Sick burnnn -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of voogru Sent: Monday, April 28, 2008 11:41 PM To: 'Half-Life dedicated Win32 server mailing list' Subject: Re: [hlds] New server exploit (not nuking)
Hi Andrius Pirus, I am going to call you out on this, the IP address you posted on this mailing list is mine. I went on a rampage of using this exploit on cracked servers, I joined suspect servers and looked for cracked steamids in the status. The only way you could have got my IP address is by running a cracked server. This is a status of what I believe to be your server. hostname: GIGN Team Fortress 2 | tf2.gign.lv version : 1.0.2.3/14 3434 secure udp/ip : 193.46.236.246:27015 map : cp_dustbowl at: 0 x, 0 y, 0 z players : 31 (32 max) # userid name uniqueid connected ping loss state # 14394 "unnamed" STEAM_666:88_666 42:55 335 0 active # 14230 "RIM" STEAM_666:88_666 4:26:14 196 0 active # 14420 "HitmanForMoney" STEAM_666:88_666 13:26 72 0 active # 14347 "JellyBean" STEAM_666:88_666 1:34:25 240 0 active Interesting steamids! You deny running this server, so I took your username from your email address and googled it, I found this: http://www.btmon.com/uploader/izvrashenj (NOT SAFE FOR WORK) http://thepiratebay.org/user/izvrashenj/0/7 Interesting, someone with that weird name just so happens to pirate TF2. And then, your email, just so happens to be [EMAIL PROTECTED], coincidence? I think not! Andrius Pirus is actively pirating our beloved TF2. Go fuck yourself. - voogru. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Andrius Pirus Sent: Tuesday, April 29, 2008 2:24 AM To: Half-Life dedicated Win32 server mailing list Subject: Re: [hlds] New server exploit (not nuking) no. and i think we shouldnt make offtopic :) Quoting voogru : Do you run the tf2.gign.lv servers by any chance? - voogru. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Andrius Pirus Sent: Tuesday, April 29, 2008 2:03 AM To: Half-Life dedicated Win32 server mailing list Subject: Re: [hlds] New server exploit (not nuking) So i think found out the hacker's who sent those bots in my server ip and steamid: from logfile: "The Spamminator" connected, address "65.13.45.43:50347" "The Spamminator" STEAM USERID validated "The Spamminator" joined team "Spectator" "Bot01" connected, address "0.0.0.0:0" "Bot01" entered the game "Bot01" joined team "Blue" "Bot01" changed role to "engineer" "Bot01" triggered "builtobject" (object "OBJ_SENTRYGUN") (position "-3202 2784 -445") "Bot02" connected, address "0.0.0.0:0" "Bot02" entered the game and so on.. while the server became full of bots :( I hope this could someone find out the reason of this problem Quoting "P. Bhandal" : I'd really prefer it if they spent their time ensuring that the wonder that is the custom tab is successful rather than patching this security hole. Priorities people! On Mon, Apr 28, 2008 at 10:02 PM, voogru <[EMAIL PROTECTED]> wrote: > Well, we still did the right thing. > > Whether they give us credit or not, no big deal. > > It would be neat though :D > > - voogru. > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Tony Paloma > Sent: Tuesday, April 29, 2008 12:54 AM > To: 'Half-Life dedicated Win32 server mailing list' > Subject: Re: [hlds] New server exploit (not nuking) > > One srcds exploit. I helped. That reminds me, didn't valve say they'd give > us a mention in a steam news update thing? > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of voogru > Sent: Monday, April 28, 2008 9:41 PM > To: 'Half-Life dedicated Win32 server mailing list' > Subject: Re: [hlds] New server exploit (not nuking) > > No. > > Me first. > > I probably found some of the coolest srcds exploits anyway (was recently > fixed :D) > > - voogru. > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Tony Paloma > Sent: Tuesday, April 29, 2008 12:24 AM > To: 'Half-Life dedicated Win32 server mailing list' > Subject: Re: [hlds] New server exploit (not nuking) > > Uhm, me first. > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Nephyrin Zey > Sent: Monday, April 28, 2008 9:19 PM > To: Half-Life dedicated Win32 server mailing list > Subject: Re: [hlds] New server exploit (not nuking) > > Dear Valve: > > God damn. > I just finished my damn iptables rule to fix your broken packethandling. > > In conclusion, give me a job. (please? I'll pretend to like wow around > gabe!) > > - Neph > > On Mon, Apr 28, 2008 at 9:12 PM, Tony Paloma <[EMAIL PROTECTED]> > wrote: > > Found the problem > > > > "sv_benchmark_force_start" > > game > > - Force start the benchmark. This is only for debugging. It's better > to > set > > sv_benchmark to 1 and restart the level. > > > > Players can run this and make the server start the benchmark. Real bad > > mmmmk. > > > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > > > [mailto:[EMAIL PROTECTED] On Behalf Of Ian Shaffer > > Sent: Monday, April 28, 2008 9:06 PM > > To: Half-Life dedicated Win32 server mailing list > > > > > > Subject: Re: [hlds] New server exploit (not nuking) > > > > What map is running? > > > > Tony Paloma wrote: > > > Also, this is what shows up in the logs. No indication of any RCON > > commands > > > being executed. > > > > > > ... > > > L 04/28/2008 - 22:43:54: "Anona > mouse<12><STEAM_0:0:4512137><Unassigned>" > > > joined team "Red" > > > L 04/28/2008 - 22:43:54: server_cvar: "mp_teams_unbalance_limit" "0" > > > L 04/28/2008 - 22:43:54: "Thomas<2><STEAM_0:1:3471103><Red>" say > "hmmm" > > > L 04/28/2008 - 22:43:55: "Bot01<17><BOT><>" connected, address > "0.0.0.0:0" > > > L 04/28/2008 - 22:43:55: "Bot01<17><BOT><>" entered the game > > > L 04/28/2008 - 22:43:55: "Voltaic<6><STEAM_0:0:851288><Blue>" changed > role > > > to "medic" > > > L 04/28/2008 - 22:43:55: "Bot01<17><BOT><Unassigned>" joined team > "Blue" > > > L 04/28/2008 - 22:43:55: "Bot01<17><BOT><Blue>" changed role to > "engineer" > > > L 04/28/2008 - 22:43:55: "Bot01<17><BOT><Blue>" triggered > "builtobject" > > > (object "OBJ_SENTRYGUN") (position "-3202 2574 -450") > > > ... > > > > > > Again, another time: > > > .. > > > L 04/28/2008 - 22:42:49: server_cvar: "mp_teams_unbalance_limit" "0" > > > L 04/28/2008 - 22:42:50: "Bot01<22><BOT><>" connected, address > "0.0.0.0:0" > > > L 04/28/2008 - 22:42:50: "Bot01<22><BOT><>" entered the game > > > ... > > > > > > -----Original Message----- > > > From: [EMAIL PROTECTED] > > > [mailto:[EMAIL PROTECTED] On Behalf Of Tony Paloma > > > Sent: Monday, April 28, 2008 8:52 PM > > > To: 'Half-Life dedicated Win32 server mailing list' > > > Subject: [hlds] New server exploit (not nuking) > > > > > > So my servers are getting this in the console: > > > > > > > > > > > > Benchmark: 40% complete. > > > > > > Benchmark: 43% complete. > > > > > > (:: lmao > > > > > > Benchmark: 46% complete. > > > > > > Benchmark: 49% complete. > > > > > > Compressing fragments (552 -> 521 bytes > > > > > > Benchmark: 52% complete. > > > > > > Compressing fragments (691 -> 667 bytes > > > > > > Benchmark: 55% complete. > > > > > > > > > > > > People are claiming to see bots spawning and crazy stuff happening > then > > > "something to do with balance being turned to 0 then it crashes." > > > > > > > > > > > > Another report said, "it said team balance set to 0 then it crashed." > > > > > > > > > > > > So I'm thinking either my RCON password was compromised or a new > exploit > > is > > > going around. I checked real quick and didn't find anything to > suggest > it > > > was my RCON password getting out. Anyone know what commands cause > this > > > Benchmark thing? > > > > > > _______________________________________________ > > > To unsubscribe, edit your list preferences, or view the list > archives, > > > please visit: > > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > > > > _______________________________________________ > > > To unsubscribe, edit your list preferences, or view the list > archives, > > please visit: > > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > > > > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list archives, > > please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds Links: ------ [1] mailto:[EMAIL PROTECTED] _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds Links: ------ [1] mailto:[EMAIL PROTECTED] _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
