Pretty sure by context it means proof of concept.
For CS:GO sv_allowupload 0 could easily be used to counter what you are
claiming. This goes for any source game server but for games that allow
sprays this would disable them.
On 10/10/2017 10:26 AM, Stealth Mode wrote:
POC far as I know is always Point Of Contact. Or Professional Overseas
Contractor.
Unless you are referring to Packet Order Correction in reference to
networking. Which yes, even then, does not apply in this situation.
-StealthMode
On Tue, Oct 10, 2017 at 10:19 AM, Alan Love <mumphs...@gmail.com
<mailto:mumphs...@gmail.com>> wrote:
Did you read how that's actually exploited? It would require
another malicious script to parse the exif tag and eval some PHP.
How exactly would a similar situation occur on a hosted game
server? Do you have a poc? You say this email chain is one but I
dont think you quite know what you're talking about.
On Oct 10, 2017 9:15 AM, "Stealth Mode" <stealthmode1...@gmail.com
<mailto:stealthmode1...@gmail.com>> wrote:
This email is fine for a POC. Far as the exploit, for those
who arent familiar, this is an example.
https://www.trustwave.com/Resources/SpiderLabs-Blog/Hiding-Webshell-Backdoor-Code-in-Image-Files/
<https://www.trustwave.com/Resources/SpiderLabs-Blog/Hiding-Webshell-Backdoor-Code-in-Image-Files/>
On Tue, Oct 10, 2017 at 5:19 AM, Saint K.
<sai...@specialattack.net <mailto:sai...@specialattack.net>>
wrote:
Do you have a POC?
*From: * Stealth Mode <stealthmode1...@gmail.com
<mailto:stealthmode1...@gmail.com>>
*To: * <csgo_servers@list.valvesoftware.com
<mailto:csgo_servers@list.valvesoftware.com>>
*Sent: * 10/10/2017 12:44 AM
*Subject: * Re: [Csgo_servers] Custom files exploit
Yes, IT skills. Electronics skills. And old school
knowledge of how to inject image files with malicious
code (NetSec/ITSec). This is an older style of
"hacking". Remember those warnings about clicking
download attachments from the 90s onward? Same thing
still applies. Except, there is no detection for any
hlds/go server, so an injected image can contaminate a
server cache. Which in turn will infect clients. Any
image file, any data file really, can be modified like
this. Willing to bet good money those $500. go weapon
skins have hack code scripted and injected into the
image.
On Mon, Oct 9, 2017 at 11:59 AM, iNilo
<inilo.in...@gmail.com <mailto:inilo.in...@gmail.com>>
wrote:
Sure,
But you have anything to back this up? (don't take
it the wrong way)
Nilo.
2017-10-09 16:54 GMT+02:00 Stealth Mode
<stealthmode1...@gmail.com
<mailto:stealthmode1...@gmail.com>>:
Headsup admins/owners. Might want to disable
custom files till valve addresses this issue
brought to their attention a month ago.
There is an exploit where any client with
minor skill can inject custom files with all
types of malicious code. From hacks in weapon
skins, to ransomware in custom .bsp, to remote
backdoors in custom spray paints.
The exploit is injecting code into any image,
sound, or data file. You can take weapon skins
(csgo), sound files, spray paint image files,
even .bsp/etc. and inject hack code, or actual
ransomware, viruses, or Trojans/rootkits
directly into a server cache, or client cache
via the custom file.
Might want to disable custom files till valve
decides to correct this issue.
-StealthMode
_______________________________________________
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
<mailto:Csgo_servers@list.valvesoftware.com>
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
<https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers>
_______________________________________________
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
<mailto:Csgo_servers@list.valvesoftware.com>
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
<https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers>
_______________________________________________
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
<mailto:Csgo_servers@list.valvesoftware.com>
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
<https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers>
_______________________________________________
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
<mailto:Csgo_servers@list.valvesoftware.com>
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
<https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers>
_______________________________________________
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
<mailto:Csgo_servers@list.valvesoftware.com>
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
<https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers>
_______________________________________________
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
<mailto:Csgo_servers@list.valvesoftware.com>
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
<https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers>
_______________________________________________
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
_______________________________________________
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers