Re: [Csgo_servers] CSGO tokens generators

[Stealth Mode]

Reminds me of Dauphins plugin system for source. Probably the same Dev
created that inventory mod plugin. Not many devz chose to use ! as a
command interpreter/variable.

The plugin isn't illegitimate. So they won't block it.

On Tue, Jul 10, 2018, 12:07 Ejziponken -  wrote:

> Please devs, do something about the growing problem with servers breaking
> the rules regarding false inventories such as !knifes, !skins etc.
>
> There are paid services that allows the server operators to
> generate new tokens for a small fee, so they can keep running their servers
> with litte to no effort at all.
>
> Why is it that hosters that follows the rules, are the biggest losers when
>  it comes to plugins that allows for "inventory haxx"? Such as !ws !knife 
> !gloves
> skins..
>
> Having rules and then not backing it up with action/punishment is not fair.
>  That leaves us, that actually obeys the rules at a disadvantage, because
> we all know the kids like their skins.
>
> Either remove the rules and let us all host servers on equal conditions or
>  do something about the tokens generators. All I ask for is a "fair
> market and community".
>
>
> https://pbs.twimg.com/media/DhwWnLjWAAA21XX.jpg
>
>
> *Med vänliga hälsningar / Best regards*
>
> *Christopher Szabo *|* Chairman of the Board*
>
> Skype: szaabo85 | E-mail: sza...@hotmail.com
> Website: BrutalCS.nu | Facebook: Facebook.com/BrutalCS
>
>
> ___
> To unsubscribe, edit your list preferences, or view the list archives,
> please visit:
> https://list.valvesoftware.com/
>
___
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
https://list.valvesoftware.com/

Re: [Csgo_servers] Update

[Stealth Mode]

Kyle. Thanks for the Cyber harassment. How about you just don't respond.
How about you keep your antagonistic, juvenile, attempting to provoke
comments to yourself? Before you are banned from this list for harassment.

-Stealthmode

On Wed, May 9, 2018, 07:17 Kyle Sanderson <kyle.l...@gmail.com> wrote:

> Don't disparage the mentally ill. It's pretty clear StealthMode has
> problems; just leave it be and it will sort itself out.
>
> Kyle.
>
>
> On Tue, 8 May 2018, 22:59 Ryan Bentley, <rdp...@gmail.com> wrote:
>
>> "I am back tracing the Mac address of the proton VPN user now. I am
>> awaiting protons I.T. department to go through their server logs for the
>> Swiss proxy server they went through."
>>
>> Stealth is a 10/10 troll, I'm convinced. Bravo.
>>
>> On Tue, May 8, 2018 at 8:45 PM, Stealth Mode <stealthmode1...@gmail.com>
>> wrote:
>>
>>> The bad part is the bot mails aren't on one device. I have been
>>> contacted outside of this list from someone using proton VPN/protonmail
>>> harassing/stalking me with outdated personal information.
>>>
>>> I suspect this is the same person who has these scripts running to spam
>>> the list with random mail domain porn bots.
>>>
>>> I am back tracing the Mac address of the proton VPN user now. I am
>>> awaiting protons I.T. department to go through their server logs for the
>>> Swiss proxy server they went through.
>>>
>>> -Stealthmode
>>>
>>> On Tue, May 8, 2018, 08:44 ics <i...@ics-base.net> wrote:
>>>
>>>> These bots seem to spoof existing users and cause issues for them. For
>>>> example, i got 2 mails from the list that i've been unsubscribed due to
>>>> excessive bounces few weeks ago and i havent even posted to this list
>>>> more than once in the last 4-5 months.
>>>>
>>>> Your membership in the mailing list Csgo_servers has been disabled due
>>>> to excessive bounces The last bounce received from you was dated
>>>> 22-Apr-2018.
>>>>
>>>> Propably going to receive yet another porn mail after this mail where
>>>> some bot showcases image of some naked girl and pretends to be her.
>>>>
>>>> -ics
>>>>
>>>> ProJaCore wrote:
>>>> > Porn bots are just a huge risk.
>>>> >
>>>> > they could reaolve your mac address and use the exploit to vacnet ban
>>>> > you instantly permanent from valve servers.
>>>> >
>>>> > you should use a swarm cluster to protect yourself from incoming
>>>> attacks;
>>>> > all you need is just stackoverflows.
>>>> >
>>>> > Nomaan Ahmad <n0man@gmail.com <mailto:n0man@gmail.com>>
>>>> > schrieb am Di., 8. Mai 2018, 09:59:
>>>> >
>>>> > Porn bots are a huge exploit. Just imagine if they uploaded a
>>>> > picture and executed MD5 hashes on your PC through your browser or
>>>> > email client. You're all doomed.
>>>> >
>>>> > Trust me, I have done PhD in hacking. I have branched off rocket
>>>> > science into computer hacking.
>>>> >
>>>> > On Tue, 8 May 2018, 7:43 am Maxence Sartiaux, <cont...@makz.me
>>>> > <mailto:cont...@makz.me>> wrote:
>>>> >
>>>> > Ban the porn bot by mac address
>>>> >
>>>> >
>>>> > On 05/08/2018 07:55 AM, Stealth Mode wrote:
>>>> >> BTW. Vitaliy. There is a lot of spam incoming from a porn bot
>>>> >> to this list. From multiple domains. There is also someone
>>>> >> using proton VPN and protonmail to stalk, and harass people
>>>> >> on this list. Please forward this info to security.
>>>> >>
>>>> >> Thanks in advance.
>>>> >>
>>>> >> -Stealthmode
>>>> >>
>>>> >> On Mon, May 7, 2018, 16:43 Vitaliy Genkin
>>>> >> <vita...@valvesoftware.com
>>>> >> <mailto:vita...@valvesoftware.com>> wrote:
>>>> >>
>>>> >> An optional stability update for CS:GO game servers to
>>>> >> address several network exploits has been released with
>>>> >> PatchVersion=1.36

Re: [Csgo_servers] Animation Bug in Global Offensive.

[Stealth Mode]

Like you said netcode bug that has been around for a long time. Kudos to
Dylan for developing a fix independently. And for you attempting to show
this mod team what is flawed in their product. Will this fix work for
higher latency users as well?

-Stealthmode

On Tue, May 8, 2018, 16:38 William Kane  wrote:

> There is, currently (and has been for a long time, but that is another
> story), a bug that will lead to client / server hitboxes to become
> desynchronized from each other in certain situations.
>
> It can also be exploited by malicious clients to deliberately de-sync
> hitboxes, in a way that is undetectable in demos and while spectating - the
> bug happens because of how, in certain conditions, client holds back
> movements commands (CUserCmds) for transmission at a later time - and how
> the server animates said "batched" user commands, all in a single frame.
>
> By default, it basically works like this on client:
>
> 1.) On every frame, engine determines how many movement commands to
> create, based on how long it took to process last frame.
> 2.) If your frame rate drops below tickrate, engine will create additional
> movement commands per frame to keep up with tickrate.
> 3.) If there's more than one movement command to be created on any given
> frame, the engine will delay networking of created commands until the final
> one has been created.
>
> Now on server upon of arrival of CLC_Move message:
>
> 1.) Server parses all movement commands contained in CLC_Move packet, and
> runs simulation for each packet, in the order they were created on client.
> 2.) During simulation, players are simulated based on their inputs sent
> with their movement command, i.e. buttons pressed, etc.
> 3.) During simulation, server will also update server side animations used
> by hit registration.
>
> *The problem is that animation code only runs once per frame - if multiple
> movement commands are queued for execution in a single frame, only the
> first one passed in to be animated will be processed, later ones will be
> ignored due to server still being in the same frame.*
>
> Fixing this would be as easy as only animating during simulation of the
> final, most recent command out of a batch sent in by a client.
>
> Only the last command out of a CLC_Move packet simulated by the server
> will be broadcasted to players, other commands are of no use to animation
> and hit registration, clients don't get to render them and there is no lag
> compensation record created on those.
>
> Here is a video that show this bug in action by a *malicious client*,
> however due to how the engine works, players on bad connections or with bad
> computers can trigger this bug too, and thus desync animations.
>
> https://www.youtube.com/watch?v=hL3gxRv_5Jk
>
> This video, also demonstrates a community made fix, which fixes this
> issue, it's code can be found here - credits go to my friend Dylan:
>
> https://github.com/click4dylan/CSGO_FakeAngleFix
>
> Thank you for your attention.
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Update

[Stealth Mode]

The bad part is the bot mails aren't on one device. I have been contacted
outside of this list from someone using proton VPN/protonmail
harassing/stalking me with outdated personal information.

I suspect this is the same person who has these scripts running to spam the
list with random mail domain porn bots.

I am back tracing the Mac address of the proton VPN user now. I am awaiting
protons I.T. department to go through their server logs for the Swiss proxy
server they went through.

-Stealthmode

On Tue, May 8, 2018, 08:44 ics <i...@ics-base.net> wrote:

> These bots seem to spoof existing users and cause issues for them. For
> example, i got 2 mails from the list that i've been unsubscribed due to
> excessive bounces few weeks ago and i havent even posted to this list
> more than once in the last 4-5 months.
>
> Your membership in the mailing list Csgo_servers has been disabled due
> to excessive bounces The last bounce received from you was dated
> 22-Apr-2018.
>
> Propably going to receive yet another porn mail after this mail where
> some bot showcases image of some naked girl and pretends to be her.
>
> -ics
>
> ProJaCore wrote:
> > Porn bots are just a huge risk.
> >
> > they could reaolve your mac address and use the exploit to vacnet ban
> > you instantly permanent from valve servers.
> >
> > you should use a swarm cluster to protect yourself from incoming attacks;
> > all you need is just stackoverflows.
> >
> > Nomaan Ahmad <n0man@gmail.com <mailto:n0man@gmail.com>>
> > schrieb am Di., 8. Mai 2018, 09:59:
> >
> > Porn bots are a huge exploit. Just imagine if they uploaded a
> > picture and executed MD5 hashes on your PC through your browser or
> > email client. You're all doomed.
> >
> > Trust me, I have done PhD in hacking. I have branched off rocket
> > science into computer hacking.
> >
> > On Tue, 8 May 2018, 7:43 am Maxence Sartiaux, <cont...@makz.me
> > <mailto:cont...@makz.me>> wrote:
> >
> > Ban the porn bot by mac address
> >
> >
> > On 05/08/2018 07:55 AM, Stealth Mode wrote:
> >> BTW. Vitaliy. There is a lot of spam incoming from a porn bot
> >> to this list. From multiple domains. There is also someone
> >> using proton VPN and protonmail to stalk, and harass people
> >> on this list. Please forward this info to security.
> >>
> >> Thanks in advance.
> >>
> >> -Stealthmode
> >>
> >> On Mon, May 7, 2018, 16:43 Vitaliy Genkin
> >> <vita...@valvesoftware.com
> >> <mailto:vita...@valvesoftware.com>> wrote:
> >>
> >> An optional stability update for CS:GO game servers to
> >> address several network exploits has been released with
> >> PatchVersion=1.36.3.4 and ServerVersion=667.
> >>
> >>
> >> ___
> >> Csgo_servers mailing list
> >> Csgo_servers@list.valvesoftware.com
> >> <mailto:Csgo_servers@list.valvesoftware.com>
> >>
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
> >>
> >>
> >>
> >> ___
> >> Csgo_servers mailing list
> >> Csgo_servers@list.valvesoftware.com
> >> <mailto:Csgo_servers@list.valvesoftware.com>
> >>
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
> >
> > ___
> > Csgo_servers mailing list
> > Csgo_servers@list.valvesoftware.com
> > <mailto:Csgo_servers@list.valvesoftware.com>
> >
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
> >
> > ___
> > Csgo_servers mailing list
> > Csgo_servers@list.valvesoftware.com
> > <mailto:Csgo_servers@list.valvesoftware.com>
> > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
> >
> >
> >
> > ___
> > Csgo_servers mailing list
> > Csgo_servers@list.valvesoftware.com
> > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Update

[Stealth Mode]

BTW. Vitaliy. There is a lot of spam incoming from a porn bot to this list.
>From multiple domains. There is also someone using proton VPN and
protonmail to stalk, and harass people on this list. Please forward this
info to security.

Thanks in advance.

-Stealthmode

On Mon, May 7, 2018, 16:43 Vitaliy Genkin  wrote:

> An optional stability update for CS:GO game servers to address several
> network exploits has been released with PatchVersion=1.36.3.4 and
> ServerVersion=667.
>
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Update

[Stealth Mode]

Well looks like you aren't very knowledgeable David. Vertices, and faces
when not connected properly. Cause tremendous gfx lag/rendering issues.
Maps still compile. However, they will be very laggy in the broken/bugged
areas.

Yeah my original map was fun. th_cqb_training. Very intense map. With a non
havok based old school entity chains that created reactive environment.
Including hidden bombsites. That you had to blow stuff up to expose. I made
a few maps in Hammer editor since vALVE renamed WorldCraft. But not under
my normal nickname.

Anyway this is a topic more for the hlmappers list. We kindve hijacked the
original thread. I apologize to csgo devz for that.

-Stealthmode



On Mon, May 7, 2018, 18:54 David <dsenys...@gmail.com> wrote:

> Yeah if anyone wants to reply to him further please do it directly.
>
> On 7 May 2018 at 23:49, Dan B (Narry) <smelly.feet.you.h...@gmail.com>
> wrote:
>
>> Are we doing this again?
>>
>> On Mon, May 7, 2018 at 6:41 PM, Stealth Mode <stealthmode1...@gmail.com>
>> wrote:
>>
>>> I was mapping before you knew what cs even was. Lmao. Ever hear of
>>> worldcraft 3.3?
>>>
>>> On Mon, May 7, 2018, 18:28 David <dsenys...@gmail.com> wrote:
>>>
>>>> oh look, another topic stealthmode is clueless on
>>>>
>>>> On 7 May 2018 at 23:04, ProJaCore <projac...@gmail.com> wrote:
>>>>
>>>>> And there we go
>>>>>
>>>>> again? :)
>>>>>
>>>>> Stealth Mode <stealthmode1...@gmail.com> schrieb am Di., 8. Mai 2018,
>>>>> 01:03:
>>>>>
>>>>>> One additional feedback. Any chance tour environment mapping people
>>>>>> can go through there maps? And fix the tears, collisions, and other high
>>>>>> polygon/calculation areas? Meaning, fix the bugs in their mapping to help
>>>>>> reduce gfx lag/stuttering on some clients?
>>>>>>
>>>>>> If they need help shoot the uncompiled maps to this email address. It
>>>>>> really isn't hard to line up faces, and vertices properly.
>>>>>>
>>>>>> -Stealthmode
>>>>>>
>>>>>> On Mon, May 7, 2018, 17:57 Stealth Mode <stealthmode1...@gmail.com>
>>>>>> wrote:
>>>>>>
>>>>>>> +1
>>>>>>>
>>>>>>> Great job getting this update coded, and patched quickly to address
>>>>>>> the issues.
>>>>>>>
>>>>>>> On Mon, May 7, 2018, 16:43 Vitaliy Genkin <vita...@valvesoftware.com>
>>>>>>> wrote:
>>>>>>>
>>>>>>>> An optional stability update for CS:GO game servers to address
>>>>>>>> several network exploits has been released with PatchVersion=1.36.3.4 
>>>>>>>> and
>>>>>>>> ServerVersion=667.
>>>>>>>>
>>>>>>>>
>>>>>>>> ___
>>>>>>>> Csgo_servers mailing list
>>>>>>>> Csgo_servers@list.valvesoftware.com
>>>>>>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>>>>>>
>>>>>>> ___
>>>>>> Csgo_servers mailing list
>>>>>> Csgo_servers@list.valvesoftware.com
>>>>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>>>>
>>>>>
>>>>> ___
>>>>> Csgo_servers mailing list
>>>>> Csgo_servers@list.valvesoftware.com
>>>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>>>>
>>>>
>>>> ___
>>>> Csgo_servers mailing list
>>>> Csgo_servers@list.valvesoftware.com
>>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>>
>>>
>>> ___
>>> Csgo_servers mailing list
>>> Csgo_servers@list.valvesoftware.com
>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>>
>>
>>
>> ___
>> Csgo_servers mailing list
>> Csgo_servers@list.valvesoftware.com
>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Update

[Stealth Mode]

Nevermind. I don't run the client. Don't have the resource files. I only
install these servers. I still play source. No offense. But a mod that
isn't as good as source isn't worth my time. The store is a vulnerability
too. Ever check those weapon skins? You'd be surprised what's embedded in
them.

-Stealthmode

On Mon, May 7, 2018, 16:43 Vitaliy Genkin  wrote:

> An optional stability update for CS:GO game servers to address several
> network exploits has been released with PatchVersion=1.36.3.4 and
> ServerVersion=667.
>
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Update

[Stealth Mode]

your* their*

On Mon, May 7, 2018, 18:01 Stealth Mode <stealthmode1...@gmail.com> wrote:

> One additional feedback. Any chance tour environment mapping people can go
> through there maps? And fix the tears, collisions, and other high
> polygon/calculation areas? Meaning, fix the bugs in their mapping to help
> reduce gfx lag/stuttering on some clients?
>
> If they need help shoot the uncompiled maps to this email address. It
> really isn't hard to line up faces, and vertices properly.
>
> -Stealthmode
>
> On Mon, May 7, 2018, 17:57 Stealth Mode <stealthmode1...@gmail.com> wrote:
>
>> +1
>>
>> Great job getting this update coded, and patched quickly to address the
>> issues.
>>
>> On Mon, May 7, 2018, 16:43 Vitaliy Genkin <vita...@valvesoftware.com>
>> wrote:
>>
>>> An optional stability update for CS:GO game servers to address several
>>> network exploits has been released with PatchVersion=1.36.3.4 and
>>> ServerVersion=667.
>>>
>>>
>>> ___
>>> Csgo_servers mailing list
>>> Csgo_servers@list.valvesoftware.com
>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>
>>
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Update

[Stealth Mode]

One additional feedback. Any chance tour environment mapping people can go
through there maps? And fix the tears, collisions, and other high
polygon/calculation areas? Meaning, fix the bugs in their mapping to help
reduce gfx lag/stuttering on some clients?

If they need help shoot the uncompiled maps to this email address. It
really isn't hard to line up faces, and vertices properly.

-Stealthmode

On Mon, May 7, 2018, 17:57 Stealth Mode <stealthmode1...@gmail.com> wrote:

> +1
>
> Great job getting this update coded, and patched quickly to address the
> issues.
>
> On Mon, May 7, 2018, 16:43 Vitaliy Genkin <vita...@valvesoftware.com>
> wrote:
>
>> An optional stability update for CS:GO game servers to address several
>> network exploits has been released with PatchVersion=1.36.3.4 and
>> ServerVersion=667.
>>
>>
>> ___
>> Csgo_servers mailing list
>> Csgo_servers@list.valvesoftware.com
>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
>
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Update

[Stealth Mode]

+1

Great job getting this update coded, and patched quickly to address the
issues.

On Mon, May 7, 2018, 16:43 Vitaliy Genkin  wrote:

> An optional stability update for CS:GO game servers to address several
> network exploits has been released with PatchVersion=1.36.3.4 and
> ServerVersion=667.
>
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Exploit that spams/lags clients

[Stealth Mode]

A) when customers request them at the data centers I do install, and
operate go servers. As well as hlds, and source servers. And half a dozen
other fps products.

B) it isn't spam to those who recognize a free education.

C) you are now blocked from further communications outside of your home
network to me.

End of Discussion.

On Wed, Apr 25, 2018, 10:34 Charalampos Galanis <xngala...@gmail.com> wrote:

> Is there a way to unsubscribe from this mailing list? Sick of your spam
> plus currently not owning any csgo server ,and even if I still had one ,
> this mailing list is not as helpful as it was 5 years ago.
>
> Tried visiting https://developer.valvesoftware.com/wiki/Valve_Mailing_List
> , clicked csgo_servers, as well as other  mailing list links but none of
> them ever responding.
>
> Thank you.
>
> Στις Τετ, 25 Απρ 2018, 17:00 ο χρήστης Kristin A <azalea...@gmail.com>
> έγραψε:
>
>> Okay this latest BS _is_ actually relevant to CS so I'm responding again.
>> There were two servers that were handing out Steam IDs back then;
>> STEAM_0:1: just represents the alternate. There is no such thing as WON ID
>> to Steam, they were merely incremental.
>>
>> Signed, STEAM_0:1:12*** who knows that the MAC address on the ethernet
>> frame is only used in the local domain, and has worked in network
>> engineering for over 14 years.
>>
>> On 25 April 2018 at 08:35, Stealth Mode <stealthmode1...@gmail.com>
>> wrote:
>>
>>> Lastly. To those posting steam_0:1 IDs. There is a few million people
>>> between 0:0 and 0:1. You'd have to know how the algorithm works to
>>> understand wonid to steamid conversion.
>>>
>>> And since none have produced a wonid. None are qualified. Ignored.
>>>
>>> ___
>> Csgo_servers mailing list
>> Csgo_servers@list.valvesoftware.com
>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] stealthmode's hodge podge of facts sprinkled amongst outright lies

[Stealth Mode]

Last message for the kids.

Do you know what a field programmable gate array is? Because you refer to
them as CPU/gpu. Do you know what f.p.g.a., and e.e.p.r.o.m., and p.r.o.m.
are? Those are the 4 bit through 64 bit programmable logic controllers that
every "computer" ever made uses to have a "machine/pc". Including the 16
bit hexidecimal/machine assembly language utilizing logic controller that
stores Mac addresses known as the U.A.R.T. chip in your network interface
card/onboard lan/wifi adapters.

Some of us can go below the hardware layer. We don't ban by IP addressing.
That was the point of the previous topic. Cause anyone can walk under the
hardware layer without detection, and without being able to be
seen/tracked/banned. The point was to ban by Mac address because most of
the script kiddies, and amateurs. Those who aren't trained in electronics,
and especially binary logic controller programming. Will never be able to
connect to your go server to run malicious scripts.

That was the point. Have a nice day. A large number of people from the
previous topic are now blocked permanently from any type of communication
to my dmz.

Furthermore. The suggestion to run your servers through a VMware/virtual
machine is always a good idea. It keeps the environment sandboxed to keep
the physical hardware from being damaged by malicious files/packets/scripts.

End of Discussion.


On Wed, Apr 25, 2018, 08:41 Stealth Mode <stealthmode1...@gmail.com> wrote:

> The Internet Protocol address is assigned by the operating system
> contacting the network administration device which is normally a switch,
> router, or hub. It checks these devices for a free Internet Protocol
> address. And the packets the network sends has a footer and a header with
> this IP addressing.
>
> Once you have this IP address you can then pulse the dmz of the router and
> pull it's network allocation table. Once this is done you have every Mac
> address on the network.
>
> However, with just a pkt sniffer you can go directly to someone's is and
> pull their Mac address right out of the network interface cards read only
> memory which is stored under the device table for the operating system
> which is connected to the internet Protocol address you are using.
>
> Literally, a phone line can be tapped with 0 and 1 about a 1,000-10,000
> taps. And your machine will randomly shut off.
>
> On Tue, Apr 24, 2018, 12:55 Jack Emerson <jackemer...@mail.com> wrote:
>
>> Your public IP address is assigned by your ISP independent of your
>> hardware. Are you mad?
>>
>> Why am I even replying...I'm part of the problem.
>> ___
>> Csgo_servers mailing list
>> Csgo_servers@list.valvesoftware.com
>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
>
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] stealthmode's hodge podge of facts sprinkled amongst outright lies

[Stealth Mode]

The Internet Protocol address is assigned by the operating system
contacting the network administration device which is normally a switch,
router, or hub. It checks these devices for a free Internet Protocol
address. And the packets the network sends has a footer and a header with
this IP addressing.

Once you have this IP address you can then pulse the dmz of the router and
pull it's network allocation table. Once this is done you have every Mac
address on the network.

However, with just a pkt sniffer you can go directly to someone's is and
pull their Mac address right out of the network interface cards read only
memory which is stored under the device table for the operating system
which is connected to the internet Protocol address you are using.

Literally, a phone line can be tapped with 0 and 1 about a 1,000-10,000
taps. And your machine will randomly shut off.

On Tue, Apr 24, 2018, 12:55 Jack Emerson  wrote:

> Your public IP address is assigned by your ISP independent of your
> hardware. Are you mad?
>
> Why am I even replying...I'm part of the problem.
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Exploit that spams/lags clients

[Stealth Mode]

Lastly. To those posting steam_0:1 IDs. There is a few million people
between 0:0 and 0:1. You'd have to know how the algorithm works to
understand wonid to steamid conversion.

And since none have produced a wonid. None are qualified. Ignored.

On Wed, Apr 25, 2018, 08:30 Stealth Mode <stealthmode1...@gmail.com> wrote:

> At the copy paste comments.
>
> Sure thing. But it's cool that you try to laugh when you're not educated.
> We at the w3 consortium always attemtp to educate but also do not laugh not
> ridicule when we come across idiots in the industry who think they know it
> all.
>
> -StealthMode
>
> On Wed, Apr 25, 2018, 06:05 Ryan Bentley <rdp...@gmail.com> wrote:
>
>> Stealth,
>>
>> I'm currently doing an undergraduate in CS. I've pasted your nonsense
>> into one of our forums as a copypasta for sweet forum karma. Thank you for
>> making us all laugh! It's funny that you keep mentioning education. If you
>> sat an online course that covers some basic CS material, you'd be able to
>> see how ridiculous the things you type are. You have a serious delusional
>> problem. I suggest you seek help... I can't imagine how unbearable you must
>> be IRL.
>>
>> If you ever do become self-aware, you should ask your best friend
>> "Alfred" to delete these messages as it's pretty embarrassing and if you
>> google "Stealthmode1975" it comes up with some other awkward things.
>>
>> Hope you get help soon.
>>
>> On Wed, Apr 25, 2018 at 7:14 AM, Stefan Reusch <kenter...@gmail.com>
>> wrote:
>>
>>> After reading all these messages i came up with an idea. I've reversed
>>> the very well explained IP to mac and backward converter to create whole
>>> new technology. I name it mail filter. Possible some of you have already
>>> reading something about it. It makes it possible to convert unwanted to
>>> spam to a clean and readable email experience. Possible with some extra
>>> work we could extend the magical converter to an IP  -> mac -> personal
>>> identity -> dns profile converter.
>>>
>>> PS: Plesse valve do something against trolls like stealthmode
>>>
>>> ___
>>> Csgo_servers mailing list
>>> Csgo_servers@list.valvesoftware.com
>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>>
>>
>> ___
>> Csgo_servers mailing list
>> Csgo_servers@list.valvesoftware.com
>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
>
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Exploit that spams/lags clients

[Stealth Mode]

@Christian

Run your pkt through a hex editor. Extract the header and footer with a pkt
sniffer. Now decode as if you were physically translating the logic state
that generated the header/footer of the pkt.

Now translate. And your Mac address is right there. I already explained why
IP banning is pointless. And all Christian did was confirm what I said. IP
can be spoofed. Mac cannot.

On Tue, Apr 24, 2018, 14:29 Christian Burns <christian.d.bu...@gmail.com>
wrote:

> That's funny.
>
> My internal IP address is 192.168.0.150, submit is 255.255.255.0. However,
> I can change my IP to 10.0.0.1 with Submit 255.255.255.0. Does that
> translate to the same MAC address? no... lol
>
> On Tue, Apr 24, 2018 at 11:14 AM, thethorgot <thethor...@gmail.com> wrote:
>
>> He's a crank: https://en.m.wikipedia.org/wiki/Crank_(person)
>>
>> Arguing with him is not a good use of your time.
>>
>> On Tue, Apr 24, 2018, 10:01 AM Michael Loveless <mloveless1...@gmail.com>
>> wrote:
>>
>>> ​Would you be so kind as to explain all of this in greater detail and
>>> with as many more words as possible, please?
>>>
>>> On Tue, Apr 24, 2018 at 12:42 PM, Stealth Mode <
>>> stealthmode1...@gmail.com> wrote:
>>>
>>>> Mac addresses translate up to IP addresses. That's how they make it out
>>>> of the "home network" before the router. IP translation. Hexidecimal to
>>>> decimal plus subnet mask. What most people who haven't studied electronics
>>>> first, prior to I.T.. Is that your Mac address converts even lower to
>>>> binary. Which every piece of electronics hardware uses to speak to one
>>>> another. Including routers, switches, gateways, headends, network interface
>>>> devices, fiber optics cabling/75ohm coax cabling, frame relays, t1/t3,
>>>> blade servers, switch master/slave, etc.
>>>>
>>>> It all comes down to a single bit. An electron with either 0-2.5vdc, or
>>>> 2.5-5vdc. A low state, or a high state. And your IP address directly
>>>> translates down to the Mac address below the software/transport layer (
>>>> below the hardware layer, the writable electronics components layer ) of
>>>> the OSI model. In this layer everything is binary addressed before machine
>>>> assembly/reassembly. Ya know the layer where only us electronics engineers,
>>>> and technicians really know how it all works.
>>>>
>>>> If you've ever seen a network training curriculum you know what an IP
>>>> address range/translation table was built from. And if you knew electronics
>>>> you'd know how computers, cellular phones, and lan/wifi all tie in
>>>> together. If it's connected to a network it has a Mac address. Because Macs
>>>> have to be used to communicate OVER a network. Through translation in the
>>>> software layer before packet assembly to the transport layer. And once you
>>>> translate down to a Mac address you can filter all incoming udp packets
>>>> from any given device using Mac addressing.
>>>>
>>>> It's not for just the hobbyist who doesn't really know how electronic
>>>> components speak to one another.
>>>>
>>>> Period. That said. Have a nice day. Very few here have a proper
>>>> education in networking/NETSec/ITSec. Most of these people are running
>>>> leased servers, most of the ones with the immature responses. Who don't
>>>> have a CLUE how it all really works.
>>>>
>>>> When you begin studying ccde/ccie through Cisco come speak with me.
>>>> Until then, make all the juvenile untrained/uneducated comments you want. I
>>>> really don't care. I stopped running a go server the second I found out
>>>> people still play source. Less bugs. Less vulnerabilities. Less bugged
>>>> netcode. And much easier to modify.
>>>>
>>>> Willing to bet no one here ever used the sdk either. Or you'd know what
>>>> code was flawed in go.
>>>>
>>>> I will comment from time to time to pass along wisdom. I will ignore
>>>> the juveniles, and uneducated people that respond in ignorance/lack of
>>>> education. Ya read a tutorial on how to setup an hlds/go server and you
>>>> think you know everything. When you have one piece of a ten thousand piece
>>>> puzzle figured out.
>>>>
>>>> Just this list. So you know the packets it took just for this msg to
>>>> get to Valve servers and to your 

Re: [Csgo_servers] Exploit that spams/lags clients

[Stealth Mode]

Addendum:
To the nitpickers. Yes it wasn't Dr. Gordon Freeman. Couldn't be without
permission from vALVE. But it really is Dr. Freeman.

One day I'll post a history lesson thread of the evolution of Half-Life,
and Counter-Strike from when I first knew it to present. Before Havok there
was unreal. Before unreal there was quake2. That engine is the why, and
when I started following half lifes release. And jumped in counter-strike
during beta 5.2 forward to present. I've also
installed/maintained/administrated hlds servers since 1998. Including
source servers, and present go servers ( when people actually want them ).
Wonder where all of those Cs: source players went? Cause Global Ops doesn't
have half the gaming population that source, and 1.6 had. Hope vALVE
finishes development of hl3/cs3 soon. Or otherwise they will lose more
market share of the fps market by licensing their products to amateurs.
Cough global ops developers.

Have a good day.

-StealthMode



On Tue, Apr 24, 2018, 15:07 Stealth Mode <stealthmode1...@gmail.com> wrote:

> Before anyone else responds. What is a WONid? Nilo will remember. A few
> others might too. Mine was 2116995. It converted to Steam_0:0:28918 on
> launch of the Steam™ platform. I also remember crowbars in counter-strike.
>
> I've hung out in Valve update chats before some of you were even born. If
> you don't have a wonid. Don't reply to anything I ever message this, or any
> Valve sponsored list. And if you don't have a masters degree in C.S., I.T.,
> or a B.S.E.E./PhD in Electronics Engineering then please also refrain from
> replying to anything I post on this list. Also, if you weren't a full E.T.
> in the U.S. military prior to splitting of the E.T. field into subfields (
> wasn't my only job, lol ). Again please refrain from responding, or
> replying.
>
> You're not credentialed, nor qualified to speak to me, or about me.
>
> To anyone else who ever has a problem that you can't solve on your own
> that is I.T./server related, feel free to copy my email address down. Or
> msg on this, or any Valve list.
>
>
> Off Topic: More for Gusman (Gooseman) than anyone.
> I never understood one thing. Why do terrorists get two modified ct usp
> skins/models as elites? But ct never got twin .40 usp tacticals instead of
> a 5.7mm garbage pistol? I hate logging in & joining ct. And having to ask
> terrorists to buy elites just so when I frag them I can have twin .40 usp
> tacticals. 8)
>
> Also. In case no one realizes. Global ops is just a counter-strike source
> modification without the randomizer turned up ( recoil simulation ), and a
> LOT more bugs & vulnerabilities. Very high polygon counts (creates lag),
> and bugs ( bad clipping/collision of entities, and solids ) in the maps
> compared to Source as well. See ya around the platform.
>
> Also, seen something funny in a movie recently. Was watching Deadpool, and
> noticed a very nice Easter egg in it. Dr. Freeman. Didn't notice at first
> that the actor looked almost exactly like Freeman in HL. Minus the glasses.
> Conducting experimental banned mutant research. Someone who wrote that
> script is a fan of HL. LMAO. Check out the label in Deadpools hand from the
> lab coat when he's antagonizing "Ajax". Dr. Francis Freeman. Very cool
> Easter egg.
>
> End of Communications.
>
> -StealthMode
> The Original
>
> On Tue, Apr 24, 2018, 12:31 Stealth Mode <stealthmode1...@gmail.com>
> wrote:
>
>> Mac addresses translate up to IP addresses. That's how they make it out
>> of the "home network" before the router. IP translation. Hexidecimal to
>> decimal plus subnet mask. What most people who haven't studied electronics
>> first, prior to I.T.. Is that your Mac address converts even lower to
>> binary. Which every piece of electronics hardware uses to speak to one
>> another. Including routers, switches, gateways, headends, network interface
>> devices, fiber optics cabling/75ohm coax cabling, frame relays, t1/t3,
>> blade servers, switch master/slave, etc.
>>
>> It all comes down to a single bit. An electron with either 0-2.5vdc, or
>> 2.5-5vdc. A low state, or a high state. And your IP address directly
>> translates down to the Mac address below the software/transport layer (
>> below the hardware layer, the writable electronics components layer ) of
>> the OSI model. In this layer everything is binary addressed before machine
>> assembly/reassembly. Ya know the layer where only us electronics engineers,
>> and technicians really know how it all works.
>>
>> If you've ever seen a network training curriculum you know what an IP
>> address range/translation table was built from. And if you knew electronics
>> you'd know how compu

Re: [Csgo_servers] Exploit that spams/lags clients

[Stealth Mode]

Before anyone else responds. What is a WONid? Nilo will remember. A few
others might too. Mine was 2116995. It converted to Steam_0:0:28918 on
launch of the Steam™ platform. I also remember crowbars in counter-strike.

I've hung out in Valve update chats before some of you were even born. If
you don't have a wonid. Don't reply to anything I ever message this, or any
Valve sponsored list. And if you don't have a masters degree in C.S., I.T.,
or a B.S.E.E./PhD in Electronics Engineering then please also refrain from
replying to anything I post on this list. Also, if you weren't a full E.T.
in the U.S. military prior to splitting of the E.T. field into subfields (
wasn't my only job, lol ). Again please refrain from responding, or
replying.

You're not credentialed, nor qualified to speak to me, or about me.

To anyone else who ever has a problem that you can't solve on your own that
is I.T./server related, feel free to copy my email address down. Or msg on
this, or any Valve list.


Off Topic: More for Gusman (Gooseman) than anyone.
I never understood one thing. Why do terrorists get two modified ct usp
skins/models as elites? But ct never got twin .40 usp tacticals instead of
a 5.7mm garbage pistol? I hate logging in & joining ct. And having to ask
terrorists to buy elites just so when I frag them I can have twin .40 usp
tacticals. 8)

Also. In case no one realizes. Global ops is just a counter-strike source
modification without the randomizer turned up ( recoil simulation ), and a
LOT more bugs & vulnerabilities. Very high polygon counts (creates lag),
and bugs ( bad clipping/collision of entities, and solids ) in the maps
compared to Source as well. See ya around the platform.

Also, seen something funny in a movie recently. Was watching Deadpool, and
noticed a very nice Easter egg in it. Dr. Freeman. Didn't notice at first
that the actor looked almost exactly like Freeman in HL. Minus the glasses.
Conducting experimental banned mutant research. Someone who wrote that
script is a fan of HL. LMAO. Check out the label in Deadpools hand from the
lab coat when he's antagonizing "Ajax". Dr. Francis Freeman. Very cool
Easter egg.

End of Communications.

-StealthMode
The Original

On Tue, Apr 24, 2018, 12:31 Stealth Mode <stealthmode1...@gmail.com> wrote:

> Mac addresses translate up to IP addresses. That's how they make it out of
> the "home network" before the router. IP translation. Hexidecimal to
> decimal plus subnet mask. What most people who haven't studied electronics
> first, prior to I.T.. Is that your Mac address converts even lower to
> binary. Which every piece of electronics hardware uses to speak to one
> another. Including routers, switches, gateways, headends, network interface
> devices, fiber optics cabling/75ohm coax cabling, frame relays, t1/t3,
> blade servers, switch master/slave, etc.
>
> It all comes down to a single bit. An electron with either 0-2.5vdc, or
> 2.5-5vdc. A low state, or a high state. And your IP address directly
> translates down to the Mac address below the software/transport layer (
> below the hardware layer, the writable electronics components layer ) of
> the OSI model. In this layer everything is binary addressed before machine
> assembly/reassembly. Ya know the layer where only us electronics engineers,
> and technicians really know how it all works.
>
> If you've ever seen a network training curriculum you know what an IP
> address range/translation table was built from. And if you knew electronics
> you'd know how computers, cellular phones, and lan/wifi all tie in
> together. If it's connected to a network it has a Mac address. Because Macs
> have to be used to communicate OVER a network. Through translation in the
> software layer before packet assembly to the transport layer. And once you
> translate down to a Mac address you can filter all incoming udp packets
> from any given device using Mac addressing.
>
> It's not for just the hobbyist who doesn't really know how electronic
> components speak to one another.
>
> Period. That said. Have a nice day. Very few here have a proper education
> in networking/NETSec/ITSec. Most of these people are running leased
> servers, most of the ones with the immature responses. Who don't have a
> CLUE how it all really works.
>
> When you begin studying ccde/ccie through Cisco come speak with me. Until
> then, make all the juvenile untrained/uneducated comments you want. I
> really don't care. I stopped running a go server the second I found out
> people still play source. Less bugs. Less vulnerabilities. Less bugged
> netcode. And much easier to modify.
>
> Willing to bet no one here ever used the sdk either. Or you'd know what
> code was flawed in go.
>
> I will comment from time to time to pass along wisdom. I will ignore the
> juveniles, and uneducate

Re: [Csgo_servers] Exploit that spams/lags clients

[Stealth Mode]

Mac addresses translate up to IP addresses. That's how they make it out of
the "home network" before the router. IP translation. Hexidecimal to
decimal plus subnet mask. What most people who haven't studied electronics
first, prior to I.T.. Is that your Mac address converts even lower to
binary. Which every piece of electronics hardware uses to speak to one
another. Including routers, switches, gateways, headends, network interface
devices, fiber optics cabling/75ohm coax cabling, frame relays, t1/t3,
blade servers, switch master/slave, etc.

It all comes down to a single bit. An electron with either 0-2.5vdc, or
2.5-5vdc. A low state, or a high state. And your IP address directly
translates down to the Mac address below the software/transport layer (
below the hardware layer, the writable electronics components layer ) of
the OSI model. In this layer everything is binary addressed before machine
assembly/reassembly. Ya know the layer where only us electronics engineers,
and technicians really know how it all works.

If you've ever seen a network training curriculum you know what an IP
address range/translation table was built from. And if you knew electronics
you'd know how computers, cellular phones, and lan/wifi all tie in
together. If it's connected to a network it has a Mac address. Because Macs
have to be used to communicate OVER a network. Through translation in the
software layer before packet assembly to the transport layer. And once you
translate down to a Mac address you can filter all incoming udp packets
from any given device using Mac addressing.

It's not for just the hobbyist who doesn't really know how electronic
components speak to one another.

Period. That said. Have a nice day. Very few here have a proper education
in networking/NETSec/ITSec. Most of these people are running leased
servers, most of the ones with the immature responses. Who don't have a
CLUE how it all really works.

When you begin studying ccde/ccie through Cisco come speak with me. Until
then, make all the juvenile untrained/uneducated comments you want. I
really don't care. I stopped running a go server the second I found out
people still play source. Less bugs. Less vulnerabilities. Less bugged
netcode. And much easier to modify.

Willing to bet no one here ever used the sdk either. Or you'd know what
code was flawed in go.

I will comment from time to time to pass along wisdom. I will ignore the
juveniles, and uneducated people that respond in ignorance/lack of
education. Ya read a tutorial on how to setup an hlds/go server and you
think you know everything. When you have one piece of a ten thousand piece
puzzle figured out.

Just this list. So you know the packets it took just for this msg to get to
Valve servers and to your isp smtp server? Probably not.

Probably don't know what packet sniffing is, nor who does it, nor how it
can be injected/reformed/malformed. So farewell to the script kiddies and
juvenile mentality people on this list.

To everyone else, see ya on the next issue you're encountering server side.
And Hi Alfred been a minute since I wrote directly. Hope Gabe doesn't fall
asleep on hl3/cs3 development. Steam needs an update too. A 64 bit Steam
squared client using vulkan based api, and rendering would be nice as well.
You could port the older games content to mobile/any device, and launch the
newer stuff on whatever platforms you wanted.

Someday I will let Alfred explain how Steam became Steam when it was
originally called Reaktor.

-StealthMode

On Tue, Apr 24, 2018, 09:30 m0gely <m0g...@gmail.com> wrote:

> MAC addresses are unique to each network hardware component and assigned
> by the manufacture. They are also non-routable, meaning that information
> doesn't make it past the home router the device is connected to. A CS
> server won't see a client's MAC. Also, IP addresses are handed out by each
> ISP. How could one ever be translated into another? Clients can get
> different IP's from their router at home at any time and their router will
> get different IP's from the ISP frequently as well. The MAC doesn't change,
> the IP likely will. The two are unrelated to each other. This is all basic
> network knowledge and easily searchable. Maybe you can provide a link to
> something that is the reason you think this way.
>
> Going back to lurker mode.
>
> On Tue, Apr 24, 2018 at 3:57 AM Stealth Mode <stealthmode1...@gmail.com>
> wrote:
>
>> When you uneducated people learn electronics you will understand the
>> difference between a script kiddie. And a professional electronics engineer
>> who branched into I.T.
>>
>> Everything I have stated is fact.
>>
>> On Tue, Apr 24, 2018, 05:34 Ryan Bentley <rdp...@gmail.com> wrote:
>>
>>> Literally everything you type is completely incorrect. You completely
>>> misunderstand the fundamental basics. I nearly choked 

Re: [Csgo_servers] Exploit that spams/lags clients

[Stealth Mode]

When you uneducated people learn electronics you will understand the
difference between a script kiddie. And a professional electronics engineer
who branched into I.T.

Everything I have stated is fact.

On Tue, Apr 24, 2018, 05:34 Ryan Bentley <rdp...@gmail.com> wrote:

> Literally everything you type is completely incorrect. You completely
> misunderstand the fundamental basics. I nearly choked laughing on my tea
> when you thought you could translate a MAC address to an IP address. How do
> you screw up so badly? Get some therapy or something man, you are lying to
> yourself every day.
>
> On Tue, Apr 24, 2018 at 9:25 AM, Stealth Mode <stealthmode1...@gmail.com>
> wrote:
>
>> Ok kids. Have fun trying to denounce without having the education, or
>> knowledge of electronics engineering + I.T. to even have a valid base to
>> speak from. I shared what I was here to share. Call it nonsense if you
>> wish. Professionals know it is not.
>>
>> Good day.
>>
>> On Mon, Apr 23, 2018, 04:39 Ryan Bentley <rdp...@gmail.com> wrote:
>>
>>> Stealth, you are either a 10/10 troll or a seriously deluded person. You
>>> have less knowledge than a 1st year CS student.
>>>
>>> On Mon, Apr 23, 2018 at 6:47 AM, Stealth Mode <stealthmode1...@gmail.com
>>> > wrote:
>>>
>>>> Your Mac address is converted at the handoff between the hardware
>>>> layer, and the transport/packet layer. It then converts to an IP address.
>>>> Google converters for deci to hexidecimal. There are plenty out there. Run
>>>> a plt sniffer or rcon or netstat table of connections for the IP connected
>>>> to your machine.
>>>>
>>>> On Sun, Apr 22, 2018, 01:39 Zaretti Steve <kosso...@gmail.com> wrote:
>>>>
>>>>> you are right. You can only see the mac of the nearest switch/router.
>>>>> Stealth Mode is just spamming some random word.
>>>>>
>>>>> 2018-04-22 6:42 GMT+02:00 Mukunda Johnson <muku...@mukunda.com>:
>>>>> > I'm pretty sure mac addresses aren't even exposed to the server;
>>>>> this topic
>>>>> > is getting pretty derailed isn't it?
>>>>> >
>>>>> > On Sat, Apr 21, 2018 at 8:48 PM, Nomaan Ahmad <n0man@gmail.com>
>>>>> wrote:
>>>>> >>
>>>>> >> Where can I find this IP/decimal to Mac converter you speak of?
>>>>> Could you
>>>>> >> give an example? You speak highly of yourself, here is your chance
>>>>> to prove
>>>>> >> it.
>>>>> >>
>>>>> >> On Sun, 22 Apr 2018, 4:07 am Stealth Mode, <
>>>>> stealthmode1...@gmail.com>
>>>>> >> wrote:
>>>>> >>>
>>>>> >>> The fix is to create a bash script that looks for that in the
>>>>> server log
>>>>> >>> (the repietitive call to null.wav), and automatically ban. If you
>>>>> push the
>>>>> >>> IP through a ip/decimal conversion tool you can make it a Mac
>>>>> address ban
>>>>> >>> right in the hardware packet/transport layer.
>>>>> >>>
>>>>> >>> End of message.
>>>>> >>>
>>>>> >>> On Thu, Apr 19, 2018, 20:04 wickedplayer494 <
>>>>> wickedplayer...@gmail.com>
>>>>> >>> wrote:
>>>>> >>>>
>>>>> >>>> Just to keep everyone on the list in the loop, McJohn said that a
>>>>> fix
>>>>> >>>> for servers crashing (which I can only assume is a result of
>>>>> this) is being
>>>>> >>>> worked on:
>>>>> >>>>
>>>>> https://www.reddit.com/r/GlobalOffensive/comments/8d7hkr/3kliksphilips_interview_with_a_cheater/dxljl53/?context=3
>>>>> >>>>
>>>>> >>>> On 4/17/2018 3:22 PM, iNilo wrote:
>>>>> >>>>
>>>>> >>>> A player on my server was able to spam all the clients with a
>>>>> script he
>>>>> >>>> later linked ( https://hastebin.com/fufarowuba.cpp )
>>>>> >>>>
>>>>> >>>> its causing massive console spams.
>>>>> >>>>
>>>>> >>>> https://i.imgur.com/nOWLkeq.png
>&g

Re: [Csgo_servers] Exploit that spams/lags clients

[Stealth Mode]

Ok kids. Have fun trying to denounce without having the education, or
knowledge of electronics engineering + I.T. to even have a valid base to
speak from. I shared what I was here to share. Call it nonsense if you
wish. Professionals know it is not.

Good day.

On Mon, Apr 23, 2018, 04:39 Ryan Bentley <rdp...@gmail.com> wrote:

> Stealth, you are either a 10/10 troll or a seriously deluded person. You
> have less knowledge than a 1st year CS student.
>
> On Mon, Apr 23, 2018 at 6:47 AM, Stealth Mode <stealthmode1...@gmail.com>
> wrote:
>
>> Your Mac address is converted at the handoff between the hardware layer,
>> and the transport/packet layer. It then converts to an IP address. Google
>> converters for deci to hexidecimal. There are plenty out there. Run a plt
>> sniffer or rcon or netstat table of connections for the IP connected to
>> your machine.
>>
>> On Sun, Apr 22, 2018, 01:39 Zaretti Steve <kosso...@gmail.com> wrote:
>>
>>> you are right. You can only see the mac of the nearest switch/router.
>>> Stealth Mode is just spamming some random word.
>>>
>>> 2018-04-22 6:42 GMT+02:00 Mukunda Johnson <muku...@mukunda.com>:
>>> > I'm pretty sure mac addresses aren't even exposed to the server; this
>>> topic
>>> > is getting pretty derailed isn't it?
>>> >
>>> > On Sat, Apr 21, 2018 at 8:48 PM, Nomaan Ahmad <n0man@gmail.com>
>>> wrote:
>>> >>
>>> >> Where can I find this IP/decimal to Mac converter you speak of? Could
>>> you
>>> >> give an example? You speak highly of yourself, here is your chance to
>>> prove
>>> >> it.
>>> >>
>>> >> On Sun, 22 Apr 2018, 4:07 am Stealth Mode, <stealthmode1...@gmail.com
>>> >
>>> >> wrote:
>>> >>>
>>> >>> The fix is to create a bash script that looks for that in the server
>>> log
>>> >>> (the repietitive call to null.wav), and automatically ban. If you
>>> push the
>>> >>> IP through a ip/decimal conversion tool you can make it a Mac
>>> address ban
>>> >>> right in the hardware packet/transport layer.
>>> >>>
>>> >>> End of message.
>>> >>>
>>> >>> On Thu, Apr 19, 2018, 20:04 wickedplayer494 <
>>> wickedplayer...@gmail.com>
>>> >>> wrote:
>>> >>>>
>>> >>>> Just to keep everyone on the list in the loop, McJohn said that a
>>> fix
>>> >>>> for servers crashing (which I can only assume is a result of this)
>>> is being
>>> >>>> worked on:
>>> >>>>
>>> https://www.reddit.com/r/GlobalOffensive/comments/8d7hkr/3kliksphilips_interview_with_a_cheater/dxljl53/?context=3
>>> >>>>
>>> >>>> On 4/17/2018 3:22 PM, iNilo wrote:
>>> >>>>
>>> >>>> A player on my server was able to spam all the clients with a
>>> script he
>>> >>>> later linked ( https://hastebin.com/fufarowuba.cpp )
>>> >>>>
>>> >>>> its causing massive console spams.
>>> >>>>
>>> >>>> https://i.imgur.com/nOWLkeq.png
>>> >>>>
>>> >>>> Someone has a fix for this?
>>> >>>>
>>> >>>> - iNilo.
>>> >>>>
>>> >>>>
>>> >>>>
>>> >>>> ___
>>> >>>> Csgo_servers mailing list
>>> >>>> Csgo_servers@list.valvesoftware.com
>>> >>>>
>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>> >>>>
>>> >>>> ___
>>> >>>> Csgo_servers mailing list
>>> >>>> Csgo_servers@list.valvesoftware.com
>>> >>>>
>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>> >>>
>>> >>> ___
>>> >>> Csgo_servers mailing list
>>> >>> Csgo_servers@list.valvesoftware.com
>>> >>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>> >>
>>> >>
>>> >> ___
>>> >> Csgo_servers mailing list
>>> >> Csgo_servers@list.valvesoftware.com
>>> >> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>> >
>>> >
>>> >
>>> > ___
>>> > Csgo_servers mailing list
>>> > Csgo_servers@list.valvesoftware.com
>>> > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>>
>>> ___
>>> Csgo_servers mailing list
>>> Csgo_servers@list.valvesoftware.com
>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>
>>
>> ___
>> Csgo_servers mailing list
>> Csgo_servers@list.valvesoftware.com
>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Exploit that spams/lags clients

[Stealth Mode]

Your Mac address is converted at the handoff between the hardware layer,
and the transport/packet layer. It then converts to an IP address. Google
converters for deci to hexidecimal. There are plenty out there. Run a plt
sniffer or rcon or netstat table of connections for the IP connected to
your machine.

On Sun, Apr 22, 2018, 01:39 Zaretti Steve <kosso...@gmail.com> wrote:

> you are right. You can only see the mac of the nearest switch/router.
> Stealth Mode is just spamming some random word.
>
> 2018-04-22 6:42 GMT+02:00 Mukunda Johnson <muku...@mukunda.com>:
> > I'm pretty sure mac addresses aren't even exposed to the server; this
> topic
> > is getting pretty derailed isn't it?
> >
> > On Sat, Apr 21, 2018 at 8:48 PM, Nomaan Ahmad <n0man@gmail.com>
> wrote:
> >>
> >> Where can I find this IP/decimal to Mac converter you speak of? Could
> you
> >> give an example? You speak highly of yourself, here is your chance to
> prove
> >> it.
> >>
> >> On Sun, 22 Apr 2018, 4:07 am Stealth Mode, <stealthmode1...@gmail.com>
> >> wrote:
> >>>
> >>> The fix is to create a bash script that looks for that in the server
> log
> >>> (the repietitive call to null.wav), and automatically ban. If you push
> the
> >>> IP through a ip/decimal conversion tool you can make it a Mac address
> ban
> >>> right in the hardware packet/transport layer.
> >>>
> >>> End of message.
> >>>
> >>> On Thu, Apr 19, 2018, 20:04 wickedplayer494 <wickedplayer...@gmail.com
> >
> >>> wrote:
> >>>>
> >>>> Just to keep everyone on the list in the loop, McJohn said that a fix
> >>>> for servers crashing (which I can only assume is a result of this) is
> being
> >>>> worked on:
> >>>>
> https://www.reddit.com/r/GlobalOffensive/comments/8d7hkr/3kliksphilips_interview_with_a_cheater/dxljl53/?context=3
> >>>>
> >>>> On 4/17/2018 3:22 PM, iNilo wrote:
> >>>>
> >>>> A player on my server was able to spam all the clients with a script
> he
> >>>> later linked ( https://hastebin.com/fufarowuba.cpp )
> >>>>
> >>>> its causing massive console spams.
> >>>>
> >>>> https://i.imgur.com/nOWLkeq.png
> >>>>
> >>>> Someone has a fix for this?
> >>>>
> >>>> - iNilo.
> >>>>
> >>>>
> >>>>
> >>>> ___
> >>>> Csgo_servers mailing list
> >>>> Csgo_servers@list.valvesoftware.com
> >>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
> >>>>
> >>>> ___
> >>>> Csgo_servers mailing list
> >>>> Csgo_servers@list.valvesoftware.com
> >>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
> >>>
> >>> ___
> >>> Csgo_servers mailing list
> >>> Csgo_servers@list.valvesoftware.com
> >>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
> >>
> >>
> >> ___
> >> Csgo_servers mailing list
> >> Csgo_servers@list.valvesoftware.com
> >> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
> >
> >
> >
> > ___
> > Csgo_servers mailing list
> > Csgo_servers@list.valvesoftware.com
> > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Exploit that spams/lags clients

[Stealth Mode]

Because it has already had a P.O.C. over 2 decades ago.

On Sun, Apr 22, 2018, 01:22 lay295  wrote:

> I really don't understand. You keep going on and on and on and on about how
> easy it is to exploit these servers, why don't you make a proof of concept
> attack and show it off?
>
> If there are as many attack vectors as you say there are, and you're such
> an
> expert, shouldn't be that hard then no?
>
> Also you're saying that in this attack clients were able to send arbitrary
> code/scripts to other clients to play null.wav, but it was hard coded in
> the
> client hence no arbitrary code was executed.
>
> https://imgur.com/ziLyW6v
>
>
>
> --
> Sent from: http://csgo-servers.1073505.n5.nabble.com/
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Exploit that spams/lags clients

[Stealth Mode]

LoL. Mac addressing is for any device or computer that is on a network. The
network card/WiFi card/cellular modem is what generates the Mac address. IP
can be changed/altered randomly. That's why most people don't ban IP
addresses. Because it is a waste of time when a client can just go in and
release the network IP lease, and force a new IP.

Seriously, study networking before you ever attempt to manage a server.

On Sat, Apr 21, 2018, 23:10 Nathaniel Theis <ntth...@gmail.com> wrote:

> I've heard that some advanced hackers are circumventing Mac address bans
> by using PCs, so you should ban by IP.
>
> On Sat, Apr 21, 2018, 8:07 PM Stealth Mode <stealthmode1...@gmail.com>
> wrote:
>
>> The fix is to create a bash script that looks for that in the server log
>> (the repietitive call to null.wav), and automatically ban. If you push the
>> IP through a ip/decimal conversion tool you can make it a Mac address ban
>> right in the hardware packet/transport layer.
>>
>> End of message.
>>
>> On Thu, Apr 19, 2018, 20:04 wickedplayer494 <wickedplayer...@gmail.com>
>> wrote:
>>
>>> Just to keep everyone on the list in the loop, McJohn said that a fix
>>> for servers crashing (which I can only assume is a result of this) is being
>>> worked on:
>>> https://www.reddit.com/r/GlobalOffensive/comments/8d7hkr/3kliksphilips_interview_with_a_cheater/dxljl53/?context=3
>>>
>>> On 4/17/2018 3:22 PM, iNilo wrote:
>>>
>>> A player on my server was able to spam all the clients with a script he
>>> later linked ( https://hastebin.com/fufarowuba.cpp )
>>>
>>> its causing massive console spams.
>>>
>>> https://i.imgur.com/nOWLkeq.png
>>>
>>> Someone has a fix for this?
>>>
>>> - iNilo.
>>>
>>>
>>>
>>> ___
>>> Csgo_servers mailing 
>>> listCsgo_servers@list.valvesoftware.comhttps://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>>
>>> ___
>>> Csgo_servers mailing list
>>> Csgo_servers@list.valvesoftware.com
>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>
>> ___
>> Csgo_servers mailing list
>> Csgo_servers@list.valvesoftware.com
>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Exploit that spams/lags clients

[Stealth Mode]

Also, Alfred. This Samantha Smith bot extracting email addresses from this
list is getting annoying. And the Kathy Lisa porn spam is very
disheartening. The list needs purged cause a boy is parsing these emails.
For email addresses that third party porn bots are being loaded with. And
fake csgo_server emails are containing pornography.

On Thu, Apr 19, 2018, 20:04 wickedplayer494 
wrote:

> Just to keep everyone on the list in the loop, McJohn said that a fix for
> servers crashing (which I can only assume is a result of this) is being
> worked on:
> https://www.reddit.com/r/GlobalOffensive/comments/8d7hkr/3kliksphilips_interview_with_a_cheater/dxljl53/?context=3
>
> On 4/17/2018 3:22 PM, iNilo wrote:
>
> A player on my server was able to spam all the clients with a script he
> later linked ( https://hastebin.com/fufarowuba.cpp )
>
> its causing massive console spams.
>
> https://i.imgur.com/nOWLkeq.png
>
> Someone has a fix for this?
>
> - iNilo.
>
>
>
> ___
> Csgo_servers mailing 
> listCsgo_servers@list.valvesoftware.comhttps://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Exploit that spams/lags clients

[Stealth Mode]

The fix is to create a bash script that looks for that in the server log
(the repietitive call to null.wav), and automatically ban. If you push the
IP through a ip/decimal conversion tool you can make it a Mac address ban
right in the hardware packet/transport layer.

End of message.

On Thu, Apr 19, 2018, 20:04 wickedplayer494 
wrote:

> Just to keep everyone on the list in the loop, McJohn said that a fix for
> servers crashing (which I can only assume is a result of this) is being
> worked on:
> https://www.reddit.com/r/GlobalOffensive/comments/8d7hkr/3kliksphilips_interview_with_a_cheater/dxljl53/?context=3
>
> On 4/17/2018 3:22 PM, iNilo wrote:
>
> A player on my server was able to spam all the clients with a script he
> later linked ( https://hastebin.com/fufarowuba.cpp )
>
> its causing massive console spams.
>
> https://i.imgur.com/nOWLkeq.png
>
> Someone has a fix for this?
>
> - iNilo.
>
>
>
> ___
> Csgo_servers mailing 
> listCsgo_servers@list.valvesoftware.comhttps://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Exploit that spams/lags clients

[Stealth Mode]

A fearmonger? LMAO. Let me tell you what can really be done. Using binary
electronics components programming someone can launch a DDOS attack from
vulnerable servers like this. Happens ALL of the time. Ignore the warnings.
Leave your servers wide open. Disrespect me again, and I'll make sure to
gnore you.

I have more server admin/owner experience than half of you script kiddies
playing around with network security that you have no CLUE about.

So yes, ignore me out of hand. Be that ignorant in your lack of I.T.
Security that you would ignore one of the only ccie/ccde on this list.

Have a nice day, amateur.

On Wed, Apr 18, 2018, 20:59 Dan B (Narry) <smelly.feet.you.h...@gmail.com>
wrote:

> Ignore him. He's a fearmongerer who doesn't know what he's talking about.
> If you're ever in for a laugh, read the archives of this mailing list
> (might have been HLDS?) and look at the absolute giant thread caused by him
> claiming the existence of remote upload exploits while making an absolute
> fool of himself.
>
> On Wed, Apr 18, 2018 at 8:52 PM, Nomaan Ahmad <n0man@gmail.com> wrote:
>
>> What do you mean by MAC Address? I don't think that is available to the
>> server.
>>
>> On 19 April 2018 at 01:46, Stealth Mode <stealthmode1...@gmail.com>
>> wrote:
>>
>>> The top part of that is calling to a memory address location in
>>> hexidecimal where null.wav is stored. Without null.wav on the server it
>>> eats up cycles to search for it in memory.
>>>
>>> Can create a bash script to look for keywords in this script and
>>> automatically ban the MAC ADDRESS. Not the IP address (takes some
>>> translation from decimal to hexidecimal).
>>>
>>> Cough Valve AntiCheat/Alfred hope you see this.
>>>
>>> -Stealthmode
>>>
>>> On Wed, Apr 18, 2018, 20:37 Stealth Mode <stealthmode1...@gmail.com>
>>> wrote:
>>>
>>>> Thanks God for sandbox virtual machine environments to run servers in.
>>>> That's all I will say.
>>>>
>>>> On Wed, Apr 18, 2018, 20:35 Stealth Mode <stealthmode1...@gmail.com>
>>>> wrote:
>>>>
>>>>> Think about this carefully. This client is able to inject scripts
>>>>> through the server to all clients. I warned this list months ago about how
>>>>> unsecure these servers really are. That can easily be a different script
>>>>> through a spoofed steamid that randomly changes. Image injections. Packet
>>>>> injections. Script injections. I'd be more worried about what he can use
>>>>> the server to inject into the OS cmd shell/powershell.
>>>>>
>>>>> These servers are really vulnerable from a network security
>>>>> standpoint. Be glad your client isn't malicious. Or your server and all of
>>>>> those clients could be remote hijacked.
>>>>>
>>>>> -Stealthmode
>>>>>
>>>>> On Wed, Apr 18, 2018, 17:42 Nathaniel Theis <ntth...@gmail.com> wrote:
>>>>>
>>>>>> hook recvmsg and kick if you get more than one signon message on a
>>>>>> given cnetchan (might need to check the server count though, not sure
>>>>>> if you get another signon message from legit clients at map
>>>>>> change...)?
>>>>>>
>>>>>> (normal connection throttling should stop the obvious workaround (just
>>>>>> reconnecting)
>>>>>>
>>>>>> On Tue, Apr 17, 2018 at 1:22 PM, iNilo <inilo.in...@gmail.com> wrote:
>>>>>> > A player on my server was able to spam all the clients with a
>>>>>> script he
>>>>>> > later linked ( https://hastebin.com/fufarowuba.cpp )
>>>>>> >
>>>>>> > its causing massive console spams.
>>>>>> >
>>>>>> > https://i.imgur.com/nOWLkeq.png
>>>>>> >
>>>>>> > Someone has a fix for this?
>>>>>> >
>>>>>> > - iNilo.
>>>>>> >
>>>>>> >
>>>>>> > ___
>>>>>> > Csgo_servers mailing list
>>>>>> > Csgo_servers@list.valvesoftware.com
>>>>>> >
>>>>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>>>>>
>>>>>> ___
>>>>>> Csgo_servers mailing list
>>>>>> Csgo_servers@list.valvesoftware.com
>>>>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>>>>
>>>>>
>>> ___
>>> Csgo_servers mailing list
>>> Csgo_servers@list.valvesoftware.com
>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>>
>>
>>
>> ___
>> Csgo_servers mailing list
>> Csgo_servers@list.valvesoftware.com
>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Exploit that spams/lags clients

[Stealth Mode]

Just be glad he hasn't figured out how to abuse allow upload using spray
paint images/custom spray paints or packet injections to place null.wav
named binary into your physical hardware.

On Wed, Apr 18, 2018, 20:46 Stealth Mode <stealthmode1...@gmail.com> wrote:

> The top part of that is calling to a memory address location in
> hexidecimal where null.wav is stored. Without null.wav on the server it
> eats up cycles to search for it in memory.
>
> Can create a bash script to look for keywords in this script and
> automatically ban the MAC ADDRESS. Not the IP address (takes some
> translation from decimal to hexidecimal).
>
> Cough Valve AntiCheat/Alfred hope you see this.
>
> -Stealthmode
>
> On Wed, Apr 18, 2018, 20:37 Stealth Mode <stealthmode1...@gmail.com>
> wrote:
>
>> Thanks God for sandbox virtual machine environments to run servers in.
>> That's all I will say.
>>
>> On Wed, Apr 18, 2018, 20:35 Stealth Mode <stealthmode1...@gmail.com>
>> wrote:
>>
>>> Think about this carefully. This client is able to inject scripts
>>> through the server to all clients. I warned this list months ago about how
>>> unsecure these servers really are. That can easily be a different script
>>> through a spoofed steamid that randomly changes. Image injections. Packet
>>> injections. Script injections. I'd be more worried about what he can use
>>> the server to inject into the OS cmd shell/powershell.
>>>
>>> These servers are really vulnerable from a network security standpoint.
>>> Be glad your client isn't malicious. Or your server and all of those
>>> clients could be remote hijacked.
>>>
>>> -Stealthmode
>>>
>>> On Wed, Apr 18, 2018, 17:42 Nathaniel Theis <ntth...@gmail.com> wrote:
>>>
>>>> hook recvmsg and kick if you get more than one signon message on a
>>>> given cnetchan (might need to check the server count though, not sure
>>>> if you get another signon message from legit clients at map
>>>> change...)?
>>>>
>>>> (normal connection throttling should stop the obvious workaround (just
>>>> reconnecting)
>>>>
>>>> On Tue, Apr 17, 2018 at 1:22 PM, iNilo <inilo.in...@gmail.com> wrote:
>>>> > A player on my server was able to spam all the clients with a script
>>>> he
>>>> > later linked ( https://hastebin.com/fufarowuba.cpp )
>>>> >
>>>> > its causing massive console spams.
>>>> >
>>>> > https://i.imgur.com/nOWLkeq.png
>>>> >
>>>> > Someone has a fix for this?
>>>> >
>>>> > - iNilo.
>>>> >
>>>> >
>>>> > ___
>>>> > Csgo_servers mailing list
>>>> > Csgo_servers@list.valvesoftware.com
>>>> > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>>>
>>>> ___
>>>> Csgo_servers mailing list
>>>> Csgo_servers@list.valvesoftware.com
>>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>>
>>>
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Exploit that spams/lags clients

[Stealth Mode]

The top part of that is calling to a memory address location in hexidecimal
where null.wav is stored. Without null.wav on the server it eats up cycles
to search for it in memory.

