Luigi Auriemma

aluigi.org (ARCHIVE-ONLY FORUM!)
It is currently 19 Jul 2012 12:18

All times are UTC [ DST ]





Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 17 posts ] 
Author Message
 Post subject: Hlsheld
PostPosted: 31 Oct 2007 20:55 

Joined: 26 Oct 2007 17:38
Posts: 25
When the hlfill will brake hlsheld... Is there option 4 do it ?


Top
 Profile  
 
 
 Post subject:
PostPosted: 31 Oct 2007 21:45 
no since the bug has been patched by hlshield


Top
  
 
 Post subject:
PostPosted: 15 Nov 2007 21:24 

Joined: 15 Nov 2007 20:39
Posts: 1
is there any exploit or tool who are not catched by HLShield ?

What do you think about this:
http://securityvulns.com/Adocument827.html

I try to complete with cygwin but didn't succeed.


Top
 Profile  
 
 Post subject:
PostPosted: 16 Nov 2007 10:40 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
that's for an old version of Half-Life, antecedent my hlbof-server bug so no longer existent.
Anyway, in case you want to try by yourself, the attached is the compiled executable of that code (which required some modifications for native compiling).


Attachments:
hl-rcon.zip [15.61 KiB]
Downloaded 284 times
Top
 Profile  
 
 Post subject:
PostPosted: 22 Nov 2007 16:19 

Joined: 26 Oct 2007 17:38
Posts: 25
What does it mean

Code:
.  half-life 3.1.0.x remote buffer-overflow for linux x86
.  (c)2000, Tamandua Sekure Laboratories
.  Authors: Thiago Zaninotti & Gustavo Scotti
.  connecting to the server... done
         server_name
            map_name  [cs_assault]
           game_name  [Counter-Strike]
        users_online  [11 of 14]
           remote_OS  [linux]
.  localinfo
.  TCP listen port number 25000
.  sending poison code. 1003 bytes sent
*  waiting for connect_back shellcode responde... failed!


?? Is it works with servers protected password?


Top
 Profile  
 
 Post subject:
PostPosted: 22 Nov 2007 16:31 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
it's a bug in the rcon service and as written in the source code of the exploit, no password is required and any server is vulnerable (naturally referring to the versions which have this bug)


Top
 Profile  
 
 Post subject:
PostPosted: 23 Nov 2007 17:40 

Joined: 26 Oct 2007 17:38
Posts: 25
What program is finding hl bugs ? How Can find hl sheld bugs?


Top
 Profile  
 
 Post subject:
PostPosted: 23 Nov 2007 18:11 

Joined: 26 Oct 2007 17:38
Posts: 25
I have a question nowadays a few servers are secure by VAC, but they are still nonsteam your crasher is not working with it...


Top
 Profile  
 
 Post subject:
PostPosted: 23 Nov 2007 18:15 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
I have never used VAC so I don't know if is this anti-cheat to block the crash or these servers use my patches


Top
 Profile  
 
 Post subject:
PostPosted: 23 Nov 2007 18:51 

Joined: 26 Oct 2007 17:38
Posts: 25
And how to find server bug (with hlsheld)


Top
 Profile  
 
 Post subject:
PostPosted: 23 Nov 2007 22:17 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
Finding bugs is not a thing which can be explained with two words.
You need knowledge and luck


Top
 Profile  
 
 Post subject:
PostPosted: 24 Nov 2007 10:05 

Joined: 26 Oct 2007 17:38
Posts: 25
Are you searching for the bugs now ??


Top
 Profile  
 
 Post subject:
PostPosted: 24 Nov 2007 12:29 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
No, Half-Life is no longer subject of my research from years


Top
 Profile  
 
 Post subject:
PostPosted: 24 Nov 2007 18:39 

Joined: 26 Oct 2007 17:38
Posts: 25
Why, couse the most of players,plays Counter strike (who is on hl engine)


Top
 Profile  
 
 Post subject:
PostPosted: 24 Nov 2007 19:59 

Joined: 05 Oct 2007 01:20
Posts: 402
Location: Florida
no, i'm assuming VAC and their continuous updates, fixes and patches for them.


Top
 Profile  
 
 Post subject:
PostPosted: 25 Nov 2007 08:37 

Joined: 26 Oct 2007 17:38
Posts: 25
I know, but you only can do that, if somebody has got crasher it is made by you... Who is making crashers nowadays ?


Top
 Profile  
 
 Post subject:
PostPosted: 25 Nov 2007 15:01 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
I bet that other people find bugs in game
the only differences between me and them is that for me is a research and not a "crasher", I contact the developers and I release my research publicly with the description of the problem.
So the fact that don't exist new public bugs for a game doesn't mean that they don't exist or nobody has already found them.


Top
 Profile  
 
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 17 posts ] 

All times are UTC [ DST ]


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for: