yup.. mine are getting hammered also with the benchmark one.. although... thanks to this list and the people on it i have applied the fix from Neph..
Thanks Andrew A wrote: > yeah thanks for making this info public :/ my tf2 servers are getting > hammered , maybe there could be an invite only list for these sort of > topics.... > > On Tue, Apr 29, 2008 at 4:50 PM, Tony Paloma <[EMAIL PROTECTED]> > wrote: > > >> Sick burnnn >> >> -----Original Message----- >> From: [EMAIL PROTECTED] >> [mailto:[EMAIL PROTECTED] On Behalf Of voogru >> Sent: Monday, April 28, 2008 11:41 PM >> To: 'Half-Life dedicated Win32 server mailing list' >> Subject: Re: [hlds] New server exploit (not nuking) >> >> Hi Andrius Pirus, >> >> I am going to call you out on this, the IP address you posted on this >> mailing list is mine. >> >> I went on a rampage of using this exploit on cracked servers, I joined >> suspect servers and looked for cracked steamids in the status. >> >> The only way you could have got my IP address is by running a cracked >> server. >> >> This is a status of what I believe to be your server. >> >> hostname: GIGN Team Fortress 2 | tf2.gign.lv >> version : 1.0.2.3/14 3434 secure >> udp/ip : 193.46.236.246:27015 >> map : cp_dustbowl at: 0 x, 0 y, 0 z >> players : 31 (32 max) >> >> # userid name uniqueid connected ping loss state >> # 14394 "unnamed" STEAM_666:88_666 42:55 335 0 active >> # 14230 "RIM" STEAM_666:88_666 4:26:14 196 0 active >> # 14420 "HitmanForMoney" STEAM_666:88_666 13:26 72 0 active >> # 14347 "JellyBean" STEAM_666:88_666 1:34:25 240 0 active >> >> Interesting steamids! >> >> You deny running this server, so I took your username from your email >> address and googled it, I found this: >> >> http://www.btmon.com/uploader/izvrashenj (NOT SAFE FOR WORK) >> http://thepiratebay.org/user/izvrashenj/0/7 >> >> Interesting, someone with that weird name just so happens to pirate TF2. >> >> And then, your email, just so happens to be [EMAIL PROTECTED], >> coincidence? I think not! >> >> Andrius Pirus is actively pirating our beloved TF2. >> >> Go fuck yourself. >> >> - voogru. >> >> -----Original Message----- >> From: [EMAIL PROTECTED] >> [mailto:[EMAIL PROTECTED] On Behalf Of Andrius Pirus >> Sent: Tuesday, April 29, 2008 2:24 AM >> To: Half-Life dedicated Win32 server mailing list >> Subject: Re: [hlds] New server exploit (not nuking) >> >> no. and i think we shouldnt make offtopic :) >> Quoting voogru : Do you run the tf2.gign.lv servers by any chance? >> - voogru. >> -----Original Message----- >> From: [EMAIL PROTECTED] >> [mailto:[EMAIL PROTECTED] On Behalf Of Andrius >> Pirus >> Sent: Tuesday, April 29, 2008 2:03 AM >> To: Half-Life dedicated Win32 server mailing list >> Subject: Re: [hlds] New server exploit (not nuking) >> So i think found out the hacker's who sent those bots in my server >> ip >> and steamid: >> from logfile: >> "The Spamminator" connected, address "65.13.45.43:50347" >> "The Spamminator" STEAM USERID validated >> "The Spamminator" joined team "Spectator" >> "Bot01" connected, address "0.0.0.0:0" >> "Bot01" entered the game >> "Bot01" joined team "Blue" >> "Bot01" changed role to "engineer" >> "Bot01" triggered "builtobject" (object "OBJ_SENTRYGUN") (position >> "-3202 2784 -445") >> "Bot02" connected, address "0.0.0.0:0" >> "Bot02" entered the game >> and so on.. while the server became full of bots :( I hope this >> could >> someone find out the reason of this problem >> Quoting "P. Bhandal" : I'd really prefer it if they spent their time >> ensuring that the wonder that >> is the custom tab is successful rather than patching this security >> hole. >> Priorities people! >> On Mon, Apr 28, 2008 at 10:02 PM, voogru <[EMAIL PROTECTED]> >> wrote: >> > Well, we still did the right thing. >> > >> > Whether they give us credit or not, no big deal. >> > >> > It would be neat though :D >> > >> > - voogru. >> > >> > -----Original Message----- >> > From: [EMAIL PROTECTED] >> > [mailto:[EMAIL PROTECTED] On Behalf Of Tony >> Paloma >> > Sent: Tuesday, April 29, 2008 12:54 AM >> > To: 'Half-Life dedicated Win32 server mailing list' >> > Subject: Re: [hlds] New server exploit (not nuking) >> > >> > One srcds exploit. I helped. That reminds me, didn't valve say >> they'd give >> > us a mention in a steam news update thing? >> > >> > -----Original Message----- >> > From: [EMAIL PROTECTED] >> > [mailto:[EMAIL PROTECTED] On Behalf Of >> voogru >> > Sent: Monday, April 28, 2008 9:41 PM >> > To: 'Half-Life dedicated Win32 server mailing list' >> > Subject: Re: [hlds] New server exploit (not nuking) >> > >> > No. >> > >> > Me first. >> > >> > I probably found some of the coolest srcds exploits anyway (was >> recently >> > fixed :D) >> > >> > - voogru. >> > >> > -----Original Message----- >> > From: [EMAIL PROTECTED] >> > [mailto:[EMAIL PROTECTED] On Behalf Of Tony >> Paloma >> > Sent: Tuesday, April 29, 2008 12:24 AM >> > To: 'Half-Life dedicated Win32 server mailing list' >> > Subject: Re: [hlds] New server exploit (not nuking) >> > >> > Uhm, me first. >> > >> > -----Original Message----- >> > From: [EMAIL PROTECTED] >> > [mailto:[EMAIL PROTECTED] On Behalf Of >> Nephyrin Zey >> > Sent: Monday, April 28, 2008 9:19 PM >> > To: Half-Life dedicated Win32 server mailing list >> > Subject: Re: [hlds] New server exploit (not nuking) >> > >> > Dear Valve: >> > >> > God damn. >> > I just finished my damn iptables rule to fix your broken >> packethandling. >> > >> > In conclusion, give me a job. (please? I'll pretend to like wow >> around >> > gabe!) >> > >> > - Neph >> > >> > On Mon, Apr 28, 2008 at 9:12 PM, Tony Paloma >> <[EMAIL PROTECTED]> >> > wrote: >> > > Found the problem >> > > >> > > "sv_benchmark_force_start" >> > > game >> > > - Force start the benchmark. This is only for debugging. >> It's better >> > to >> > set >> > > sv_benchmark to 1 and restart the level. >> > > >> > > Players can run this and make the server start the >> benchmark. Real bad >> > > mmmmk. >> > > >> > > >> > > -----Original Message----- >> > > From: [EMAIL PROTECTED] >> > > >> > > [mailto:[EMAIL PROTECTED] On Behalf Of >> Ian Shaffer >> > > Sent: Monday, April 28, 2008 9:06 PM >> > > To: Half-Life dedicated Win32 server mailing list >> > > >> > > >> > > Subject: Re: [hlds] New server exploit (not nuking) >> > > >> > > What map is running? >> > > >> > > Tony Paloma wrote: >> > > > Also, this is what shows up in the logs. No >> indication of any RCON >> > > commands >> > > > being executed. >> > > > >> > > > ... >> > > > L 04/28/2008 - 22:43:54: "Anona >> > >> mouse<12><STEAM_0:0:4512137><Unassigned>" >> > > > joined team "Red" >> > > > L 04/28/2008 - 22:43:54: server_cvar: >> "mp_teams_unbalance_limit" "0" >> > > > L 04/28/2008 - 22:43:54: >> "Thomas<2><STEAM_0:1:3471103><Red>" say >> > "hmmm" >> > > > L 04/28/2008 - 22:43:55: >> "Bot01<17><BOT><>" connected, address >> > "0.0.0.0:0" >> > > > L 04/28/2008 - 22:43:55: >> "Bot01<17><BOT><>" entered the game >> > > > L 04/28/2008 - 22:43:55: >> "Voltaic<6><STEAM_0:0:851288><Blue>" >> changed >> > role >> > > > to "medic" >> > > > L 04/28/2008 - 22:43:55: >> "Bot01<17><BOT><Unassigned>" joined team >> > "Blue" >> > > > L 04/28/2008 - 22:43:55: >> "Bot01<17><BOT><Blue>" changed role to >> > "engineer" >> > > > L 04/28/2008 - 22:43:55: >> "Bot01<17><BOT><Blue>" triggered >> > "builtobject" >> > > > (object "OBJ_SENTRYGUN") (position >> "-3202 2574 -450") >> > > > ... >> > > > >> > > > Again, another time: >> > > > .. >> > > > L 04/28/2008 - 22:42:49: server_cvar: >> "mp_teams_unbalance_limit" "0" >> > > > L 04/28/2008 - 22:42:50: >> "Bot01<22><BOT><>" connected, address >> > "0.0.0.0:0" >> > > > L 04/28/2008 - 22:42:50: >> "Bot01<22><BOT><>" entered the game >> > > > ... >> > > > >> > > > -----Original Message----- >> > > > From: [EMAIL PROTECTED] >> > > > [mailto:[EMAIL PROTECTED] On >> Behalf Of Tony Paloma >> > > > Sent: Monday, April 28, 2008 8:52 PM >> > > > To: 'Half-Life dedicated Win32 server mailing list' >> > > > Subject: [hlds] New server exploit (not nuking) >> > > > >> > > > So my servers are getting this in the console: >> > > > >> > > > >> > > > >> > > > Benchmark: 40% complete. >> > > > >> > > > Benchmark: 43% complete. >> > > > >> > > > (:: lmao >> > > > >> > > > Benchmark: 46% complete. >> > > > >> > > > Benchmark: 49% complete. >> > > > >> > > > Compressing fragments (552 -> 521 bytes >> > > > >> > > > Benchmark: 52% complete. >> > > > >> > > > Compressing fragments (691 -> 667 bytes >> > > > >> > > > Benchmark: 55% complete. >> > > > >> > > > >> > > > >> > > > People are claiming to see bots spawning and crazy >> stuff happening >> > then >> > > > "something to do with balance being turned to 0 >> then it crashes." >> > > > >> > > > >> > > > >> > > > Another report said, "it said team balance set >> to 0 then it crashed." >> > > > >> > > > >> > > > >> > > > So I'm thinking either my RCON password was >> compromised or a new >> > exploit >> > > is >> > > > going around. I checked real quick and didn't find >> anything to >> > suggest >> > it >> > > > was my RCON password getting out. Anyone know what >> commands cause >> > this >> > > > Benchmark thing? >> > > > >> > > > _______________________________________________ >> > > > To unsubscribe, edit your list preferences, or view >> the list >> > archives, >> > > > please visit: >> > > > http://list.valvesoftware.com/mailman/listinfo/hlds >> > > > >> > > > >> > > > _______________________________________________ >> > > > To unsubscribe, edit your list preferences, or view >> the list >> > archives, >> > > please visit: >> > > > http://list.valvesoftware.com/mailman/listinfo/hlds >> > > > >> > > > >> > > >> > > _______________________________________________ >> > > To unsubscribe, edit your list preferences, or view the >> list archives, >> > > please visit: >> > > http://list.valvesoftware.com/mailman/listinfo/hlds >> > > >> > > >> > > _______________________________________________ >> > > To unsubscribe, edit your list preferences, or view the >> list archives, >> > please visit: >> > > http://list.valvesoftware.com/mailman/listinfo/hlds >> > > >> > >> > _______________________________________________ >> > To unsubscribe, edit your list preferences, or view the list >> archives, >> > please visit: >> > http://list.valvesoftware.com/mailman/listinfo/hlds >> > >> > >> > _______________________________________________ >> > To unsubscribe, edit your list preferences, or view the list >> archives, >> > please visit: >> > http://list.valvesoftware.com/mailman/listinfo/hlds >> > >> > >> > _______________________________________________ >> > To unsubscribe, edit your list preferences, or view the list >> archives, >> > please visit: >> > http://list.valvesoftware.com/mailman/listinfo/hlds >> > >> > >> > _______________________________________________ >> > To unsubscribe, edit your list preferences, or view the list >> archives, >> > please visit: >> > http://list.valvesoftware.com/mailman/listinfo/hlds >> > >> > >> > _______________________________________________ >> > To unsubscribe, edit your list preferences, or view the list >> archives, >> > please visit: >> > http://list.valvesoftware.com/mailman/listinfo/hlds >> > >> _______________________________________________ >> To unsubscribe, edit your list preferences, or view the list >> archives, please visit: >> http://list.valvesoftware.com/mailman/listinfo/hlds >> Links: >> ------ >> [1] mailto:[EMAIL PROTECTED] >> _______________________________________________ >> To unsubscribe, edit your list preferences, or view the list >> archives, >> please visit: >> http://list.valvesoftware.com/mailman/listinfo/hlds >> _______________________________________________ >> To unsubscribe, edit your list preferences, or view the list >> archives, please visit: >> http://list.valvesoftware.com/mailman/listinfo/hlds >> >> >> Links: >> ------ >> [1] mailto:[EMAIL PROTECTED] >> _______________________________________________ >> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >> http://list.valvesoftware.com/mailman/listinfo/hlds >> >> >> _______________________________________________ >> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >> http://list.valvesoftware.com/mailman/listinfo/hlds >> >> >> _______________________________________________ >> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >> http://list.valvesoftware.com/mailman/listinfo/hlds >> >> > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
