yeah thanks for making this info public :/ my tf2 servers are getting hammered , maybe there could be an invite only list for these sort of topics....
On Tue, Apr 29, 2008 at 4:50 PM, Tony Paloma <[EMAIL PROTECTED]> wrote: > Sick burnnn > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of voogru > Sent: Monday, April 28, 2008 11:41 PM > To: 'Half-Life dedicated Win32 server mailing list' > Subject: Re: [hlds] New server exploit (not nuking) > > Hi Andrius Pirus, > > I am going to call you out on this, the IP address you posted on this > mailing list is mine. > > I went on a rampage of using this exploit on cracked servers, I joined > suspect servers and looked for cracked steamids in the status. > > The only way you could have got my IP address is by running a cracked > server. > > This is a status of what I believe to be your server. > > hostname: GIGN Team Fortress 2 | tf2.gign.lv > version : 1.0.2.3/14 3434 secure > udp/ip : 193.46.236.246:27015 > map : cp_dustbowl at: 0 x, 0 y, 0 z > players : 31 (32 max) > > # userid name uniqueid connected ping loss state > # 14394 "unnamed" STEAM_666:88_666 42:55 335 0 active > # 14230 "RIM" STEAM_666:88_666 4:26:14 196 0 active > # 14420 "HitmanForMoney" STEAM_666:88_666 13:26 72 0 active > # 14347 "JellyBean" STEAM_666:88_666 1:34:25 240 0 active > > Interesting steamids! > > You deny running this server, so I took your username from your email > address and googled it, I found this: > > http://www.btmon.com/uploader/izvrashenj (NOT SAFE FOR WORK) > http://thepiratebay.org/user/izvrashenj/0/7 > > Interesting, someone with that weird name just so happens to pirate TF2. > > And then, your email, just so happens to be [EMAIL PROTECTED], > coincidence? I think not! > > Andrius Pirus is actively pirating our beloved TF2. > > Go fuck yourself. > > - voogru. > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Andrius Pirus > Sent: Tuesday, April 29, 2008 2:24 AM > To: Half-Life dedicated Win32 server mailing list > Subject: Re: [hlds] New server exploit (not nuking) > > no. and i think we shouldnt make offtopic :) > Quoting voogru : Do you run the tf2.gign.lv servers by any chance? > - voogru. > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Andrius > Pirus > Sent: Tuesday, April 29, 2008 2:03 AM > To: Half-Life dedicated Win32 server mailing list > Subject: Re: [hlds] New server exploit (not nuking) > So i think found out the hacker's who sent those bots in my server > ip > and steamid: > from logfile: > "The Spamminator" connected, address "65.13.45.43:50347" > "The Spamminator" STEAM USERID validated > "The Spamminator" joined team "Spectator" > "Bot01" connected, address "0.0.0.0:0" > "Bot01" entered the game > "Bot01" joined team "Blue" > "Bot01" changed role to "engineer" > "Bot01" triggered "builtobject" (object "OBJ_SENTRYGUN") (position > "-3202 2784 -445") > "Bot02" connected, address "0.0.0.0:0" > "Bot02" entered the game > and so on.. while the server became full of bots :( I hope this > could > someone find out the reason of this problem > Quoting "P. Bhandal" : I'd really prefer it if they spent their time > ensuring that the wonder that > is the custom tab is successful rather than patching this security > hole. > Priorities people! > On Mon, Apr 28, 2008 at 10:02 PM, voogru <[EMAIL PROTECTED]> > wrote: > > Well, we still did the right thing. > > > > Whether they give us credit or not, no big deal. > > > > It would be neat though :D > > > > - voogru. > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of Tony > Paloma > > Sent: Tuesday, April 29, 2008 12:54 AM > > To: 'Half-Life dedicated Win32 server mailing list' > > Subject: Re: [hlds] New server exploit (not nuking) > > > > One srcds exploit. I helped. That reminds me, didn't valve say > they'd give > > us a mention in a steam news update thing? > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of > voogru > > Sent: Monday, April 28, 2008 9:41 PM > > To: 'Half-Life dedicated Win32 server mailing list' > > Subject: Re: [hlds] New server exploit (not nuking) > > > > No. > > > > Me first. > > > > I probably found some of the coolest srcds exploits anyway (was > recently > > fixed :D) > > > > - voogru. > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of Tony > Paloma > > Sent: Tuesday, April 29, 2008 12:24 AM > > To: 'Half-Life dedicated Win32 server mailing list' > > Subject: Re: [hlds] New server exploit (not nuking) > > > > Uhm, me first. > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of > Nephyrin Zey > > Sent: Monday, April 28, 2008 9:19 PM > > To: Half-Life dedicated Win32 server mailing list > > Subject: Re: [hlds] New server exploit (not nuking) > > > > Dear Valve: > > > > God damn. > > I just finished my damn iptables rule to fix your broken > packethandling. > > > > In conclusion, give me a job. (please? I'll pretend to like wow > around > > gabe!) > > > > - Neph > > > > On Mon, Apr 28, 2008 at 9:12 PM, Tony Paloma > <[EMAIL PROTECTED]> > > wrote: > > > Found the problem > > > > > > "sv_benchmark_force_start" > > > game > > > - Force start the benchmark. This is only for debugging. > It's better > > to > > set > > > sv_benchmark to 1 and restart the level. > > > > > > Players can run this and make the server start the > benchmark. Real bad > > > mmmmk. > > > > > > > > > -----Original Message----- > > > From: [EMAIL PROTECTED] > > > > > > [mailto:[EMAIL PROTECTED] On Behalf Of > Ian Shaffer > > > Sent: Monday, April 28, 2008 9:06 PM > > > To: Half-Life dedicated Win32 server mailing list > > > > > > > > > Subject: Re: [hlds] New server exploit (not nuking) > > > > > > What map is running? > > > > > > Tony Paloma wrote: > > > > Also, this is what shows up in the logs. No > indication of any RCON > > > commands > > > > being executed. > > > > > > > > ... > > > > L 04/28/2008 - 22:43:54: "Anona > > > mouse<12><STEAM_0:0:4512137><Unassigned>" > > > > joined team "Red" > > > > L 04/28/2008 - 22:43:54: server_cvar: > "mp_teams_unbalance_limit" "0" > > > > L 04/28/2008 - 22:43:54: > "Thomas<2><STEAM_0:1:3471103><Red>" say > > "hmmm" > > > > L 04/28/2008 - 22:43:55: > "Bot01<17><BOT><>" connected, address > > "0.0.0.0:0" > > > > L 04/28/2008 - 22:43:55: > "Bot01<17><BOT><>" entered the game > > > > L 04/28/2008 - 22:43:55: > "Voltaic<6><STEAM_0:0:851288><Blue>" > changed > > role > > > > to "medic" > > > > L 04/28/2008 - 22:43:55: > "Bot01<17><BOT><Unassigned>" joined team > > "Blue" > > > > L 04/28/2008 - 22:43:55: > "Bot01<17><BOT><Blue>" changed role to > > "engineer" > > > > L 04/28/2008 - 22:43:55: > "Bot01<17><BOT><Blue>" triggered > > "builtobject" > > > > (object "OBJ_SENTRYGUN") (position > "-3202 2574 -450") > > > > ... > > > > > > > > Again, another time: > > > > .. > > > > L 04/28/2008 - 22:42:49: server_cvar: > "mp_teams_unbalance_limit" "0" > > > > L 04/28/2008 - 22:42:50: > "Bot01<22><BOT><>" connected, address > > "0.0.0.0:0" > > > > L 04/28/2008 - 22:42:50: > "Bot01<22><BOT><>" entered the game > > > > ... > > > > > > > > -----Original Message----- > > > > From: [EMAIL PROTECTED] > > > > [mailto:[EMAIL PROTECTED] On > Behalf Of Tony Paloma > > > > Sent: Monday, April 28, 2008 8:52 PM > > > > To: 'Half-Life dedicated Win32 server mailing list' > > > > Subject: [hlds] New server exploit (not nuking) > > > > > > > > So my servers are getting this in the console: > > > > > > > > > > > > > > > > Benchmark: 40% complete. > > > > > > > > Benchmark: 43% complete. > > > > > > > > (:: lmao > > > > > > > > Benchmark: 46% complete. > > > > > > > > Benchmark: 49% complete. > > > > > > > > Compressing fragments (552 -> 521 bytes > > > > > > > > Benchmark: 52% complete. > > > > > > > > Compressing fragments (691 -> 667 bytes > > > > > > > > Benchmark: 55% complete. > > > > > > > > > > > > > > > > People are claiming to see bots spawning and crazy > stuff happening > > then > > > > "something to do with balance being turned to 0 > then it crashes." > > > > > > > > > > > > > > > > Another report said, "it said team balance set > to 0 then it crashed." > > > > > > > > > > > > > > > > So I'm thinking either my RCON password was > compromised or a new > > exploit > > > is > > > > going around. I checked real quick and didn't find > anything to > > suggest > > it > > > > was my RCON password getting out. Anyone know what > commands cause > > this > > > > Benchmark thing? > > > > > > > > _______________________________________________ > > > > To unsubscribe, edit your list preferences, or view > the list > > archives, > > > > please visit: > > > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > > > > > > > _______________________________________________ > > > > To unsubscribe, edit your list preferences, or view > the list > > archives, > > > please visit: > > > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > > > > > > > > > _______________________________________________ > > > To unsubscribe, edit your list preferences, or view the > list archives, > > > please visit: > > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > > > > _______________________________________________ > > > To unsubscribe, edit your list preferences, or view the > list archives, > > please visit: > > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list > archives, > > please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list > archives, > > please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list > archives, > > please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list > archives, > > please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list > archives, > > please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list > archives, please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > Links: > ------ > [1] mailto:[EMAIL PROTECTED] > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list > archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list > archives, please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > > > Links: > ------ > [1] mailto:[EMAIL PROTECTED] > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
