So i think found out the hacker's who sent those bots in my server ip and steamid: from logfile:
"The Spamminator" connected, address "65.13.45.43:50347" "The Spamminator" STEAM USERID validated "The Spamminator" joined team "Spectator" "Bot01" connected, address "0.0.0.0:0" "Bot01" entered the game "Bot01" joined team "Blue" "Bot01" changed role to "engineer" "Bot01" triggered "builtobject" (object "OBJ_SENTRYGUN") (position "-3202 2784 -445") "Bot02" connected, address "0.0.0.0:0" "Bot02" entered the game and so on.. while the server became full of bots :( I hope this could someone find out the reason of this problem Quoting "P. Bhandal" : I'd really prefer it if they spent their time ensuring that the wonder that is the custom tab is successful rather than patching this security hole. Priorities people! On Mon, Apr 28, 2008 at 10:02 PM, voogru <[EMAIL PROTECTED]> wrote: > Well, we still did the right thing. > > Whether they give us credit or not, no big deal. > > It would be neat though :D > > - voogru. > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Tony Paloma > Sent: Tuesday, April 29, 2008 12:54 AM > To: 'Half-Life dedicated Win32 server mailing list' > Subject: Re: [hlds] New server exploit (not nuking) > > One srcds exploit. I helped. That reminds me, didn't valve say they'd give > us a mention in a steam news update thing? > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of voogru > Sent: Monday, April 28, 2008 9:41 PM > To: 'Half-Life dedicated Win32 server mailing list' > Subject: Re: [hlds] New server exploit (not nuking) > > No. > > Me first. > > I probably found some of the coolest srcds exploits anyway (was recently > fixed :D) > > - voogru. > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Tony Paloma > Sent: Tuesday, April 29, 2008 12:24 AM > To: 'Half-Life dedicated Win32 server mailing list' > Subject: Re: [hlds] New server exploit (not nuking) > > Uhm, me first. > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Nephyrin Zey > Sent: Monday, April 28, 2008 9:19 PM > To: Half-Life dedicated Win32 server mailing list > Subject: Re: [hlds] New server exploit (not nuking) > > Dear Valve: > > God damn. > I just finished my damn iptables rule to fix your broken packethandling. > > In conclusion, give me a job. (please? I'll pretend to like wow around > gabe!) > > - Neph > > On Mon, Apr 28, 2008 at 9:12 PM, Tony Paloma <[EMAIL PROTECTED]> > wrote: > > Found the problem > > > > "sv_benchmark_force_start" > > game > > - Force start the benchmark. This is only for debugging. It's better > to > set > > sv_benchmark to 1 and restart the level. > > > > Players can run this and make the server start the benchmark. Real bad > > mmmmk. > > > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > > > [mailto:[EMAIL PROTECTED] On Behalf Of Ian Shaffer > > Sent: Monday, April 28, 2008 9:06 PM > > To: Half-Life dedicated Win32 server mailing list > > > > > > Subject: Re: [hlds] New server exploit (not nuking) > > > > What map is running? > > > > Tony Paloma wrote: > > > Also, this is what shows up in the logs. No indication of any RCON > > commands > > > being executed. > > > > > > ... > > > L 04/28/2008 - 22:43:54: "Anona > mouse<12><STEAM_0:0:4512137><Unassigned>" > > > joined team "Red" > > > L 04/28/2008 - 22:43:54: server_cvar: "mp_teams_unbalance_limit" "0" > > > L 04/28/2008 - 22:43:54: "Thomas<2><STEAM_0:1:3471103><Red>" say > "hmmm" > > > L 04/28/2008 - 22:43:55: "Bot01<17><BOT><>" connected, address > "0.0.0.0:0" > > > L 04/28/2008 - 22:43:55: "Bot01<17><BOT><>" entered the game > > > L 04/28/2008 - 22:43:55: "Voltaic<6><STEAM_0:0:851288><Blue>" changed > role > > > to "medic" > > > L 04/28/2008 - 22:43:55: "Bot01<17><BOT><Unassigned>" joined team > "Blue" > > > L 04/28/2008 - 22:43:55: "Bot01<17><BOT><Blue>" changed role to > "engineer" > > > L 04/28/2008 - 22:43:55: "Bot01<17><BOT><Blue>" triggered > "builtobject" > > > (object "OBJ_SENTRYGUN") (position "-3202 2574 -450") > > > ... > > > > > > Again, another time: > > > .. > > > L 04/28/2008 - 22:42:49: server_cvar: "mp_teams_unbalance_limit" "0" > > > L 04/28/2008 - 22:42:50: "Bot01<22><BOT><>" connected, address > "0.0.0.0:0" > > > L 04/28/2008 - 22:42:50: "Bot01<22><BOT><>" entered the game > > > ... > > > > > > -----Original Message----- > > > From: [EMAIL PROTECTED] > > > [mailto:[EMAIL PROTECTED] On Behalf Of Tony Paloma > > > Sent: Monday, April 28, 2008 8:52 PM > > > To: 'Half-Life dedicated Win32 server mailing list' > > > Subject: [hlds] New server exploit (not nuking) > > > > > > So my servers are getting this in the console: > > > > > > > > > > > > Benchmark: 40% complete. > > > > > > Benchmark: 43% complete. > > > > > > (:: lmao > > > > > > Benchmark: 46% complete. > > > > > > Benchmark: 49% complete. > > > > > > Compressing fragments (552 -> 521 bytes > > > > > > Benchmark: 52% complete. > > > > > > Compressing fragments (691 -> 667 bytes > > > > > > Benchmark: 55% complete. > > > > > > > > > > > > People are claiming to see bots spawning and crazy stuff happening > then > > > "something to do with balance being turned to 0 then it crashes." > > > > > > > > > > > > Another report said, "it said team balance set to 0 then it crashed." > > > > > > > > > > > > So I'm thinking either my RCON password was compromised or a new > exploit > > is > > > going around. I checked real quick and didn't find anything to > suggest > it > > > was my RCON password getting out. Anyone know what commands cause > this > > > Benchmark thing? > > > > > > _______________________________________________ > > > To unsubscribe, edit your list preferences, or view the list > archives, > > > please visit: > > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > > > > _______________________________________________ > > > To unsubscribe, edit your list preferences, or view the list > archives, > > please visit: > > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > > > > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list archives, > > please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds Links: ------ [1] mailto:[EMAIL PROTECTED] _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
