[hlds_linux] Re: dlfile exploit fix for 3110 (maybe 3111 but not tested.
* unabashed bump * I was hoping someone else still has these files and I guess everybody else hoped for exactly the same thing. While waiting for more news about TF2 would you mind running a quick ... find ~ -name '*dlfile*' ...? Thanks a lot! Gebi -Ursprüngliche Nachricht- Von: Half-Life dedicated Linux server mailing list hlds_linux@list.valvesoftware.com Gesendet: 21.04.08 02:09:07 An: hlds_linux@list.valvesoftware.com Betreff: [hlds_linux] Re: dlfile exploit fix for 3110(maybe 3111 but not tested. No big surprise that after over four years the link below is dead, huh? Does anyone still have the file dlfile-boffix_1.3.zip (or the contents) in some dark and dusty corner of their hard drive? I'd appreciate if you could make it available, thanks! Gebi scottl at pacbell.net wrote: http://site.3dwire.net/code/dlfile-boffix_1.3.zip This is a updated fix, FEEDBACK! Finally got some time to get some more done on it, lemme know how it worx. includes: dlfile-boffix.c - source of boffix + dlfile fix. dlfile_single.c - Standalone source for just dlfile fix. Readme.txt - Readme... dlfile.txt - List of files to block.. dlfile-boffix_i386.so - dlfile-boffix.c(compiled.) (boffix dlfile fix). I tested this alot, but I am sure I missed something :). Find a way around it or any bugs with it, it would be good to know ;). Enjoy, hopefully this will handle what needs to be done. And I haven't been watching these list/updates from valve, so if there is a fix from valve from 3.1.1.x servers, just ignore this. ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
[hlds_linux] Re: dlfile exploit fix for 3110 (maybe 3111 but not tested.
No big surprise that after over four years the link below is dead, huh? Does anyone still have the file dlfile-boffix_1.3.zip (or the contents) in some dark and dusty corner of their hard drive? I'd appreciate if you could make it available, thanks! Gebi scottl at pacbell.net wrote: http://site.3dwire.net/code/dlfile-boffix_1.3.zip This is a updated fix, FEEDBACK! Finally got some time to get some more done on it, lemme know how it worx. includes: dlfile-boffix.c - source of boffix + dlfile fix. dlfile_single.c - Standalone source for just dlfile fix. Readme.txt - Readme... dlfile.txt - List of files to block.. dlfile-boffix_i386.so - dlfile-boffix.c(compiled.) (boffix dlfile fix). I tested this alot, but I am sure I missed something :). Find a way around it or any bugs with it, it would be good to know ;). Enjoy, hopefully this will handle what needs to be done. And I haven't been watching these list/updates from valve, so if there is a fix from valve from 3.1.1.x servers, just ignore this. ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
RE: [hlds_linux] Re: dlfile exploit fix for 3110(maybe 3111 but not tested.
Anything new about the exploit fix? And can someone provide me a working link of boffix, cause that host seems to be down -- http://3dwire.net/~scott/boffix_dlfile_fix_v21.zip Ty Rouven -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Peter Holcroft Sent: Thursday, December 11, 2003 4:54 AM To: [EMAIL PROTECTED] Subject: RE: [hlds_linux] Re: dlfile exploit fix for 3110(maybe 3111 but not tested. Its because clients need to download the VAC dll, and dlls are blocked. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Scott Loyd Sent: 11 December 2003 03:15 To: [EMAIL PROTECTED] Subject: Re: [hlds_linux] Re: dlfile exploit fix for 3110(maybe 3111 but not tested. Eeek, not sure on that one, perhaps someone else with more experience using boffix can post, I have only tested on a NS server(where there is no vac currently), so that might be an issue :(. --- Muldy [EMAIL PROTECTED] wrote: Every time i load boffix the server starts in insecure mod(no VAC) Is there a way of still keeping VAC on ? Scott Loyd wrote: umm, Well I thaught I originally said it but for future versions I guess I will put a readme in there :) put this into your hlds_l dir(where engine_i386.so is); and in your hlds_run start script put @ line 2 export LD_PRELOAD=./boffix_i386.so as for future versions, I was thinking making it do dlfile looser.cfg;+exploit or for the spelling guy: dlfile loser.cfg;+exploit :) Then I guess you can just do a AMX/AM Script or MM pluggy that(+exploit) catches that and deals with him. --- m0gely [EMAIL PROTECTED] wrote: FatDaddy wrote: Are you trying to run this as a metamod plugin? It is in concert with hlds_run. If you follow the readme it calls for the boffix binary to be loaded on hlds_run. A readme in these files?: http://3dwire.net/~scott/boffix_dlfile_fix_v21.zip http://3dwire.net/~scott/boffix-dlfile_fix.zip What readme? Yes I was trying to run it in metamod. There are two files in either zip: -- boffix.c boffix_i386.so And the comments in the .c file don't tell how to run it as far as I can tell. /* * hlds 3.1.1.0 patch against * * buffer-overflow vulnerability in info-string handling * and * wrong handling of malformed connection request to non-won servers * * by Virtual Master * gcc -Wall -fpic boffix.c -shared -Wl,-soname,boffix.so -lc -o boffix_i386.so */ -- - m0gely http://quake2.telestream.com/ Q2 | Q3A | Counter-strike ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Re: dlfile exploit fix for 3110(maybe 3111 but not tested.
Every time i load boffix the server starts in insecure mod(no VAC) Is there a way of still keeping VAC on ? Scott Loyd wrote: umm, Well I thaught I originally said it but for future versions I guess I will put a readme in there :) put this into your hlds_l dir(where engine_i386.so is); and in your hlds_run start script put @ line 2 export LD_PRELOAD=./boffix_i386.so as for future versions, I was thinking making it do dlfile looser.cfg;+exploit or for the spelling guy: dlfile loser.cfg;+exploit :) Then I guess you can just do a AMX/AM Script or MM pluggy that(+exploit) catches that and deals with him. --- m0gely [EMAIL PROTECTED] wrote: FatDaddy wrote: Are you trying to run this as a metamod plugin? It is in concert with hlds_run. If you follow the readme it calls for the boffix binary to be loaded on hlds_run. A readme in these files?: http://3dwire.net/~scott/boffix_dlfile_fix_v21.zip http://3dwire.net/~scott/boffix-dlfile_fix.zip What readme? Yes I was trying to run it in metamod. There are two files in either zip: -- boffix.c boffix_i386.so And the comments in the .c file don't tell how to run it as far as I can tell. /* * hlds 3.1.1.0 patch against * * buffer-overflow vulnerability in info-string handling * and * wrong handling of malformed connection request to non-won servers * * by Virtual Master * gcc -Wall -fpic boffix.c -shared -Wl,-soname,boffix.so -lc -o boffix_i386.so */ -- - m0gely http://quake2.telestream.com/ Q2 | Q3A | Counter-strike ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Re: dlfile exploit fix for 3110(maybe 3111 but not tested.
On Tue, 2003-12-09 at 07:27, Arie M wrote: Someone attempted to use the dlfile EXPLOIT!! Warning: Unable to open looser.cfg for transfer L 12/09/2003 - 13:24:08: Need Klan Super Ki||er54372306 connected, address - Someone attempted to use the dlfile EXPLOIT!! Warning: Unable to open looser.cfg for transfer L 12/09/2003 - 13:24:20: gvd63182650 connected, address -:27005 Someone attempted to use the dlfile EXPLOIT!! Warning: Unable to open looser.cfg for transfer And no they didn't all try to exploit my server. Well you have to figure there is/are legit files their clients might be trying to download. I think the patch should be reworked to show the name of the file they are trying to get so we can diagnose these problems and figure out what is legit. -sb ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Re: dlfile exploit fix for 3110(maybe 3111 but not tested.
Stan Bubrouski wrote: On Tue, 2003-12-09 at 07:27, Arie M wrote: Someone attempted to use the dlfile EXPLOIT!! Warning: Unable to open looser.cfg for transfer L 12/09/2003 - 13:24:08: Need Klan Super Ki||er54372306 connected, address - Someone attempted to use the dlfile EXPLOIT!! Warning: Unable to open looser.cfg for transfer L 12/09/2003 - 13:24:20: gvd63182650 connected, address -:27005 Someone attempted to use the dlfile EXPLOIT!! Warning: Unable to open looser.cfg for transfer And no they didn't all try to exploit my server. Well you have to figure there is/are legit files their clients might be trying to download. I think the patch should be reworked to show the name of the file they are trying to get so we can diagnose these problems and figure out what is legit. Yes and log it so we can ban them. :) [BOFFIX-DL] Playername112345 Attempted to dlfile server.cfg [BOFFIX-DL] Playername112345 Attempted to dlfile addons/amx/users.ini -- - m0gely http://quake2.telestream.com/ Q2 | Q3A | Counter-strike ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux