Luigi Auriemma

aluigi.org (ARCHIVE-ONLY FORUM!)
It is currently 19 Jul 2012 11:44

All times are UTC [ DST ]





Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 2 posts ] 
Author Message
 Post subject: SoF2 q3infoboom Patch issues
PostPosted: 19 Jan 2010 15:30 

Joined: 18 Jan 2010 16:02
Posts: 1
I have done some testing, and found that your patch for the q3infoboom exploit has some issues with rocmod 2.1c for sof2.

I know you don't really support rocmod, but this just really confused me.

When the patch is applied to Windows servers (SoF2 v1.03) it is still effective when Rocmod 2.1c is running on the server. However, when it is applied to Linux servers (SoF2 v1.02a) with Rocmod 2.1c enabled, the servers become vulnerable to the q3infoboom exploit with the switches "-q getstatus -f 100". The vulnerability occurs somewhere in the vicinity of packet length 350.

I'm very confused as to why Rocmod 2.1c would cause vulnerability on one operating system but not the other. Do you have any opinions on this?


Top
 Profile  
 
 
 Post subject: Re: SoF2 q3infoboom Patch issues
PostPosted: 21 Jan 2010 21:19 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
sincerely I don't know why when this jurassik mod is installed then the server (on linux as far as has been reported) returns to be vulnerable.

the only thing I can suggest are:
- remove this old mod (obviously)
- or try replacing the 0x7f byte at offset 0x4394d of the patched sof2ded with 0x50
- or patch q3infoboom on sof2 for real

with the last suggestion I mean that my q3infofix is a work-around that I created to work on any system and vulnerable game without a big effor from me or other compatibility patches/problems but it can't be defined a real patch because it uses a work-around solution for avoiding the exploiting of the infostring vulnerability.
a real patch should place the limit on both the function that handles the getinfo and getstatus requests.


Top
 Profile  
 
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 2 posts ] 

All times are UTC [ DST ]


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for: