That was fixed. 2012/6/13 Joe Brown <k1773r0nt3h...@hotmail.com>: > > This was used (and may still be) in hacks as a way to stop admins from using > the status command to see your STEAMID in the client console. Spamming it > like that blocked all clients connected to the server from being able to use > the status command, preventing or extending the time it takes to ban someone. > Correct me if I'm wrong but I thought the was fixed in an update. > >> Date: Wed, 13 Jun 2012 01:23:23 +0200 >> From: rugnor.maj...@gmail.com >> To: hlds_linux@list.valvesoftware.com >> Subject: Re: [hlds_linux] Overflow attack to Source servers >> >> That's a critical detail I forgot to mention, so sorry: RCON is port >> closed, so every attempt to access RCON gives a "Time Out". >> >> I'm totally sure it's "status", here I paste an excerpt from the SMAC >> log, made just by the same plugin you suggest: >> >> Sat Mar 31 14:56:34 2012: Console<0><Console><Console> executes: status >> Sat Mar 31 14:56:34 2012: Console<0><Console><Console> executes: status >> Sat Mar 31 14:56:34 2012: Console<0><Console><Console> executes: status >> Sat Mar 31 14:56:34 2012: Console<0><Console><Console> executes: status >> Sat Mar 31 14:56:34 2012: Console<0><Console><Console> executes: status >> Sat Mar 31 14:56:34 2012: Console<0><Console><Console> executes: status >> Sat Mar 31 14:56:34 2012: Console<0><Console><Console> executes: status >> Sat Mar 31 14:56:34 2012: Console<0><Console><Console> executes: status >> Sat Mar 31 14:56:34 2012: Console<0><Console><Console> executes: status >> ... >> >> (Well an this goes on for thousands and thousands of lines, making >> pretty ~1GB files each day XD) >> >> I added status as a SMAC blocked command, still no luck. (used >> smac_addcmd as stated in the link you provided, but as you say SMAC wont >> block commands coming from the server). >> >> The command can be captured and processed prom a plugin, but in every >> teast I made I always got client 0 (console) as the triggerer, (of >> course testing from the game, through a clean client account, not from >> console). I think the server has never blocked me from executing status, >> even reproducing the attack (which is just spamming status from a game's >> client console). >> >> The server would block it surely if it was marked as client triggered. >> At least where I can personally try (TF2 dedicated, Linux), it's always >> executed as from console. Some other server owners are working with me >> on this, and this works like this on their's too (CSS and CSGO confirmed >> to be vulnerable to this attack too). >> >> Something that comes to my mind is if some "lower" addon like Metamod >> is actually always deflecting this command through the console; I need >> to try again on a clean install to check it. > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
-- Best regards, AnAkIn _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
