 |
Luigi Auriemmaaluigi.org (ARCHIVE-ONLY FORUM!) |
|
It is currently 19 Jul 2012 13:02
|
View unanswered posts | View active topics
|
Page 1 of 1
|
[ 12 posts ] |
|
| Author |
Message |
|
naive101
|
Post subject: Help!  Posted: 24 Jan 2010 04:04 |
|
Joined: 24 Jan 2010 03:50
Posts: 15
|
|
Greetings friends,
A couple days ago I ran into this guy whos spams ventrilos for fun, knowing that he was going to target my vent server next I changed the password to something only I would know. A couple of hours later my server, I disconnected my server and attempted to reconnect. It said I couldn't reconnect because the server was "full" but there was nobody inside that ventrilo server but me because I forced my way in. When I spoke to the ventrilo people they said that "hundreds of users are attempting to connect to my server every second." so my question is, how does one do that? How can I possibly do that? Would I be able to do it if I open hundreds of ventrilofp windows and set them to connect but not type a password in so they don't actually connect to the server just try to.
Any theories or opinions would be very much appreciated, thanks in advanced guys.
|
|
| Top |
|
 |
|
|
|
|
|
|
|
|
Sethioz
|
Post subject: Re: Help! Posted: 24 Jan 2010 14:34 |
|
Joined: 24 Sep 2007 02:12
Posts: 1114
Location: http://sethioz.co.uk
|
|
lol dude, Luigi have written a tool for that, a fake user/player tool that sends users. its called ventrilofp, but what is your problem ? are you trying to solve it, or trying to replicate this ? to me it seems you are more interested of doing it, than preventing it. anyways ventrilofp is located on Luigi's under fake players bug.
|
|
| Top |
|
|
|
naive101
|
Post subject: Re: Help! Posted: 24 Jan 2010 15:58 |
|
Joined: 24 Jan 2010 03:50
Posts: 15
|
|
I know about ventrilofp and what it does, the thing is when I try to do it, it doesn't work. Yes I am trying to replicate this..
When this issue happened nobody could connect to the server even thought it was clearly empty from the inside it was just being overwhelmed by users attempting to connect from the outside despite the fact that they where getting the password wrong.
I've also noticed under patches there is a ventrilo pointer patch (botomy) Does that nean that if I apply that patch to my ventrilo it will be able to take others down? Thanks in advanced for the help, just curious and I apologize for my bad english.
|
|
| Top |
|
|
|
aluigi
|
Post subject: Re: Help! Posted: 24 Jan 2010 16:49 |
|
Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
|
|
it was for sure a fake players attack.
at the moment I don't remember if it's possible to limit this vulnerability because Duplicates=0 doesn't seem to do much.
sincerely I don't remember
|
|
| Top |
|
|
|
naive101
|
Post subject: Re: Help! Posted: 24 Jan 2010 18:11 |
|
Joined: 24 Jan 2010 03:50
Posts: 15
|
|
Yeah, i was just wondering how he did it? Did he have hundreds of ventrilofp.exe windows opened and executed them all at once? That's the best i can think of so far.
|
|
| Top |
|
|
|
aluigi
|
Post subject: Re: Help! Posted: 24 Jan 2010 18:38 |
|
Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
|
|
yes, it's possible.
after all ventrilofp is only a proof-of-concept so it's job is only prooving the existence of the bug without being "extreme" like using multiple threads for all the connections.
that's why ventrilofp and any other of my PoC don't use threads
|
|
| Top |
|
|
|
naive101
|
Post subject: Re: Help! Posted: 24 Jan 2010 18:43 |
|
Joined: 24 Jan 2010 03:50
Posts: 15
|
|
Ahh, I see. Thank's for the help.
|
|
| Top |
|
|
|
Sethioz
|
Post subject: Re: Help! Posted: 24 Jan 2010 23:38 |
|
Joined: 24 Sep 2007 02:12
Posts: 1114
Location: http://sethioz.co.uk
|
|
Luigi, doesn't your universal player/user limiter work ?
it should limit the join packet just fine.
anyways, he was using the fake player/user flooder, those are called "invisible" users, because they only take a slot, but they don't actually appear. this happens in many other servers too (game or chat or whatever).
|
|
| Top |
|
|
|
aluigi
|
Post subject: Re: Help! Posted: 24 Jan 2010 23:43 |
|
Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
|
|
no, doesn't work because that limiter is based on udp packets while ventrilo uses tcp connections.
but yes, basicly could be made the same job also for tcp connections monitoring myaccept instead of myrecvfrom
|
|
| Top |
|
|
|
Sethioz
|
Post subject: Re: Help! Posted: 24 Jan 2010 23:44 |
|
Joined: 24 Sep 2007 02:12
Posts: 1114
Location: http://sethioz.co.uk
|
|
devil damn it, i keep forgetting that your playerlimiter is only for UDP, i should write it down in my memo file
|
|
| Top |
|
|
|
naive101
|
Post subject: Re: Help! Posted: 25 Jan 2010 03:45 |
|
Joined: 24 Jan 2010 03:50
Posts: 15
|
|
UPDATE: The tool "Tcpfp" does do what I described in my previouse post, but it does it from only one IP address which is pretty easy to avoid the guy that was doing this was doing it from an insane amount of IP Adresses, I wish I knew how to spoof my IP like he did.... Sigh.
Thanks for the help anyways guys, it is very much appreciated.
|
|
| Top |
|
|
|
Sethioz
|
Post subject: Re: Help! Posted: 25 Jan 2010 18:03 |
|
Joined: 24 Sep 2007 02:12
Posts: 1114
Location: http://sethioz.co.uk
|
|
you can not spoof your IP, you can only use proxy servers.
to find a TCP proxy, you need to google. then you can use sockscap or something like this or proxyfirewall to rotate between proxys.
|
|
| Top |
|
|
|
|
Page 1 of 1
|
[ 12 posts ] |
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum
|
|
