Luigi Auriemma

aluigi.org (ARCHIVE-ONLY FORUM!)
It is currently 19 Jul 2012 11:26

All times are UTC [ DST ]





Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 9 posts ] 
Author Message
 Post subject: Call of Duty 4 - Patch 1.7, Exploits
PostPosted: 26 Jul 2008 02:45 

Joined: 27 Jun 2008 07:41
Posts: 27
I was successful in adding your patch to our server, which has decreased the amounts of server crashes per day. However late last night around 2am, it was crashed from 20 down to 0.

Are there any other known server crash exploits in 1.7 besides the previous notice that was released?

Thank you,
TicTac


Top
 Profile  
 
 
 Post subject:
PostPosted: 26 Jul 2008 15:27 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
there is the map vote bug but it can be exploited only if the vote passes which means that the server is empty or almost all the people there have voted yes


Top
 Profile  
 
 Post subject:
PostPosted: 26 Jul 2008 21:19 

Joined: 27 Jun 2008 07:41
Posts: 27
Oh ok gotcha... hmm because this guy constantly is crashing our server to zero.. I wish I knew how he was doing it.


Top
 Profile  
 
 Post subject:
PostPosted: 26 Jul 2008 22:03 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
don't you have other details about this problem?
For example when the server crashes you should see the classical Windows dialog box with the informations of the registers, knowing their values could be useful.
And useful is also any other detail (a comment made by this person, a strange log, anything else).


Top
 Profile  
 
 Post subject:
PostPosted: 28 Jul 2008 02:08 

Joined: 27 Jun 2008 07:41
Posts: 27
Ya I know what you mean, but its normally crashed at odd hours.. meaning around 2-4am.. when I am asleep.. because I work 9-6 everyday.

I'll ask the other admins to see what is going on, most of the time they report however that the screen just goes black and says connection interrupted, and everybody gets kicked out.


Top
 Profile  
 
 Post subject:
PostPosted: 10 Aug 2008 01:02 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
cod4 is still vulnerable to the q3 dirtrav bug.
is required to set cl_wwwDownload to 0 as first thing and then test q3dirtrav as usual.
the only problem is that the file is deleted by the client just after having downloaded it (run filemon to verify it) and at the moment I still don't have ideas about how bypassing this limitation.
In fact the output filename is relative to the CoD4 installation folder so is not possible to use named pipes for dumping the written data


Top
 Profile  
 
 Post subject:
PostPosted: 10 Aug 2008 01:30 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
I have solved the problem, a quick simple fopen() program has avoided the deleting of the file so CoD4 is vulnerable.

EDIT: in attachment there is the small tool for avoiding the deleting of the file.
If (for example) in q3dirtrav has been chosed the name tmp.txt as output file it's enough to verify that in the CoD4 folder the tmp.txt file does NOT exist, then set cl_wwwdownload to 0, launch forfopen specifying the tmp.txt file (or the full path if forfopen.exe is not in the CoD4 folder) and test q3dirtrav as usual.
forfopen will show a new message when the file has been created by CoD4 and will avoid its deleting because it's currently in use.

I'm curious to know why IW has not fixed this known old bug... mah


Attachments:
forfopen.zip [2.6 KiB]
Downloaded 2975 times
Top
 Profile  
 
 Post subject: Re:
PostPosted: 20 Aug 2010 10:53 

Joined: 20 Aug 2010 09:27
Posts: 4
Hi, i am new, hmm, this forpopen how to work, the normal q3servercfgdownloader, when i download one server.cfg, i dont see in the cod4 folder. why, pls help?


Top
 Profile  
 
 Post subject: Re: Call of Duty 4 - Patch 1.7, Exploits
PostPosted: 08 Sep 2010 09:11 

Joined: 24 Jun 2010 10:04
Posts: 70
Location: aluigi not @ home
post9745.html#p9745


Top
 Profile  
 
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 9 posts ] 

All times are UTC [ DST ]


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for: