^.
is there a ‘delete admins’ cheat
Well no but the only rcon hack I’ve ever heard of involves spawning an entity (requires sv_cheats 1) that changes rcon password. Never heard of any means to change rcon otherwise, so chances are he was like “Hey turn sv_cheats on for x y z cool thing!!” and the admin didn’t realise what he was gonna do. : D
That an exploit with mani plugin I guess.
well he did gungame and bhop servers:
used a mani client hack to write the clients file
// Client real name
“name” “Client_1”
// Steam ID for client
“steam” “STEAM_0:0:17319648”
// These are personal access flags for a player
“flags”
{
“Admin” “grav pban A B C D E F G H I J K L M N O P Q R S T U V W X Y”
“Admin” “Z a b c d e f g i j k l m o p q r s t v w x y z client admin”
“Admin” “spray”
blocked commands being used and locked cfg files.
pain in the bum though
ps sv_cheats was never turned on!
Last edited by redned,
was lucky an admin was watching the server at the time.
Have set all the cfg files to read only, added blocked commands list and changed where cfg files are executed from and locked that too, locked admin list and luckily all our bans are centrally managed.
Could have been a lot worse considering i found this on youtube:
http://www.youtube.com/user/SnipyCss#p/a/u/0/j4mdJtsRkTw
Why would you even use Mani?
some of these hacks arent mani, they are valve exploits, its just mani seems to help people once they have done the initial hack.
mani is simple to install and use and has the basic functions that other mods crash with or dont have in a form you need.
i will be looking at alternatives but its a pain to redo all the css servers at wireplay cus of some tw@s who have got hold of some scripts in order just to destroy servers.
i would have these people hung up by their balls from lamposts in the street
File upload/download
It’s possible to convince the server to let you upload or download random files from it. Valve has been attempting to fix this, but there still seem to be some workarounds to their fixes.
If you are running your own servers (not rented from a GSP), you can set file permissions on them to fix the upload issue.
Fix https://forums.alliedmods.net/showthread.php?t=109453
If you can not install this plug-in due to being on and older engine or Linux, rename your server.cfg to some random string. Simply append a few random characters to your .cfg files, ie, server_jfwfhf43f.cfg instead of server.cfg
+servercfgfile
One could also specify an rcon password only in the starting parameters and not in the server.cfg file.
+rcon_password
Last edited by Orange,
Add A Reply Pages: 1 2 Next »
content rss