Luigi Auriemma

aluigi.org (ARCHIVE-ONLY FORUM!)
It is currently 19 Jul 2012 13:28

All times are UTC [ DST ]





Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 8 posts ] 
Author Message
 Post subject: RCON hacking for CS:S?
PostPosted: 11 Jun 2009 21:05 

Joined: 11 Jun 2009 20:33
Posts: 7
An m8 of mine did it yesterday, but wont tell me how-.-

Does any1 know what program to use or maybe write an tutorial?
I downloaded a couple of cracker/sniffers/brute..whatever, they seem to be out of date or plain suckeh..


Is there any simple guide that can be understood by non-programmers for this:
http://aluigi.altervista.org/adv/webmodz-adv.txt


The Ddos attack, where you send 200 http packages, where do I find info about it?
I forgot where I read it >.<(I know I didnt see it here tho, so Im not refering to aluigis stuff)






I found this on myg0t, about rcon bruteforce or something, can any1 confirm if this works?

READ:
Quote:
dead_rat
Guest Posts: n/a

Get the CSSh3.zip from this site.

In a command prompt just type CSSh3.exe -force 99.99.99.99:12345
(replace 99.99.99.99 with the servers IP and 12345 with the port)
It will get you the PW usually in 3-5 minutes.





Quote:

italiano
italiano is offline
scr1pt k1dd1e
Join Date: Jan 2005
Posts: 55


so i guess u guys dont want to share your wealth?

i have one program

http://anonym.to?http://ahp42.free.fr/Rcon_Scan.rar


You need extract it, launch SFRconBrute.exe. The program is in a strange language lol. Skip all the messages at the beginning. Enter the servers IP and Port at the top of the program. DigitosInicias is the number of letters that the password can have, Velocidade of Scanner --> dont touch that. Digitos usados is all the caracteres that the password can have. Then uncheck AutoPause and click on "Perdas" at the bottom (yes on the text). Click on IniciaSCAN (or something similar) and here you go.

BIG PROBLEM ON THIS PROGRAM: REALLY FUCKING SLOW!!!!
with broadband I had to wait something like 60h for an rcon password with 4 letters and using only letters in small caractere and no numbers.

this is the only program that i have...and if ur worried about viruses..it has none, but it really sucks..im looking for a better program out there, so if u have it pls share the wealth, otherwise be gay and post more viruses and trojans (try downloading some SPOR KEH )







I also found this:

Quote:
1. Start Any HL1 mod
2. Developer 1 in console
3. Find a server with custom content and fast download
4. Press cancel just after the fast download begins
5. Look in the console for the url
6. when the url for example is:
http://123.123.123.123/cstrike/maps/custommap.bsp
change the url to http://123.123.123.123/cstrike/server.cfg and open it.
And you might be lucky. do I download the file? Do I put it in my browser or what?

An old bug for CS 1.6, but if you find an server with Fast-Download for CSS,
you can type sv_downloadurl and youl see the directory for map downloads.

I tried to guess back and forth to find the correct directory in browser, but when i found the cfg directory, server.cfg aint there, protected or something(in big communities that is).

Is there any way around it?



NOTE: I dont want the sv_cheats 1 rcon takeover bug tutorial or script, I alleady got it, and theres few sv_cheats 1 server left.

NOTE 2: Im sry if this is noobie or not allowed to ask or something, but I dont see any forum rules or anything, maybe im blind, but whatever.


Top
 Profile  
 
 
 Post subject: Re: RCON hacking for CS:S?
PostPosted: 11 Jun 2009 22:32 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
uhmmm some corrections and informations for this thread and in general:

Quote:
I downloaded a couple of cracker/sniffers/brute..whatever, they seem to be out of date or plain suckeh..
uhmmm downloading uncertain programs from untrusted sources (and moreover without source code) with fluffiness is ever a bad idea.
just a generic suggestion for anyone.

Quote:
Is there any simple guide that can be understood by non-programmers for this:
http://aluigi.altervista.org/adv/webmodz-adv.txt
it's a technical advisory intended for developers and people in the security field anyway the negative effects of those vulnerabilities should be plus or less comprehensible to anyone who knows that software (admins and people who use it).

Quote:
The Ddos attack, where you send 200 http packages, where do I find info about it?
the initial 'd' in the ddos term stands for "distribuited" which means that the Denial of Service (even a simple connection can be defined a DoS in particular conditions) is performed by 2 or more clients.
in this specific case I guess you refer only to a simple resource consumption probably caused by an internal limit of the http server (webmod or what? you have not specified it).

Quote:
It will get you the PW usually in 3-5 minutes.
through brute forcing there is no way in the world to have fast results so who said a similar thing wasn't talking about "brute forcing" (which means trying a sequence of text strings using a specific charset) or was lying (classical way for bad people who wants to spread malware because there is ever one or more ignorants who trust such idiocies).

it's a logical thing, first because the result of a brute forcing depends by the real password ("aaa" is different than "2h3jh27';asdf3" and depending by the used charset (example azAZ09) so the second one can be just not guessed at all after days of testing), then because the continuous trying of strings built at runtime occupies lot of time due to the abnourmous amount of combinations and finally because on the network (even in LAN) there is the huge problem of the latency between the sending of the request and the receiving of the input... so a thing which is already slow and uncertain for its nature becomes worst in such conditions.

same problems also for the worldlist method were there is a starting base (the word in the wordlist) but remain all the other negative points said before for brute forcing (but obviously with a smaller amount of combinations).

Quote:
BIG PROBLEM ON THIS PROGRAM: REALLY FUCKING SLOW!!!!
obviously as said before :)

Quote:
http://123.123.123.123/cstrike/server.cfg
this is a classical example of disinformation.
in the security field there are various things which are of vital importance and are logically needed for understanding the security problem:
- the name of the affected software (missing in this case)
- the latest version of the affected software which has been tested vulnerable (missing too)
- the possible conditions in which the vulnerability is exploitable (missing too)
- possibly other useful details about the vulnerability, its causes and its effects (missing too).
so that short set of "instructions" you found means just nothing.

Quote:
NOTE 2: Im sry if this is noobie or not allowed to ask or something, but I dont see any forum rules or anything, maybe im blind, but whatever.
the forum rules are available here: welcome-and-rules-t14.html
anyway being a personal forum are welcome all the threads about my personal research, tools and other stuff (that's why the forum has the same sections of my website) but are accepted also discussions about new possible projects or other informations of public interest.
instead are avoided all lame requests and related things (easy to recognize) which have a direct and clear malicious intent, some examples are available in the trash section.


Top
 Profile  
 
 Post subject: Re: RCON hacking for CS:S?
PostPosted: 12 Jun 2009 12:18 

Joined: 11 Jun 2009 20:33
Posts: 7
hmm ok, so lets rule out most of it, how do you think my m8 did it?

I have another m8 that told me about the ddos or dos attack, I dont got any source or link for it it(yet), ill show it to you when he get it =)

Again, im a bit newbie, with the http://123.123.123.123/cstrike/server.cfg thing, what software are you refering to? you mean like platform its located on?

The closest I can get is guessing the comination of the host name, its usually teh pass for clan server.


Top
 Profile  
 
 Post subject: Re: RCON hacking for CS:S?
PostPosted: 12 Jun 2009 14:37 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
with "software" I mean the program which binds the port 80 about you refer (http://123.123.123.123).
as far as I know (I don't have the game and I have never tried/tested it) the Source engine binds only the game port (udp 27015) and optionally the rcon one which is on a tcp port, so on that port 80 is running another third party program (for example webmod which is affected by a directory traversal but that example "test" you pasted does nothing).

while about your friend... one of the interesting and incredible things of the security vulnerabilities is that their direct and indirect effects can be totally diffrent and moreover "user dependent" and "situation dependent".
that's why a directory traversal can lead to the compromise of the game server (like the directory traversal in the quake 3 engine if used to get the server.cfg file) and the same can happen with a simple voting (like the callvote bug in q3 used to execute commands on the servers) or a simple say command (cvars expansion affecting some old mods of q3) and so on forever.


Top
 Profile  
 
 Post subject: Re: RCON hacking for CS:S?
PostPosted: 26 Mar 2010 12:09 

Joined: 11 Jun 2009 20:33
Posts: 7
Hey, Im bumping this again.

About this:
http://www.youtube.com/user/BackwardsSu ... OCdWLDUhlQ
http://www.hackforums.net/showthread.php?tid=228557
http://aluigi.org/adv/sourceupfile-adv.txt

Cam and Backwards sell this with HWID lock for 125?? also its backdoored...

Are you able to crack it, so the ppl who use it dont get added to his botnet?


Top
 Profile  
 
 Post subject: Re: RCON hacking for CS:S?
PostPosted: 30 Mar 2010 06:42 

Joined: 02 Feb 2009 06:29
Posts: 13
First off It isnt backdoored, there is code there that looks like it is. But its all ineffective. Also Aluigi Does White hat Hacking not Black Hat...find another place for ur bs


Top
 Profile  
 
 Post subject: Re: RCON hacking for CS:S?
PostPosted: 31 Mar 2010 07:20 

Joined: 11 Jun 2009 20:33
Posts: 7
Can anyone confirm its ineffective?

Also its not my bullshit, as Luigi found the exploit i thought he found it interesting.

Stop being cocksucker.


Top
 Profile  
 
 Post subject: Re: RCON hacking for CS:S?
PostPosted: 01 Apr 2010 15:49 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
@dj6230
I don't understand what you mean (botnet? sell? eh?).
anyway as written in the update of my advisory the 17 Sep 2009 the vulnerability was still unpatched (CSS, TF2, any), so anything done by Valve after that date is totally unknown to me because I don't touch the engine from there (and I will never return on it).


Top
 Profile  
 
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 8 posts ] 

All times are UTC [ DST ]


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
cron