UT2004 Demo server fixed!

vallestechs · **Joined:** 15 Sep 2008 14:47 **Posts:** 6

Hi Mr Luigi

I want to thank you for your hard work and to let you know that I patched my UT2004
server and its "VoiceIndex<VOICE_MAX_CHATTERS" / NULL pointer" exploit, Working so far no problems in getting crashed again so far...

thanks you so much for your help..

Server specs:
AMD processor
Windows server 2008
1.5 gigs of memory
1 terabyte of hardisk space

aluigi · **Posted:** 15 Sep 2008 16:53

thanx for the feedback.
The only bad thing is that on Linux that work-around doesn't work, probably a different management of the memory or the garbage collector.
Naturally keep me update if you will see side effects or that error will re-happen again.

vallestechs · **Joined:** 15 Sep 2008 14:47 **Posts:** 6

aluigi wrote:

thanx for the feedback.
The only bad thing is that on Linux that work-around doesn't work, probably a different management of the memory or the garbage collector.
Naturally keep me update if you will see side effects or that error will re-happen again.

Hi there Luigi

as of today the server its rock solid I have tried myself the exploit and also I have been visited many times for the same Ip range that was crashing the server, using the Exploit... Maybe they are wondering why it doesnt work suddenly and thats becouse of your great finds... As I try to band all the Ip's address I wont do becouse they cant crash my server at all and that make me feel great cuz "We" the guy guys wins this time
anyways thanks for your help again and I will have you informed if something else occured......

aluigi · **Posted:** 16 Sep 2008 22:01

naturally remember to apply also the fixes and work-arounds for the new bug:

http://aluigi.org/patches/unrealoadfix.txt

those quick modifications to engine.dll (1 byte) or ucc-bin (6 bytes) have been tested even by an UT2004 admin on his production server for over one day with forced attacks versus it and worked perfectly

vallestechs · **Joined:** 15 Sep 2008 14:47 **Posts:** 6

aluigi wrote:

naturally remember to apply also the fixes and work-arounds for the new bug:

http://aluigi.org/patches/unrealoadfix.txt

those quick modifications to engine.dll (1 byte) or ucc-bin (6 bytes) have been tested even by an UT2004 admin on his production server for over one day with forced attacks versus it and worked perfectly

Does apply for the demo server ?

I got the latest demo, will wait for your anwser!!

Edited:

Code:

Ok never mind, doesnt apply to my server becouse demo server doesnt not have the feature "AllowDownloads=false" on;  Becouse is a demo, nothing cant be donwloaded from server at all.... there are some other vulnerabilities, perhaps the one that comes in hand now is the flag vulnerabilities , which i dont know much how they do it....
They have a way to hide the flag somehow from the game, and the goes to a loop until the server is reseted.... thanks I'll be around...

aluigi · **Posted:** 17 Sep 2008 05:47

if you already have "AllowDownloads=false" you are safe

while I have not understood that problem of the flag, is it something related to capture the flag or something else?

vallestechs · **Joined:** 15 Sep 2008 14:47 **Posts:** 6

aluigi wrote:

if you already have "AllowDownloads=false" you are safe

while I have not understood that problem of the flag, is it something related to capture the flag or something else?

There seems to be a glitch on the latest demo server... I could just install the retail server, but log have shown that is demo people comunities that plays most, so i dont want to shut down the demo server....

The flag glitch is somehow done when a player knows how to do it, hide the flag and the game loop forever, and there you heard blue or red flag returned and never go back to the the player base.... this hasnt ocurred as of yet in my server....
and yes its related to CTF game only.
lates

Luigi Auriemma

UT2004 Demo server fixed!