Can create a bash script to look for keywords in this script and
automatically ban the MAC ADDRESS. Not the IP address (takes some
translation from decimal to hexidecimal).

Cough Valve AntiCheat/Alfred hope you see this.

-Stealthmode

On Wed, Apr 18, 2018, 20:37 Stealth Mode <stealthmode1...@gmail.com> wrote:

> Thanks God for sandbox virtual machine environments to run servers in.
> That's all I will say.
>
> On Wed, Apr 18, 2018, 20:35 Stealth Mode <stealthmode1...@gmail.com>
> wrote:
>
>> Think about this carefully. This client is able to inject scripts through
>> the server to all clients. I warned this list months ago about how unsecure
>> these servers really are. That can easily be a different script through a
>> spoofed steamid that randomly changes. Image injections. Packet injections.
>> Script injections. I'd be more worried about what he can use the server to
>> inject into the OS cmd shell/powershell.
>>
>> These servers are really vulnerable from a network security standpoint.
>> Be glad your client isn't malicious. Or your server and all of those
>> clients could be remote hijacked.
>>
>> -Stealthmode
>>
>> On Wed, Apr 18, 2018, 17:42 Nathaniel Theis <ntth...@gmail.com> wrote:
>>
>>> hook recvmsg and kick if you get more than one signon message on a
>>> given cnetchan (might need to check the server count though, not sure
>>> if you get another signon message from legit clients at map
>>> change...)?
>>>
>>> (normal connection throttling should stop the obvious workaround (just
>>> reconnecting)
>>>
>>> On Tue, Apr 17, 2018 at 1:22 PM, iNilo <inilo.in...@gmail.com> wrote:
>>> > A player on my server was able to spam all the clients with a script he
>>> > later linked ( https://hastebin.com/fufarowuba.cpp )
>>> >
>>> > its causing massive console spams.
>>> >
>>> > https://i.imgur.com/nOWLkeq.png
>>> >
>>> > Someone has a fix for this?
>>> >
>>> > - iNilo.
>>> >
>>> >
>>> > ___
>>> > Csgo_servers mailing list
>>> > Csgo_servers@list.valvesoftware.com
>>> > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>>
>>> ___
>>> Csgo_servers mailing list
>>> Csgo_servers@list.valvesoftware.com
>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>
>>
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Exploit that spams/lags clients

[Stealth Mode]

Thanks God for sandbox virtual machine environments to run servers in.
That's all I will say.

On Wed, Apr 18, 2018, 20:35 Stealth Mode <stealthmode1...@gmail.com> wrote:

> Think about this carefully. This client is able to inject scripts through
> the server to all clients. I warned this list months ago about how unsecure
> these servers really are. That can easily be a different script through a
> spoofed steamid that randomly changes. Image injections. Packet injections.
> Script injections. I'd be more worried about what he can use the server to
> inject into the OS cmd shell/powershell.
>
> These servers are really vulnerable from a network security standpoint. Be
> glad your client isn't malicious. Or your server and all of those clients
> could be remote hijacked.
>
> -Stealthmode
>
> On Wed, Apr 18, 2018, 17:42 Nathaniel Theis <ntth...@gmail.com> wrote:
>
>> hook recvmsg and kick if you get more than one signon message on a
>> given cnetchan (might need to check the server count though, not sure
>> if you get another signon message from legit clients at map
>> change...)?
>>
>> (normal connection throttling should stop the obvious workaround (just
>> reconnecting)
>>
>> On Tue, Apr 17, 2018 at 1:22 PM, iNilo <inilo.in...@gmail.com> wrote:
>> > A player on my server was able to spam all the clients with a script he
>> > later linked ( https://hastebin.com/fufarowuba.cpp )
>> >
>> > its causing massive console spams.
>> >
>> > https://i.imgur.com/nOWLkeq.png
>> >
>> > Someone has a fix for this?
>> >
>> > - iNilo.
>> >
>> >
>> > ___
>> > Csgo_servers mailing list
>> > Csgo_servers@list.valvesoftware.com
>> > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>
>> ___
>> Csgo_servers mailing list
>> Csgo_servers@list.valvesoftware.com
>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
>
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Exploit that spams/lags clients

[Stealth Mode]

Think about this carefully. This client is able to inject scripts through
the server to all clients. I warned this list months ago about how unsecure
these servers really are. That can easily be a different script through a
spoofed steamid that randomly changes. Image injections. Packet injections.
Script injections. I'd be more worried about what he can use the server to
inject into the OS cmd shell/powershell.

These servers are really vulnerable from a network security standpoint. Be
glad your client isn't malicious. Or your server and all of those clients
could be remote hijacked.

-Stealthmode

On Wed, Apr 18, 2018, 17:42 Nathaniel Theis  wrote:

> hook recvmsg and kick if you get more than one signon message on a
> given cnetchan (might need to check the server count though, not sure
> if you get another signon message from legit clients at map
> change...)?
>
> (normal connection throttling should stop the obvious workaround (just
> reconnecting)
>
> On Tue, Apr 17, 2018 at 1:22 PM, iNilo  wrote:
> > A player on my server was able to spam all the clients with a script he
> > later linked ( https://hastebin.com/fufarowuba.cpp )
> >
> > its causing massive console spams.
> >
> > https://i.imgur.com/nOWLkeq.png
> >
> > Someone has a fix for this?
> >
> > - iNilo.
> >
> >
> > ___
> > Csgo_servers mailing list
> > Csgo_servers@list.valvesoftware.com
> > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Fwd: Server specs and OS recommendation.

[Stealth Mode]

I also have blocked it. Glad to hear that you got it setup, and running for
your group. Have fun scrimming, dunno if people still use IRC to setup
matches/scrims outside of the game, but good luck with it.

-Stealth

On Mon, Nov 13, 2017 at 10:07 AM, Cyborgium <a...@familiebrondijk.nl> wrote:

> Stealth Mode wrote
> > This list has gotten hit with some kind of email bot. Alfred can you
> block
> > the person "Kate Stitch" from email address
>
> > katestitch@
>
> > ?
> > Every time I post to this list now the mail is getting responses from
> this
> > email address with nude photographs. Very annoying.
> >
> > Thanks in advance.
> >
> > Cybergium, as Dennis stated, I forgot GO needs tokens to allow
> connections
> > outside of lan (why this extra step is added is questionable, however, it
> > is required for public servers). Please follow those steps to ensure your
> > server has a login token.
> >
> > -Stealth
> > ___
> > Csgo_servers mailing list
>
> > Csgo_servers@.valvesoftware
>
> > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
>  I managed to get it all working, thank you all very much for your help and
> time!
>
> And yeah, I just blocked that emailadres in my mail client..
>
>
>
> --
> Sent from: http://csgo-servers.1073505.n5.nabble.com/
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] SDK CSGO vvis_dll.dll not found

[Stealth Mode]

This would be the correct list to post this to.

https://list.valvesoftware.com/mailman/listinfo/hlmappers

On Mon, Nov 13, 2017 at 10:07 AM, Stealth Mode <stealthmode1...@gmail.com>
wrote:

> I would submit this to support. This isn't server related. This list is
> for servers. The SDK, and Hammer specifically is a seperate issue non
> server related. I've documented a number of Hammer errors. If you notice on
> startup, there is a page or two of nothing but errors from missing hl2
> files that the call procedure is not directing to correct files from.
> Despite contacting support about this months ago, it still has not been
> addressed. The more of the mapping community that is able to report this,
> and document it, the sooner it will be given attention.
>
> -Stealth
>
> On Mon, Oct 23, 2017 at 10:45 PM, Ejziponken <ejzipon...@gmail.com> wrote:
>
>> Many people seems to have this problem after  installing a new clean
>> version
>> of SDK.
>>
>> "vvis launcher error : can't load vvis_dll.dll the specified procedure
>> could
>> not be found."
>>
>> Been like this for weeks now maybe since Dust2 first was released or
>> something?
>> People cant compile maps any longer. This needs attention right now. And
>> we
>> have no idea if any devs knows about this problem or not.
>>
>>
>> https://www.reddit.com/r/csmapmakers/comments/76bhqi/sdk_
>> csgo_cant_not_compil_vvis_dlldll_not_found/
>>
>> https://steamcommunity.com/app/211/discussions/2/1488861734118634781/
>>
>> https://steamcommunity.com/app/211/discussions/0/1488861734106660369/
>>
>> https://steamcommunity.com/app/730/discussions/0/1489987633996769550/
>>
>> https://steamcommunity.com/app/211/discussions/0/1483232961031049123/
>>
>> https://steamcommunity.com/app/211/discussions/2/1488861734104517038/
>>
>> https://redditlite.com/r/GlobalOffensive/comments/789ihl/
>> can_valve_do_something_about_the_vvis_dlldll_with/
>>
>>
>>
>>
>>
>> --
>> Sent from: http://csgo-servers.1073505.n5.nabble.com/
>>
>> ___
>> Csgo_servers mailing list
>> Csgo_servers@list.valvesoftware.com
>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
>
>
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] SDK CSGO vvis_dll.dll not found

[Stealth Mode]

I would submit this to support. This isn't server related. This list is for
servers. The SDK, and Hammer specifically is a seperate issue non server
related. I've documented a number of Hammer errors. If you notice on
startup, there is a page or two of nothing but errors from missing hl2
files that the call procedure is not directing to correct files from.
Despite contacting support about this months ago, it still has not been
addressed. The more of the mapping community that is able to report this,
and document it, the sooner it will be given attention.

-Stealth

On Mon, Oct 23, 2017 at 10:45 PM, Ejziponken  wrote:

> Many people seems to have this problem after  installing a new clean
> version
> of SDK.
>
> "vvis launcher error : can't load vvis_dll.dll the specified procedure
> could
> not be found."
>
> Been like this for weeks now maybe since Dust2 first was released or
> something?
> People cant compile maps any longer. This needs attention right now. And we
> have no idea if any devs knows about this problem or not.
>
>
> https://www.reddit.com/r/csmapmakers/comments/76bhqi/
> sdk_csgo_cant_not_compil_vvis_dlldll_not_found/
>
> https://steamcommunity.com/app/211/discussions/2/1488861734118634781/
>
> https://steamcommunity.com/app/211/discussions/0/1488861734106660369/
>
> https://steamcommunity.com/app/730/discussions/0/1489987633996769550/
>
> https://steamcommunity.com/app/211/discussions/0/1483232961031049123/
>
> https://steamcommunity.com/app/211/discussions/2/1488861734104517038/
>
> https://redditlite.com/r/GlobalOffensive/comments/
> 789ihl/can_valve_do_something_about_the_vvis_dlldll_with/
>
>
>
>
>
> --
> Sent from: http://csgo-servers.1073505.n5.nabble.com/
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

[Csgo_servers] Fwd: Server specs and OS recommendation.

[Stealth Mode]

This list has gotten hit with some kind of email bot. Alfred can you block
the person "Kate Stitch" from email address katesti...@talkingmail.xyz?
Every time I post to this list now the mail is getting responses from this
email address with nude photographs. Very annoying.

Thanks in advance.

Cybergium, as Dennis stated, I forgot GO needs tokens to allow connections
outside of lan (why this extra step is added is questionable, however, it
is required for public servers). Please follow those steps to ensure your
server has a login token.

-Stealth

On Sun, Nov 12, 2017 at 5:39 AM, Dennis Christ <li...@ollic.de> wrote:

> Have you setup a game server login token? Without it you would only be
> able to connect over lan.
>
> Its required for a while for all public servers and you need a steam
> account to create the token.
>
> See: https://developer.valvesoftware.com/wiki/Counter-Strike:_
> Global_Offensive_Dedicated_Servers#Registering_Game_Server_Login_Token
>
>
>
> Am 11.11.2017 um 23:26 schrieb Cyborgium:
>
>> Stealth Mode wrote
>>
>>> Also, check out this thread on the steam forums.
>>>
>>> https://steamcommunity.com/discussions/forum/13/828939163961292409/
>>>
>>> Especially the video related to part V, port forwarding and dmz-ing.
>>>
>>> ___
>>> Csgo_servers mailing list
>>> Csgo_servers@.valvesoftware
>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>>
>> Thanks for the help so far, I've finally managed to get my IP pingable.
>>
>> People still can't join the server though, while I still can. When they
>> try
>> to join, they get the following message:
>> Connecting to public(:27015) ...
>> Server using 'public' lobbies, requiring pw no, lobby id 
>>
>> The weird part is, I get the exact same message but I do join. I've tried
>> googling it but I can't find a sollution for it. Do you have any idea what
>> this could be?
>>
>>
>>
>> --
>> Sent from: http://csgo-servers.1073505.n5.nabble.com/
>>
>> ___
>> Csgo_servers mailing list
>> Csgo_servers@list.valvesoftware.com
>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>
>
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Server specs and OS recommendation.

[Stealth Mode]

Also, check out this thread on the steam forums.

https://steamcommunity.com/discussions/forum/13/828939163961292409/

Especially the video related to part V, port forwarding and dmz-ing.

On Nov 11, 2017 4:08 PM, "Cyborgium" <a...@familiebrondijk.nl> wrote:

> Stealth Mode wrote
> > Cyborgium...
> >
> > DMZ in reference to networking
> >
> > https://en.wikipedia.org/wiki/DMZ_(computing)
> >
> > ___
> > Csgo_servers mailing list
>
> > Csgo_servers@.valvesoftware
>
> > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
> I really dont quite understand why the server has to be in the DMZ. Maybe
> it's a stupid question, but would you mind explaining it?
>
>
>
> --
> Sent from: http://csgo-servers.1073505.n5.nabble.com/
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Server specs and OS recommendation.

[Stealth Mode]

Give these threads a read.

http://forums.srcds.com/showthread.php?tid=430=2073


http://forums.srcds.com/viewtopic/9206

On Nov 11, 2017 16:08, "Cyborgium" <a...@familiebrondijk.nl> wrote:

> Stealth Mode wrote
> > Cyborgium...
> >
> > DMZ in reference to networking
> >
> > https://en.wikipedia.org/wiki/DMZ_(computing)
> >
> > ___
> > Csgo_servers mailing list
>
> > Csgo_servers@.valvesoftware
>
> > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
> I really dont quite understand why the server has to be in the DMZ. Maybe
> it's a stupid question, but would you mind explaining it?
>
>
>
> --
> Sent from: http://csgo-servers.1073505.n5.nabble.com/
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Server specs and OS recommendation.

[Stealth Mode]

It would imply your server is not sitting on the DMZ host of your router.
Or that your firewall (Internal router firewall) is blocking all traffic.

On Sat, Nov 11, 2017 at 4:05 PM, Cyborgium <a...@familiebrondijk.nl> wrote:

> Stealth Mode wrote
> > And if this was the error message for your clients, this is the solution.
> > Have they been able to ping the external IP address?
> >
> > "Clients cannot connect to the server. They receive the error "Failed to
> > get session data."
> >
> > This is probably caused by specifying an invalid map group in the startup
> > command line. E.g., the August 10, 2012 update removed the
> > "mg_allclassics"
> > mapgroup. Changing it to a valid map group, e.g. mg_active, may fix the
> > problem."
> >
> > Found a couple of things at the valve troubleshooting site that may
> apply,
> > so just going to link you to it.
> >
> > https://developer.valvesoftware.com/wiki/Counter-Strike:_Global_
> Offensive_Dedicated_Servers_Known_Issues#Clients_cannot_
> connect_to_the_server._They_receive_the_error_.22Failed_
> to_get_session_data..22
> >
> > _
> > Csgo_servers mailing list
>
> > Csgo_servers@.valvesoftware
>
> > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
> They can't even ping my external IP. Would this imply that I havent port
> forwarded right?
>
>
>
> --
> Sent from: http://csgo-servers.1073505.n5.nabble.com/
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Server specs and OS recommendation.

[Stealth Mode]

Cyborgium...

DMZ in reference to networking

https://en.wikipedia.org/wiki/DMZ_(computing)

On Sat, Nov 11, 2017 at 3:56 PM, Cyborgium <a...@familiebrondijk.nl> wrote:

> Stealth Mode wrote
> > Are you giving them your external IP address to connect to or the local
> > network IP address? Also the entire server needs to be sitting on the
> DMZ.
> >
> > -Stealth
> >
> > ___
> > Csgo_servers mailing list
>
> > Csgo_servers@.valvesoftware
>
> > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
>  The external ofcourse. What do you mean the server has to be sitting on
> the
> DMZ? Doesnt DMZ mean the server wouldnt have access to the outside world?
>
>
>
> --
> Sent from: http://csgo-servers.1073505.n5.nabble.com/
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Server specs and OS recommendation.

