Crash HLDS with HLShield?

seba · **Joined:** 08 Sep 2007 18:55 **Posts:** 22

Hi all, hi Aluigi :) I want to crash secured server with HLShield (hlshield webpage -> http://hobby.sarichioi.com/index.php?topic=8.0 ). When I want crash, i give error [code] Error: the server has sent an unexpected reply
ost looser, we hate stupid people!
This server is protected by HLShield. [/code] :( How I can crash this server?

aluigi · **Posted:** 08 Sep 2007 20:06

in my opinion there are no ways using the bugs fixed by that patch, which is normal and right (otherwise why the patch exists? ih ih ih)
I'm not aware of other bugs

seba · **Joined:** 08 Sep 2007 18:55 **Posts:** 22

Maybe bug on patch?

aluigi · **Posted:** 08 Sep 2007 20:10

do you mean a bug caused by the patch or not totally fixed?
uhmmm too difficult, then this hlshied seems enough updated

seba · **Joined:** 08 Sep 2007 18:55 **Posts:** 22

Hmm, no more bugs in hlds (without csdos)? I like old nonsteam binaries, no updated steam.

aluigi · **Posted:** 08 Sep 2007 20:18

New bugs are ever possible but at the moment I'm not aware of new vulnerabilities or possible types of attacks.

A thing which I have ever found funny is the possibility of sending messages from outside the game (I think you know about what I refer) moreover because is possible to spoof them but they are just annoying stuff.

seba · **Joined:** 08 Sep 2007 18:55 **Posts:** 22

[quote]is possible to spoof them but they are just annoying stuff.[/quote]
I know... :(
[quote]I have ever found funny is the possibility of sending messages from outside the game[/quote]Can you write more about this?[/quote]

aluigi · **Posted:** 08 Sep 2007 20:43

Very simple, the following is an example packet:

????????lhello friends

where the first 4 bytes are 0xff, followed by the 'l' (0x6c) and then the text you wan to send to the server's console.
this works on version 4.1.1.1 but I don't know if works on older versions too.
old versions worked in console, so if the 0x07 chars are not filtered could work the freezing of the windows dedicated server through the hell bell bug

aluigi · **Posted:** 08 Sep 2007 22:00

I was testing some random commands in my half-life version (just because I'm annoyed) and there is a strange effect which I hope someone can try to replicate:

cmd dlfile pak0.pak

then the server freezes completely with cpu at 100%
Someone with more experience than me in Half-life can test it?

aluigi · **Posted:** 08 Sep 2007 22:05

correction, this problem is already known (found on Google) but it's strange if it still exists

seba · **Joined:** 08 Sep 2007 18:55 **Posts:** 22

Sorry for lame, but where i must type it?

EDIT: On russian page I look up for this... when I write this in console nothing do. :/ I tested on counter strike 1.6 nonsteam

EDIT2: This bug is fixed in 2003 year...

TSuNaMi · **Joined:** 09 Sep 2007 18:38 **Posts:** 15

[quote="seba"]Hi all, hi Aluigi :) I want to crash secured server with HLShield (hlshield webpage -> http://hobby.sarichioi.com/index.php?topic=8.0 ). When I want crash, i give error [code] Error: the server has sent an unexpected reply
ost looser, we hate stupid people!
This server is protected by HLShield. [/code] :( How I can crash this server? [/quote]

why do you want crash hlds server,are you lol ?

seba · **Joined:** 08 Sep 2007 18:55 **Posts:** 22

Why? Because admin crashed my serwer...

khmer · **Joined:** 15 Aug 2007 01:21 **Posts:** 3

http://hobby.sarichioi.com

Notice: Undefined variable: sourcedir in /var/www/sarichioi.com/hobby/index.php on line 49

Warning: require_once(/QueryString.php) [function.require-once]: failed to open stream: No such file or directory in /var/www/sarichioi.com/hobby/index.php on line 49

Fatal error: require_once() [function.require]: Failed opening required '/QueryString.php' (include_path='.:/usr/share/php5:/usr/share/php') in /var/www/sarichioi.com/hobby/index.php on line 49
:wink:

milan0 · **Joined:** 10 Oct 2007 09:27 **Posts:** 3

[quote="aluigi"]I was testing some random commands in my half-life version (just because I'm annoyed) and there is a strange effect which I hope someone can try to replicate:

cmd dlfile pak0.pak

then the server freezes completely with cpu at 100%
Someone with more experience than me in Half-life can test it?[/quote]
what did you say, where do we type this...I would like to try

aluigi · **Posted:** 10 Oct 2007 09:53

in the Half-life console naturally, the one which you can open with the tilde (~) key.

milan0 · **Joined:** 10 Oct 2007 09:27 **Posts:** 3

oh, that...I thought it could be ran in all servers, you must have rcon access to do this :(

milan0 · **Joined:** 10 Oct 2007 09:27 **Posts:** 3

I guess this is solved, I typed it on my server and nothing happened :)

DeViLDuD3 · **Joined:** 15 Oct 2007 12:13 **Posts:** 3

ok dats obvious.. the file is the main file of counterstrike.. so if u del it it offcourse effects the server!

osmanx · **Joined:** 17 Mar 2008 02:16 **Posts:** 2

That cmd dlfile bug still exist on HLDS x.1.1.1/e and let the server freeze with %100 cpu usage, i tried that boffix thing but it was not working and refuses nearly all connections

e.wiZz! · **Joined:** 24 Apr 2008 20:46 **Posts:** 11

khmer wrote:

http://hobby.sarichioi.com

Notice: Undefined variable: sourcedir in /var/www/sarichioi.com/hobby/index.php on line 49

Warning: require_once(/QueryString.php) [function.require-once]: failed to open stream: No such file or directory in /var/www/sarichioi.com/hobby/index.php on line 49

Fatal error: require_once() [function.require]: Failed opening required '/QueryString.php' (include_path='.:/usr/share/php5:/usr/share/php') in /var/www/sarichioi.com/hobby/index.php on line 49
:wink:

what are you tryin'?

aluigi · **Posted:** 21 May 2008 14:25

in attachment there is an example file to use with netcat or in loop with udpsz to test the hell bell bug versus the HL dedicated server running on the windows console (so some old versions):

nc SERVER 27015 -v -v -u < hl07.txt

Luigi Auriemma

Crash HLDS with HLShield?