[Stealth Mode]

RE: bandwidth

Handy reference chart about halfway down the page for bandwidth
requirements.

https://support.steampowered.com/kb_article.php?ref=5386-HMJI-5162

On Sat, Nov 11, 2017 at 3:53 PM, Charalampos Galanis 
wrote:

> Hello,
>
> I always wondered if the current players playing on a srcds (csgo, tf2) is
> linear or exponential to the upload bandiwth used by the srcds.
>
> Στις 11 Νοε 2017 22:50, ο χρήστης "Cyborgium" 
> έγραψε:
>
>> Hello,
>>
>> I set up my server fine, I can connect from my gaming PC without any
>> trouble
>> via my WAN ip. However, when I try to invite other peopl over, I can't
>> connect. As far as I know, I've done the port forwarding the way it should
>> be (I forwarded 27000 up to 27040). sv_lan is set to 0.
>>
>> Any idea what the problem could be?
>>
>>
>>
>> --
>> Sent from: http://csgo-servers.1073505.n5.nabble.com/
>>
>> ___
>> Csgo_servers mailing list
>> Csgo_servers@list.valvesoftware.com
>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Server specs and OS recommendation.

[Stealth Mode]

Also, please check this handy GO server install reference and ensure you
are setting correct parameters, launch options.

https://developer.valvesoftware.com/wiki/Counter-Strike:_Global_Offensive_Dedicated_Servers

On Sat, Nov 11, 2017 at 3:52 PM, Stealth Mode <stealthmode1...@gmail.com>
wrote:

> Are you giving them your external IP address to connect to or the local
> network IP address? Also the entire server needs to be sitting on the DMZ.
>
> -Stealth
>
> On Sat, Nov 11, 2017 at 3:50 PM, Cyborgium <a...@familiebrondijk.nl>
> wrote:
>
>> Hello,
>>
>> I set up my server fine, I can connect from my gaming PC without any
>> trouble
>> via my WAN ip. However, when I try to invite other peopl over, I can't
>> connect. As far as I know, I've done the port forwarding the way it should
>> be (I forwarded 27000 up to 27040). sv_lan is set to 0.
>>
>> Any idea what the problem could be?
>>
>>
>>
>> --
>> Sent from: http://csgo-servers.1073505.n5.nabble.com/
>>
>> ___
>> Csgo_servers mailing list
>> Csgo_servers@list.valvesoftware.com
>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>
>
>
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Server specs and OS recommendation.

[Stealth Mode]

Are you giving them your external IP address to connect to or the local
network IP address? Also the entire server needs to be sitting on the DMZ.

-Stealth

On Sat, Nov 11, 2017 at 3:50 PM, Cyborgium  wrote:

> Hello,
>
> I set up my server fine, I can connect from my gaming PC without any
> trouble
> via my WAN ip. However, when I try to invite other peopl over, I can't
> connect. As far as I know, I've done the port forwarding the way it should
> be (I forwarded 27000 up to 27040). sv_lan is set to 0.
>
> Any idea what the problem could be?
>
>
>
> --
> Sent from: http://csgo-servers.1073505.n5.nabble.com/
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Server specs and OS recommendation.

[Stealth Mode]

Is anyone else getting hit with some kind of spam from a talkingmail.xyz
mail server when replying to this topic? I got hit with a bunch of personal
site ads when I replied to this topic.

Always run server OS, whether linux or windows. It is built to run better
with server type applications.

eg:

Linux installs:

Redhat Enterprise
https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux

Ubuntu Server
https://www.ubuntu.com/download/server

Debian
https://www.debian.org/distrib/

Windows installs:

2012
https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2012-r2

2016
https://www.microsoft.com/en-us/cloud-platform/windows-server

On Sat, Nov 11, 2017 at 11:02 AM, Cyborgium  wrote:

> Alex wrote
> > Ubuntu server, desktop will only take more memory. You will have to use
> > the
> > terminal to install the server.
> > ___
> > Csgo_servers mailing list
>
> > Csgo_servers@.valvesoftware
>
> > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
> Thanks for the info! I was gonna use the terminal either ;)
>
>
>
> --
> Sent from: http://csgo-servers.1073505.n5.nabble.com/
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Server specs and OS recommendation.

[Stealth Mode]

Forgot to mention. OS, linux is the smoothest, we ran redhat back in the
day, however I am sure ubuntu also runs well. Even Windows ran servers
decently. Its more of a familiarity, ease of use preference by the owner of
the server to be honest.

On Fri, Nov 10, 2017 at 2:16 PM, Stealth Mode <stealthmode1...@gmail.com>
wrote:

> I will just say this. SRCDS was released in Oct. of 2003. The system specs
> for that era were nowhere near what you are running your 5v5 scrim/practice
> server on. Considering back then almost no os read over 3gb of ram to begin
> with (os limitations of windows platforms). That said, the ticrate was what
> most server owners/admins wound up adjusting when lag/performance issues
> arose.
>
> Here is a handy guide at valve for installs.
> https://developer.valvesoftware.com/wiki/Source_Dedicated_Server
>
> Another good article on what, and how system requirements (bandwidth
> mostly) are determined.
> https://support.steampowered.com/kb_article.php?ref=5386-HMJI-5162
>
> And finally this article on Toms Hardware outlines system requirements
> just finemodify it slightly for go. However, dont worry about high
> loads of ram, etc. for 5v5. You are not rendering anything, you are just
> running a dedicated server.
>
> http://www.tomshardware.com/forum/13645-13-source-
> dedicated-server-requirements
>
> Hope this helps clear the air for you, and your clan/group. We ran 4
> servers on one dual core box (xeon). It had 3gb of ram, and a dedicated
> bridged cable connection back then. 2x5v5 scrim servers, 1x20 man pub, and
> a 10 man test/practice/boot camp server. Well, before we started renting
> rackspace and providing servers for others.
>
> -Stealth
>
> On Fri, Nov 10, 2017 at 6:51 AM, Cyborgium <a...@familiebrondijk.nl>
> wrote:
>
>> Hello!
>>
>> I want to create a simple 5v5 comp/training server for my csgo team. From
>> what I found on the internet, a simple 2 core PC with at least 3gb of ram
>> should suffice for this.
>>
>> I've ordered a pc like that off of Craigslist and it'll arrive tomorrow. I
>> have a question regarding the OS and type of hard drive.
>>
>> I either have a 60gb ssd or a 1tb hdd. What would be better for running
>> the
>> server? I don't know how much space a server would take.
>>
>> The second question is wether to use Windows or linux (and which
>> distribution if that matters). If I decide to go with the 60gb ssd, I'll
>> probably opt for Linux as there won't be much space left on it if I put
>> windows on there.
>>
>> Thanks in advance!
>>
>> Cyborgium
>>
>>
>>
>> --
>> Sent from: http://csgo-servers.1073505.n5.nabble.com/
>>
>> ___
>> Csgo_servers mailing list
>> Csgo_servers@list.valvesoftware.com
>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
>
>
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Server specs and OS recommendation.

[Stealth Mode]

I will just say this. SRCDS was released in Oct. of 2003. The system specs
for that era were nowhere near what you are running your 5v5 scrim/practice
server on. Considering back then almost no os read over 3gb of ram to begin
with (os limitations of windows platforms). That said, the ticrate was what
most server owners/admins wound up adjusting when lag/performance issues
arose.

Here is a handy guide at valve for installs.
https://developer.valvesoftware.com/wiki/Source_Dedicated_Server

Another good article on what, and how system requirements (bandwidth
mostly) are determined.
https://support.steampowered.com/kb_article.php?ref=5386-HMJI-5162

And finally this article on Toms Hardware outlines system requirements just
finemodify it slightly for go. However, dont worry about high loads of
ram, etc. for 5v5. You are not rendering anything, you are just running a
dedicated server.

http://www.tomshardware.com/forum/13645-13-source-dedicated-server-requirements

Hope this helps clear the air for you, and your clan/group. We ran 4
servers on one dual core box (xeon). It had 3gb of ram, and a dedicated
bridged cable connection back then. 2x5v5 scrim servers, 1x20 man pub, and
a 10 man test/practice/boot camp server. Well, before we started renting
rackspace and providing servers for others.

-Stealth

On Fri, Nov 10, 2017 at 6:51 AM, Cyborgium  wrote:

> Hello!
>
> I want to create a simple 5v5 comp/training server for my csgo team. From
> what I found on the internet, a simple 2 core PC with at least 3gb of ram
> should suffice for this.
>
> I've ordered a pc like that off of Craigslist and it'll arrive tomorrow. I
> have a question regarding the OS and type of hard drive.
>
> I either have a 60gb ssd or a 1tb hdd. What would be better for running the
> server? I don't know how much space a server would take.
>
> The second question is wether to use Windows or linux (and which
> distribution if that matters). If I decide to go with the 60gb ssd, I'll
> probably opt for Linux as there won't be much space left on it if I put
> windows on there.
>
> Thanks in advance!
>
> Cyborgium
>
>
>
> --
> Sent from: http://csgo-servers.1073505.n5.nabble.com/
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] sv_disable_motd 1

[Stealth Mode]

Server.cfg file used to accept this setting in hlds/srcds, guess that
changed in srcds for go. Had to set it at startup, not on the fly (live
server).

-Stealth

On Nov 6, 2017 18:11, "Ruben Gonzalez"  wrote:

> You can set it as a launch param (+sv_disable_motd 0) if you have access
> (credit to psychonic). You used to be able set them in gamemodes_server.txt
> but that appears to have changed at some point.
>
>
>
> On Mon, Nov 6, 2017 at 4:15 PM, doomhammer69 
> wrote:
>
>> Hi everyone I have a problem with that CVAR.
>>
>> I dont use sourcemod so I can´t change to 0 and its a restricted CVAR. Is
>> there anyway to change to 0 without any sourcemod / plugin ? Indeed the
>> motd
>> is still loaded because the sound its still there, the videos are not
>> shown
>> but we can hear.
>>
>> Please remove the restriction for those ones we dont use sourcemod.
>>
>> Thanks
>>
>>
>>
>> --
>> Sent from: http://csgo-servers.1073505.n5.nabble.com/
>>
>> ___
>> Csgo_servers mailing list
>> Csgo_servers@list.valvesoftware.com
>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
>
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

[Csgo_servers] Recent harassment on Cs go server mail list

[Stealth Mode]

Alfred, please have whoever is moderating these lists monitor the list
better.

A recent topic posted about the custom file exploit vulnerability has
demonstrated a problem with list management/administration/moderation.

A number of persons on this list do not have a lot of education in
cybersecurity. In their ignorance they attack/harass some of the more
experienced IT professionals on this list.

Some of them I recognize from hlds, and Cs 1.0-1.6 days.

Thanks in advance. Watch this thread on the go list, I bet they even harass
on this topic. Even One Warrior Nation Ryan surprised me with his attacks
(funny because he got into computer science in Baltimore because of
conversations we used to have on owns 1.0-1.6 servers). Some of these
members need suspended, or banned outright for harassing persons on this
list.

Sincerely,
Christopher "StealthMode" Stephen Larkins
HL Mod server professional since 1999
Professional CS competitor, and beta tester since 1998
Independent IT Field Engineer
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Custom files exploit

[Stealth Mode]

Available for contract for PenTesting/SecurityAudits, Datacenter
Migrations, and other IT infrastructure purposes. At the websites listed in
an earlier mailing.

/tips grey hat (only don the blackhat for government contracts) and exits


No further communications. End of conversation.

-StealthMode

On Oct 10, 2017 14:00, "Ryan Bentley" <rdp...@gmail.com> wrote:

ITSec. PoC.

Sincerely,
Ryan "ExpertMode" Bentley
Independent IT Field Engineer


On Tue, Oct 10, 2017 at 6:50 PM, Nathaniel Theis <ntth...@gmail.com> wrote:

> hello I have injected a JavaScript into this email you are all now hacked
>
> what do you mean it won't run without an actual vulnerability
>
> you're super mega hacked
>
> 
>
> On Oct 10, 2017 10:02 AM, "iNilo" <inilo.in...@gmail.com> wrote:
>
>> I frankly don't care what / where / how you work, or what you have
>> studied.
>>
>> The only thing I know is that this is clearly the wrong channel to do
>> argue/disclose/chat about.
>>
>> http://www.valvesoftware.com/security/
>>
>> Hopefully you get thanked in a patch note, if not I'm sure the entire
>> community will be grateful that you disclosed a major security issue to the
>> people that *actually *get paid to take care of this.
>>
>> Thanks.
>>
>>
>>
>> 2017-10-10 18:54 GMT+02:00 Saint K. <sai...@specialattack.net>:
>>
>>> Christopher,
>>>
>>>
>>>
>>> I work in “the field” as you like to call it. It’s customary to explain
>>> the exploit in detail and provide proof the concept (hence the request for
>>> a PoC) in any form or way.
>>>
>>>
>>>
>>> Please demonstrate the issue, it be by posting the offending code, you
>>> recording a video showing a working exploit, or anything along these lines.
>>>
>>>
>>>
>>> You should know this, if you work in “the field”.
>>>
>>>
>>>
>>> Regards,
>>>
>>>
>>>
>>> Saint K.
>>>
>>>
>>>
>>> *From:* Csgo_servers [mailto:csgo_servers-boun...@list.valvesoftware.com]
>>> *On Behalf Of *Stealth Mode
>>> *Sent:* 10 October 2017 18:34
>>> *To:* csgo_servers@list.valvesoftware.com
>>> *Subject:* Re: [Csgo_servers] Custom files exploit
>>>
>>>
>>>
>>> @Ryan, etc.
>>>
>>>
>>>
>>> I studied radio electronics before IT was a thing. NetSec and ITSec go
>>> hand in hand. My credentials aren't CS, because CS was radio electronics.
>>> The industry hasn't changed, just a little more vulnerable. Not like I am
>>> specifically stating how to inject code, or what code to inject on a public
>>> mailing list. Don't need to. Professionals here know what I am referring
>>> to. I guess the rest do not have the knowledge to understand what the
>>> exploit can actually do. You are aware. That is all that matters. Don't
>>> secure your servers, that is on you. When they get exploited, that is on
>>> you.
>>>
>>>
>>>
>>> Have a nice day! End of discussion. No further communications.
>>>
>>>
>>>
>>> Sincerely,
>>>
>>> Christopher "StealthMode" Stephen Larkins
>>>
>>> Independent IT Field Engineer
>>>
>>> fieldnation.com
>>>
>>> workmarket.com
>>>
>>> onforce.com
>>>
>>> clearancejobs.com
>>>
>>>
>>>
>>>
>>>
>>> On Tue, Oct 10, 2017 at 12:09 PM, Ryan Bentley <rdp...@gmail.com> wrote:
>>>
>>> My sides at this thread. At first I just rolled my eyes but now I
>>> actually believe that Stealth Mode is either a troll or delusional. Please
>>> stop saying "ITSec". Any first year CS student knows what PoC is but you
>>> don't? Please.
>>>
>>> You are embarrassing yourself. Which institution did you get your
>>> degree? It must be a very old BSc indeed. You talk complete nonsense and
>>> have a fundamental misunderstanding of basic computer science tenets.
>>>
>>>
>>>
>>> On Tue, Oct 10, 2017 at 4:34 PM, Nomaan Ahmad <n0man@gmail.com>
>>> wrote:
>>>
>>> Nice hat there. Stealth might get this one though:
>>> https://i.imgur.com/329jfXt.gif
>>>
>>>
>>>
>>> On 10 Oct 2017 4:29 pm, "PistonMiner" <pistonmi...@gmail.com> wrote:
>>>
>>> The person in 

Re: [Csgo_servers] Custom files exploit

[Stealth Mode]

@Ryan, etc.

I studied radio electronics before IT was a thing. NetSec and ITSec go hand
in hand. My credentials aren't CS, because CS was radio electronics. The
industry hasn't changed, just a little more vulnerable. Not like I am
specifically stating how to inject code, or what code to inject on a public
mailing list. Don't need to. Professionals here know what I am referring
to. I guess the rest do not have the knowledge to understand what the
exploit can actually do. You are aware. That is all that matters. Don't
secure your servers, that is on you. When they get exploited, that is on
you.

Have a nice day! End of discussion. No further communications.

Sincerely,
Christopher "StealthMode" Stephen Larkins
Independent IT Field Engineer
fieldnation.com
workmarket.com
onforce.com
clearancejobs.com


On Tue, Oct 10, 2017 at 12:09 PM, Ryan Bentley <rdp...@gmail.com> wrote:

> My sides at this thread. At first I just rolled my eyes but now I actually
> believe that Stealth Mode is either a troll or delusional. Please stop
> saying "ITSec". Any first year CS student knows what PoC is but you don't?
> Please.
>
> You are embarrassing yourself. Which institution did you get your degree?
> It must be a very old BSc indeed. You talk complete nonsense and have a
> fundamental misunderstanding of basic computer science tenets.
>
> On Tue, Oct 10, 2017 at 4:34 PM, Nomaan Ahmad <n0man@gmail.com> wrote:
>
>> Nice hat there. Stealth might get this one though: https://i.imgur.com/32
>> 9jfXt.gif
>>
>> On 10 Oct 2017 4:29 pm, "PistonMiner" <pistonmi...@gmail.com> wrote:
>>
>>> The person in question should never have written a message about an open
>>> vulnerability into a public mailing list in the first place. Just because
>>> they did doesn't mean that you should ask for PoCs in public mailing lists,
>>> there's a multitude of issues with that.
>>> To make it perfectly clear, I'm not defending this person, I seriously
>>> doubt the seriousness of their statements and a lot of what they're saying
>>> makes no sense at all and looks like trying to maintain an image of
>>> competence while knowing little, but responsible disclosure still applies.
>>> If this person has a vulnerability to report, they should do so with the
>>> information listed at http://www.valvesoftware.com/security/.
>>> And I think I know what I'm talking about seeing as I have two Finder's
>>> Fees. See https://wiki.teamfortress.com/wiki/Finder%27s_Fee and
>>> https://wiki.teamfortress.com/wiki/List_of_Finder%27s_Fee_owners
>>>
>>> On 10.10.2017 17:08, Vaya wrote:
>>>
>>> I think someone needs to ‘stealth mode’ out of this email chain. This is
>>> just noise without a repeatable Test
>>>
>>> Sent from my iPhone
>>>
>>> On 10 Oct 2017, at 16:01, PistonMiner <pistonmi...@gmail.com> wrote:
>>>
>>> If you have a vulnerability to report, don't do it in a public mailing
>>> list. Report it directly to Valve, and no place else. This conversation has
>>> so many problems, but asking for a PoC in a *public* mailing list is
>>> one of them. Look up responsible disclosure. (I should note though, at this
>>> point I am not convinced a vulnerability even exists.)
>>>
>>> --
>>> PistonMiner (Linus S.)
>>>
>>> ___
>>> Csgo_servers mailing list
>>> Csgo_servers@list.valvesoftware.com
>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>>
>>>
>>>
>>> ___
>>> Csgo_servers mailing 
>>> listCsgo_servers@list.valvesoftware.comhttps://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>>
>>>
>>> --
>>> PistonMiner (Linus S.)
>>>
>>>
>>> ___
>>> Csgo_servers mailing list
>>> Csgo_servers@list.valvesoftware.com
>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>>
>>
>> ___
>> Csgo_servers mailing list
>> Csgo_servers@list.valvesoftware.com
>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>
>
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Custom files exploit

[Stealth Mode]

@ Vaya

Indeed.

https://www.google.com/search?num=20=off=1C1GGRV_enUS766US766=hlds+server+exploits=hlds+server+exploits_l=psy-ab.3..33i22i29i30k1.29788.34204.0.34882.26.20.0.0.0.0.428.3202.0j5j1j5j1.12.00...1.1.64.psy-ab..14.12.3195...0j35i39k1j0i67k1j0i22i30k1j0i22i10i30k1j33i160k1j0i8i13i10i30k1.0.5ObNmdqq2dI

https://www.google.com/search?num=20=off=1C1GGRV_enUS766US766=csgo+server+exploits=csgo+server+exploits_l=psy-ab.3...70429.71541.0.71853.5.5.0.0.0.0.192.378.0j2.2.00...1.1.64.psy-ab..3.0.00.HFf4SiZKnLo

And these are the more common exploits. The image/skin exploit isn't widely
known yet. Far as to why I have submitted it to this list, was to let
owners/admins know to disable custom files/skins with the svar for
allowupload, and customfiles. The maturity of some of this lists members is
lacking. So I will be ignoring them, and blocking them in the future.
Possibly will contact Alfred about the harrassment over the legitimate
exploit being being spoken of with other owners/admins.

-StealthMode

On Tue, Oct 10, 2017 at 11:08 AM, Vaya <dsenys...@gmail.com> wrote:

> I think someone needs to ‘stealth mode’ out of this email chain. This is
> just noise without a repeatable Test
>
> Sent from my iPhone
>
> On 10 Oct 2017, at 16:01, PistonMiner <pistonmi...@gmail.com> wrote:
>
> If you have a vulnerability to report, don't do it in a public mailing
> list. Report it directly to Valve, and no place else. This conversation has
> so many problems, but asking for a PoC in a *public* mailing list is one
> of them. Look up responsible disclosure. (I should note though, at this
> point I am not convinced a vulnerability even exists.)
>
> --
> PistonMiner (Linus S.)
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Custom files exploit

[Stealth Mode]

Epi, are you the EPI (Epilogue) from 1.0-1.6? Or someone else? 2 pump
chumps ring a bell? I don't have time tbh to provide anything other than
information. This is a side issue I discovered on my own lan server using a
.gif spray paint image. It can be replicated. Build a graphics file, inject
it with a script to execute a shell window, and display a message,  has
set us up the bomb. Inject into the image file, select as a spray paint.
Spray it on your server, log into your server, look at the shell window.

Have a nice day. Off to work.

-StealthMode

On Tue, Oct 10, 2017 at 10:29 AM, epi <ow...@tf.heybey.org> wrote:

> PoC stands for Proof of Concept. We are asking you to provide proof that
> you are not just pasting random articles on PHP. You have yet to show us
> anything that would trigger any issues in srcds.
>
> On 10/10/2017 10:26 AM, Stealth Mode wrote:
>
>> POC far as I know is always Point Of Contact. Or Professional Overseas
>> Contractor.
>>
>> Unless you are referring to Packet Order Correction in reference to
>> networking. Which yes, even then, does not apply in this situation.
>>
>> -StealthMode
>>
>> On Tue, Oct 10, 2017 at 10:19 AM, Alan Love <mumphs...@gmail.com > mumphs...@gmail.com>> wrote:
>>
>> Did you read how that's actually exploited? It would require another
>> malicious script to parse the exif tag and eval some PHP. How
>> exactly would a similar situation occur on a hosted game server? Do
>> you have a poc? You say this email chain is one but I dont think you
>> quite know what you're talking about.
>>
>> On Oct 10, 2017 9:15 AM, "Stealth Mode" <stealthmode1...@gmail.com
>> <mailto:stealthmode1...@gmail.com>> wrote:
>>
>> This email is fine for a POC. Far as the exploit, for those who
>> arent familiar, this is an example.
>>
>> https://www.trustwave.com/Resources/SpiderLabs-Blog/Hiding-
>> Webshell-Backdoor-Code-in-Image-Files/
>> <https://www.trustwave.com/Resources/SpiderLabs-Blog/Hiding-
>> Webshell-Backdoor-Code-in-Image-Files/>
>>
>> On Tue, Oct 10, 2017 at 5:19 AM, Saint K.
>> <sai...@specialattack.net <mailto:sai...@specialattack.net>>
>> wrote:
>>
>> Do you have a POC?
>>
>>
>> *From: * Stealth Mode <stealthmode1...@gmail.com
>> <mailto:stealthmode1...@gmail.com>>
>> *To: * <csgo_servers@list.valvesoftware.com
>> <mailto:csgo_servers@list.valvesoftware.com>>
>> *Sent: * 10/10/2017 12:44 AM
>> *Subject: * Re: [Csgo_servers] Custom files exploit
>>
>> Yes, IT skills. Electronics skills. And old school
>> knowledge of how to inject image files with malicious
>> code (NetSec/ITSec). This is an older style of
>> "hacking". Remember those warnings about clicking
>> download attachments from the 90s onward? Same thing
>> still applies. Except, there is no detection for any
>> hlds/go server, so an injected image can contaminate a
>> server cache. Which in turn will infect clients. Any
>> image file, any data file really, can be modified like
>> this. Willing to bet good money those $500. go weapon
>> skins have hack code scripted and injected into the image.
>>
>>
>> On Mon, Oct 9, 2017 at 11:59 AM, iNilo
>> <inilo.in...@gmail.com <mailto:inilo.in...@gmail.com>>
>> wrote:
>>
>> Sure,
>>
>> But you have anything to back this up? (don't take
>> it the wrong way)
>>
>> Nilo.
>>
>> 2017-10-09 16:54 GMT+02:00 Stealth Mode
>> <stealthmode1...@gmail.com
>> <mailto:stealthmode1...@gmail.com>>:
>>
>> Headsup admins/owners. Might want to disable
>> custom files till valve addresses this issue
>> brought to their attention a month ago.
>> There is an exploit where any client with minor
>> skill can inject custom files with all types of
>> malicious code. From hacks in weapon skins, to
>> ransomware in custom .bsp, to remo

Re: [Csgo_servers] Custom files exploit

[Stealth Mode]

Actually the parsing involves the operating system and how the os rendering
occurs is dependent upon software, or hardware rendering. Which is
universal. If you know OSI layer, then you know once it is transported, and
in the server cache (memory) it is already executing.

On Tue, Oct 10, 2017 at 10:23 AM, Alan Love <mumphs...@gmail.com> wrote:

> Just because you can upload a file doesn't mean the server will parse it
> in a way that would compromise it. That's not how it works. There's a
> reason why most of your examples are around exploiting php applications.
>
> On Oct 10, 2017 9:20 AM, "Stealth Mode" <stealthmode1...@gmail.com> wrote:
>
>> Another set of examples
>>
>> https://securelist.com/png-embedded-malicious-payload-hidden
>> -in-a-png-file/74297/
>>
>> https://phocean.net/2013/09/29/file-upload-vulnerabilities-
>> appending-php-code-to-an-image.html
>>
>> http://www.hackingarticles.in/5-ways-file-upload-vulnerabili
>> ty-exploitation/
>>
>> https://www.owasp.org/index.php/Server-Side_Includes_(SSI)_Injection
>>
>> Really good book on image file injections...
>>
>> https://books.google.com/books?id=lG_XdxA5LRUC=PA21=
>> PA21=image+file+injection+compromsing+server=bl&
>> ots=E_qdLyJY3C=8BSYFi3AukgoccEcujtnrdeoR4Y=en=X&
>> ved=0ahUKEwiG58epn-bWAhVi_IMKHcaqD5YQ6AEIWTAH#v=onepage&
>> q=image%20file%20injection%20compromsing%20server=false
>>
>> On Tue, Oct 10, 2017 at 5:19 AM, Saint K. <sai...@specialattack.net>
>> wrote:
>>
>>> Do you have a POC?
>>>
>>>
>>> * From: * Stealth Mode <stealthmode1...@gmail.com>
>>> * To: * <csgo_servers@list.valvesoftware.com>
>>> * Sent: * 10/10/2017 12:44 AM
>>> * Subject: * Re: [Csgo_servers] Custom files exploit
>>>
>>> Yes, IT skills. Electronics skills. And old school knowledge of how to
>>> inject image files with malicious code (NetSec/ITSec). This is an older
>>> style of "hacking". Remember those warnings about clicking download
>>> attachments from the 90s onward? Same thing still applies. Except, there is
>>> no detection for any hlds/go server, so an injected image can contaminate a
>>> server cache. Which in turn will infect clients. Any image file, any data
>>> file really, can be modified like this. Willing to bet good money those
>>> $500. go weapon skins have hack code scripted and injected into the image.
>>>
>>>
>>> On Mon, Oct 9, 2017 at 11:59 AM, iNilo <inilo.in...@gmail.com> wrote:
>>>
>>> Sure,
>>>
>>> But you have anything to back this up? (don't take it the wrong way)
>>>
>>> Nilo.
>>>
>>> 2017-10-09 16:54 GMT+02:00 Stealth Mode <stealthmode1...@gmail.com>:
>>>
>>> Headsup admins/owners. Might want to disable custom files till valve
>>> addresses this issue brought to their attention a month ago.
>>> There is an exploit where any client with minor skill can inject custom
>>> files with all types of malicious code. From hacks in weapon skins, to
>>> ransomware in custom .bsp, to remote backdoors in custom spray paints.
>>>
>>> The exploit is injecting code into any image, sound, or data file. You
>>> can take weapon skins (csgo), sound files, spray paint image files, even
>>> .bsp/etc. and inject hack code, or actual ransomware, viruses, or
>>> Trojans/rootkits directly into a server cache, or client cache via the
>>> custom file.
>>>
>>> Might want to disable custom files till valve decides to correct this
>>> issue.
>>>
>>> -StealthMode
>>>
>>> ___
>>> Csgo_servers mailing list
>>> Csgo_servers@list.valvesoftware.com
>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>>
>>>
>>>
>>> ___
>>> Csgo_servers mailing list
>>> Csgo_servers@list.valvesoftware.com
>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>>
>>>
>>>
>>>
>>> ___
>>> Csgo_servers mailing list
>>> Csgo_servers@list.valvesoftware.com
>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>>
>>>
>>> ___
>>> Csgo_servers mailing list
>>> Csgo_servers@list.valvesoftware.com
>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>>
>>
>>
>> ___
>> Csgo_servers mailing list
>> Csgo_servers@list.valvesoftware.com
>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Custom files exploit

[Stealth Mode]

One last example, even references POC for those that wish to read. I have
work to do so I will be unable to reply until later this evening, or
tommorow. Currently working on securing electronics in IT infrastructure
from binary injections below the JTAG/Hardware Protection Layer. Have a
good day.

http://securityaffairs.co/wordpress/36130/hacking/malicious-jpeg-hack-corporate-networks.html

-StealthMode

On Tue, Oct 10, 2017 at 10:19 AM, Alan Love <mumphs...@gmail.com> wrote:

> Did you read how that's actually exploited? It would require another
> malicious script to parse the exif tag and eval some PHP. How exactly would
> a similar situation occur on a hosted game server? Do you have a poc? You
> say this email chain is one but I dont think you quite know what you're
> talking about.
>
> On Oct 10, 2017 9:15 AM, "Stealth Mode" <stealthmode1...@gmail.com> wrote:
>
>> This email is fine for a POC. Far as the exploit, for those who arent
>> familiar, this is an example.
>>
>> https://www.trustwave.com/Resources/SpiderLabs-Blog/Hiding-
>> Webshell-Backdoor-Code-in-Image-Files/
>>
>> On Tue, Oct 10, 2017 at 5:19 AM, Saint K. <sai...@specialattack.net>
>> wrote:
>>
>>> Do you have a POC?
>>>
>>>
>>> * From: * Stealth Mode <stealthmode1...@gmail.com>
>>> * To: * <csgo_servers@list.valvesoftware.com>
>>> * Sent: * 10/10/2017 12:44 AM
>>> * Subject: * Re: [Csgo_servers] Custom files exploit
>>>
>>> Yes, IT skills. Electronics skills. And old school knowledge of how to
>>> inject image files with malicious code (NetSec/ITSec). This is an older
>>> style of "hacking". Remember those warnings about clicking download
>>> attachments from the 90s onward? Same thing still applies. Except, there is
>>> no detection for any hlds/go server, so an injected image can contaminate a
>>> server cache. Which in turn will infect clients. Any image file, any data
>>> file really, can be modified like this. Willing to bet good money those
>>> $500. go weapon skins have hack code scripted and injected into the image.
>>>
>>>
>>> On Mon, Oct 9, 2017 at 11:59 AM, iNilo <inilo.in...@gmail.com> wrote:
>>>
>>> Sure,
>>>
>>> But you have anything to back this up? (don't take it the wrong way)
>>>
>>> Nilo.
>>>
>>> 2017-10-09 16:54 GMT+02:00 Stealth Mode <stealthmode1...@gmail.com>:
>>>
>>> Headsup admins/owners. Might want to disable custom files till valve
>>> addresses this issue brought to their attention a month ago.
>>> There is an exploit where any client with minor skill can inject custom
>>> files with all types of malicious code. From hacks in weapon skins, to
>>> ransomware in custom .bsp, to remote backdoors in custom spray paints.
>>>
>>> The exploit is injecting code into any image, sound, or data file. You
>>> can take weapon skins (csgo), sound files, spray paint image files, even
>>> .bsp/etc. and inject hack code, or actual ransomware, viruses, or
>>> Trojans/rootkits directly into a server cache, or client cache via the
>>> custom file.
>>>
>>> Might want to disable custom files till valve decides to correct this
>>> issue.
>>>
>>> -StealthMode
>>>
>>> ___
>>> Csgo_servers mailing list
>>> Csgo_servers@list.valvesoftware.com
>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>>
>>>
>>>
>>> ___
>>> Csgo_servers mailing list
>>> Csgo_servers@list.valvesoftware.com
>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>>
>>>
>>>
>>>
>>> ___
>>> Csgo_servers mailing list
>>> Csgo_servers@list.valvesoftware.com
>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>>
>>>
>>> ___
>>> Csgo_servers mailing list
>>> Csgo_servers@list.valvesoftware.com
>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>>
>>
>>
>> ___
>> Csgo_servers mailing list
>> Csgo_servers@list.valvesoftware.com
>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Custom files exploit

[Stealth Mode]

POC far as I know is always Point Of Contact. Or Professional Overseas
Contractor.

Unless you are referring to Packet Order Correction in reference to
networking. Which yes, even then, does not apply in this situation.

-StealthMode

On Tue, Oct 10, 2017 at 10:19 AM, Alan Love <mumphs...@gmail.com> wrote:

> Did you read how that's actually exploited? It would require another
> malicious script to parse the exif tag and eval some PHP. How exactly would
> a similar situation occur on a hosted game server? Do you have a poc? You
> say this email chain is one but I dont think you quite know what you're
> talking about.
>
> On Oct 10, 2017 9:15 AM, "Stealth Mode" <stealthmode1...@gmail.com> wrote:
>
>> This email is fine for a POC. Far as the exploit, for those who arent
>> familiar, this is an example.
>>
>> https://www.trustwave.com/Resources/SpiderLabs-Blog/Hiding-
>> Webshell-Backdoor-Code-in-Image-Files/
>>
>> On Tue, Oct 10, 2017 at 5:19 AM, Saint K. <sai...@specialattack.net>
>> wrote:
>>
>>> Do you have a POC?
>>>
>>>
>>> * From: * Stealth Mode <stealthmode1...@gmail.com>
>>> * To: * <csgo_servers@list.valvesoftware.com>
>>> * Sent: * 10/10/2017 12:44 AM
>>> * Subject: * Re: [Csgo_servers] Custom files exploit
>>>
>>> Yes, IT skills. Electronics skills. And old school knowledge of how to
>>> inject image files with malicious code (NetSec/ITSec). This is an older
>>> style of "hacking". Remember those warnings about clicking download
>>> attachments from the 90s onward? Same thing still applies. Except, there is
>>> no detection for any hlds/go server, so an injected image can contaminate a
>>> server cache. Which in turn will infect clients. Any image file, any data
>>> file really, can be modified like this. Willing to bet good money those
>>> $500. go weapon skins have hack code scripted and injected into the image.
>>>
>>>
>>> On Mon, Oct 9, 2017 at 11:59 AM, iNilo <inilo.in...@gmail.com> wrote:
>>>
>>> Sure,
>>>
>>> But you have anything to back this up? (don't take it the wrong way)
>>>
>>> Nilo.
>>>
>>> 2017-10-09 16:54 GMT+02:00 Stealth Mode <stealthmode1...@gmail.com>:
>>>
>>> Headsup admins/owners. Might want to disable custom files till valve
>>> addresses this issue brought to their attention a month ago.
>>> There is an exploit where any client with minor skill can inject custom
>>> files with all types of malicious code. From hacks in weapon skins, to
>>> ransomware in custom .bsp, to remote backdoors in custom spray paints.
>>>
>>> The exploit is injecting code into any image, sound, or data file. You
>>> can take weapon skins (csgo), sound files, spray paint image files, even
>>> .bsp/etc. and inject hack code, or actual ransomware, viruses, or
>>> Trojans/rootkits directly into a server cache, or client cache via the
>>> custom file.
>>>
>>> Might want to disable custom files till valve decides to correct this
>>> issue.
>>>
>>> -StealthMode
>>>
>>> ___
>>> Csgo_servers mailing list
>>> Csgo_servers@list.valvesoftware.com
>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>>
>>>
>>>
>>> ___
>>> Csgo_servers mailing list
>>> Csgo_servers@list.valvesoftware.com
>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>>
>>>
>>>
>>>
>>> ___
>>> Csgo_servers mailing list
>>> Csgo_servers@list.valvesoftware.com
>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>>
>>>
>>> ___
>>> Csgo_servers mailing list
>>> Csgo_servers@list.valvesoftware.com
>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>>
>>
>>
>> ___
>> Csgo_servers mailing list
>> Csgo_servers@list.valvesoftware.com
>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Custom files exploit

[Stealth Mode]

Actually my information is grounded in fact and 100% replicatable if you
know the field. I've listed a few resources to educate yourself. Please
refrain from speaking if you do not have an education in ITSec.

https://books.google.com/books?id=0OlIT9eEEsoC=PA193=PA193=image+file+injection+compromsing+server=bl=vGZbN7Qhsb=3CbPAaU8hPbmqemmMXQ4kZXoI2E=en=X=0ahUKEwiG58epn-bWAhVi_IMKHcaqD5YQ6AEIYDAJ#v=onepage=image%20file%20injection%20compromsing%20server=false

The links I've provided are just a few examples. Anyone can make a custom
image file (weapon skin, or spray paint, or wad in a .bsp) inject code into
it, and use your server, and clients connected to it to launch whatever
code they want. In the links provided, these are image files used to inject
code into web servers once the image is loaded. Meaning, once a spray is
sprayed, or a client uses x weapon skin through GO market. Once sent to
server/client cache, it then executes spraying a benign image, or rendering
a benign looking skin, while behind the scenes it is also executing code.
Now most of these script kiddies probably are just using the images to run
hacks, which yes they can be just that benign. However, more sophisticated
hackers can also use this to compromise entire networks, backbones, etc.

On Mon, Oct 9, 2017 at 8:28 PM, devu4  wrote:

> This is such a pointless thread, no proof and a big headed clueless guy
> coming out with irrelevant crap!
>
>
>
> --
> Sent from: http://csgo-servers.1073505.n5.nabble.com/
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Custom files exploit

[Stealth Mode]

Another set of examples

https://securelist.com/png-embedded-malicious-payload-hidden-in-a-png-file/74297/

https://phocean.net/2013/09/29/file-upload-vulnerabilities-appending-php-code-to-an-image.html

http://www.hackingarticles.in/5-ways-file-upload-vulnerability-exploitation/

https://www.owasp.org/index.php/Server-Side_Includes_(SSI)_Injection

Really good book on image file injections...

https://books.google.com/books?id=lG_XdxA5LRUC=PA21=PA21=image+file+injection+compromsing+server=bl=E_qdLyJY3C=8BSYFi3AukgoccEcujtnrdeoR4Y=en=X=0ahUKEwiG58epn-bWAhVi_IMKHcaqD5YQ6AEIWTAH#v=onepage=image%20file%20injection%20compromsing%20server=false

On Tue, Oct 10, 2017 at 5:19 AM, Saint K. <sai...@specialattack.net> wrote:

> Do you have a POC?
>
>
> * From: * Stealth Mode <stealthmode1...@gmail.com>
> * To: * <csgo_servers@list.valvesoftware.com>
> * Sent: * 10/10/2017 12:44 AM
> * Subject: * Re: [Csgo_servers] Custom files exploit
>
> Yes, IT skills. Electronics skills. And old school knowledge of how to
> inject image files with malicious code (NetSec/ITSec). This is an older
> style of "hacking". Remember those warnings about clicking download
> attachments from the 90s onward? Same thing still applies. Except, there is
> no detection for any hlds/go server, so an injected image can contaminate a
> server cache. Which in turn will infect clients. Any image file, any data
> file really, can be modified like this. Willing to bet good money those
> $500. go weapon skins have hack code scripted and injected into the image.
>
>
> On Mon, Oct 9, 2017 at 11:59 AM, iNilo <inilo.in...@gmail.com> wrote:
>
> Sure,
>
> But you have anything to back this up? (don't take it the wrong way)
>
> Nilo.
>
> 2017-10-09 16:54 GMT+02:00 Stealth Mode <stealthmode1...@gmail.com>:
>
> Headsup admins/owners. Might want to disable custom files till valve
> addresses this issue brought to their attention a month ago.
> There is an exploit where any client with minor skill can inject custom
> files with all types of malicious code. From hacks in weapon skins, to
> ransomware in custom .bsp, to remote backdoors in custom spray paints.
>
> The exploit is injecting code into any image, sound, or data file. You can
> take weapon skins (csgo), sound files, spray paint image files, even
> .bsp/etc. and inject hack code, or actual ransomware, viruses, or
> Trojans/rootkits directly into a server cache, or client cache via the
> custom file.
>
> Might want to disable custom files till valve decides to correct this
> issue.
>
> -StealthMode
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
>
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
>
>
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Custom files exploit

[Stealth Mode]

This email is fine for a POC. Far as the exploit, for those who arent
familiar, this is an example.

https://www.trustwave.com/Resources/SpiderLabs-Blog/Hiding-Webshell-Backdoor-Code-in-Image-Files/

On Tue, Oct 10, 2017 at 5:19 AM, Saint K. <sai...@specialattack.net> wrote:

> Do you have a POC?
>
>
> * From: * Stealth Mode <stealthmode1...@gmail.com>
> * To: * <csgo_servers@list.valvesoftware.com>
> * Sent: * 10/10/2017 12:44 AM
> * Subject: * Re: [Csgo_servers] Custom files exploit
>
> Yes, IT skills. Electronics skills. And old school knowledge of how to
> inject image files with malicious code (NetSec/ITSec). This is an older
> style of "hacking". Remember those warnings about clicking download
> attachments from the 90s onward? Same thing still applies. Except, there is
> no detection for any hlds/go server, so an injected image can contaminate a
> server cache. Which in turn will infect clients. Any image file, any data
> file really, can be modified like this. Willing to bet good money those
> $500. go weapon skins have hack code scripted and injected into the image.
>
>
> On Mon, Oct 9, 2017 at 11:59 AM, iNilo <inilo.in...@gmail.com> wrote:
>
> Sure,
>
> But you have anything to back this up? (don't take it the wrong way)
>
> Nilo.
>
> 2017-10-09 16:54 GMT+02:00 Stealth Mode <stealthmode1...@gmail.com>:
>
> Headsup admins/owners. Might want to disable custom files till valve
> addresses this issue brought to their attention a month ago.
> There is an exploit where any client with minor skill can inject custom
> files with all types of malicious code. From hacks in weapon skins, to
> ransomware in custom .bsp, to remote backdoors in custom spray paints.
>
> The exploit is injecting code into any image, sound, or data file. You can
> take weapon skins (csgo), sound files, spray paint image files, even
> .bsp/etc. and inject hack code, or actual ransomware, viruses, or
> Trojans/rootkits directly into a server cache, or client cache via the
> custom file.
>
> Might want to disable custom files till valve decides to correct this
> issue.
>
> -StealthMode
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
>
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
>
>
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Custom files exploit

[Stealth Mode]

No disrespect intended but you have no idea what you are speaking about.
The custom "texture", whether that be a .BMP, .jpg,.gif,etc. can be
injected with any code you want. This not only can then be selected as a
spray paint (which then transports to the server and is stored in cache
which is redistributed to the clients and then rendered on their screens),
but also as a weapons skin, model skin, or texture stored in a .bsp wad
file.

These files can be manipulated by injection of whatever code you want.
Suggest you research code injections into graphical files. And learn
networking, software, and operating system environments. Then study
NetSec/ITSec. This is an old way to hack computers. And go especially with
its market of weapon skins, and any hl mod with the spray paints, are
especially vulnerable. This isn't even touching on the non encrypted UDP
packet data that also can be injected.

So please research and know the field before speaking opinions not grounded
in education.

-StealthMode

On Oct 9, 2017 19:57, "Francois Dupont" <nickbfi...@gmail.com> wrote:

> PoC||GTFO Chris. I mean despite the fact that clients don't upload
> textures, that you think it is a possible vector for a batch file to be
> executed after simply being put into memory shows how clueless you are. If
> you have anything productive please post, otherwise stop abusing computer
> security vernacular.
>
> -nfbush
>
> On 9 Oct 2017 11:47 p.m., "Stealth Mode" <stealthmode1...@gmail.com>
> wrote:
>
>> Like literally, I could place an autoexec batch script in a spraypaint,
>> or a weapon skin, or any custom file. And once it hits memory (server
>> cache) it will execute whatever is wanted.
>>
>> On Mon, Oct 9, 2017 at 11:59 AM, iNilo <inilo.in...@gmail.com> wrote:
>>
>>> Sure,
>>>
>>> But you have anything to back this up? (don't take it the wrong way)
>>>
>>> Nilo.
>>>
>>> 2017-10-09 16:54 GMT+02:00 Stealth Mode <stealthmode1...@gmail.com>:
>>>
>>>> Headsup admins/owners. Might want to disable custom files till valve
>>>> addresses this issue brought to their attention a month ago.
>>>> There is an exploit where any client with minor skill can inject custom
>>>> files with all types of malicious code. From hacks in weapon skins, to
>>>> ransomware in custom .bsp, to remote backdoors in custom spray paints.
>>>>
>>>> The exploit is injecting code into any image, sound, or data file. You
>>>> can take weapon skins (csgo), sound files, spray paint image files, even
>>>> .bsp/etc. and inject hack code, or actual ransomware, viruses, or
>>>> Trojans/rootkits directly into a server cache, or client cache via the
>>>> custom file.
>>>>
>>>> Might want to disable custom files till valve decides to correct this
>>>> issue.
>>>>
>>>> -StealthMode
>>>>
>>>> ___
>>>> Csgo_servers mailing list
>>>> Csgo_servers@list.valvesoftware.com
>>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>>>
>>>
>>>
>>> ___
>>> Csgo_servers mailing list
>>> Csgo_servers@list.valvesoftware.com
>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>>
>>
>>
>> ___
>> Csgo_servers mailing list
>> Csgo_servers@list.valvesoftware.com
>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Custom files exploit

[Stealth Mode]

Like literally, I could place an autoexec batch script in a spraypaint, or
a weapon skin, or any custom file. And once it hits memory (server cache)
it will execute whatever is wanted.

On Mon, Oct 9, 2017 at 11:59 AM, iNilo <inilo.in...@gmail.com> wrote:

> Sure,
>
> But you have anything to back this up? (don't take it the wrong way)
>
> Nilo.
>
> 2017-10-09 16:54 GMT+02:00 Stealth Mode <stealthmode1...@gmail.com>:
>
>> Headsup admins/owners. Might want to disable custom files till valve
>> addresses this issue brought to their attention a month ago.
>> There is an exploit where any client with minor skill can inject custom
>> files with all types of malicious code. From hacks in weapon skins, to
>> ransomware in custom .bsp, to remote backdoors in custom spray paints.
>>
>> The exploit is injecting code into any image, sound, or data file. You
>> can take weapon skins (csgo), sound files, spray paint image files, even
>> .bsp/etc. and inject hack code, or actual ransomware, viruses, or
>> Trojans/rootkits directly into a server cache, or client cache via the
>> custom file.
>>
>> Might want to disable custom files till valve decides to correct this
>> issue.
>>
>> -StealthMode
>>
>> ___
>> Csgo_servers mailing list
>> Csgo_servers@list.valvesoftware.com
>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>
>
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

Re: [Csgo_servers] Custom files exploit

[Stealth Mode]

Yes, IT skills. Electronics skills. And old school knowledge of how to
inject image files with malicious code (NetSec/ITSec). This is an older
style of "hacking". Remember those warnings about clicking download
attachments from the 90s onward? Same thing still applies. Except, there is
no detection for any hlds/go server, so an injected image can contaminate a
server cache. Which in turn will infect clients. Any image file, any data
file really, can be modified like this. Willing to bet good money those
$500. go weapon skins have hack code scripted and injected into the image.


On Mon, Oct 9, 2017 at 11:59 AM, iNilo <inilo.in...@gmail.com> wrote:

> Sure,
>
> But you have anything to back this up? (don't take it the wrong way)
>
> Nilo.
>
> 2017-10-09 16:54 GMT+02:00 Stealth Mode <stealthmode1...@gmail.com>:
>
>> Headsup admins/owners. Might want to disable custom files till valve
>> addresses this issue brought to their attention a month ago.
>> There is an exploit where any client with minor skill can inject custom
>> files with all types of malicious code. From hacks in weapon skins, to
>> ransomware in custom .bsp, to remote backdoors in custom spray paints.
>>
>> The exploit is injecting code into any image, sound, or data file. You
>> can take weapon skins (csgo), sound files, spray paint image files, even
>> .bsp/etc. and inject hack code, or actual ransomware, viruses, or
>> Trojans/rootkits directly into a server cache, or client cache via the
>> custom file.
>>
>> Might want to disable custom files till valve decides to correct this
>> issue.
>>
>> -StealthMode
>>
>> ___
>> Csgo_servers mailing list
>> Csgo_servers@list.valvesoftware.com
>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>>
>
>
> ___
> Csgo_servers mailing list
> Csgo_servers@list.valvesoftware.com
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
>
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers

[Csgo_servers] Custom files exploit

[Stealth Mode]

Headsup admins/owners. Might want to disable custom files till valve
addresses this issue brought to their attention a month ago.
There is an exploit where any client with minor skill can inject custom
files with all types of malicious code. From hacks in weapon skins, to
ransomware in custom .bsp, to remote backdoors in custom spray paints.

The exploit is injecting code into any image, sound, or data file. You can
take weapon skins (csgo), sound files, spray paint image files, even
.bsp/etc. and inject hack code, or actual ransomware, viruses, or
Trojans/rootkits directly into a server cache, or client cache via the
custom file.

Might want to disable custom files till valve decides to correct this issue.

-StealthMode
___
Csgo_servers mailing list
Csgo_servers@list.valvesoftware.com
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers