2008/4/29 Andrew A <[EMAIL PROTECTED]>: > yeah thanks for making this info public :/ my tf2 servers are getting > hammered , maybe there could be an invite only list for these sort of > topics.... > > On Tue, Apr 29, 2008 at 4:50 PM, Tony Paloma <[EMAIL PROTECTED]> > > > wrote: > > > Sick burnnn > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of voogru > > Sent: Monday, April 28, 2008 11:41 PM > > To: 'Half-Life dedicated Win32 server mailing list' > > Subject: Re: [hlds] New server exploit (not nuking) > > > > Hi Andrius Pirus, > > > > I am going to call you out on this, the IP address you posted on this > > mailing list is mine. > > > > I went on a rampage of using this exploit on cracked servers, I joined > > suspect servers and looked for cracked steamids in the status. > > > > The only way you could have got my IP address is by running a cracked > > server. > > > > This is a status of what I believe to be your server. > > > > hostname: GIGN Team Fortress 2 | tf2.gign.lv > > version : 1.0.2.3/14 3434 secure > > udp/ip : 193.46.236.246:27015 > > map : cp_dustbowl at: 0 x, 0 y, 0 z > > players : 31 (32 max) > > > > # userid name uniqueid connected ping loss state > > # 14394 "unnamed" STEAM_666:88_666 42:55 335 0 active > > # 14230 "RIM" STEAM_666:88_666 4:26:14 196 0 active > > # 14420 "HitmanForMoney" STEAM_666:88_666 13:26 72 0 active > > # 14347 "JellyBean" STEAM_666:88_666 1:34:25 240 0 active > > > > Interesting steamids! > > > > You deny running this server, so I took your username from your email > > address and googled it, I found this: > > > > http://www.btmon.com/uploader/izvrashenj (NOT SAFE FOR WORK) > > http://thepiratebay.org/user/izvrashenj/0/7 > > > > Interesting, someone with that weird name just so happens to pirate TF2. > > > > And then, your email, just so happens to be [EMAIL PROTECTED], > > coincidence? I think not! > > > > Andrius Pirus is actively pirating our beloved TF2. > > > > Go fuck yourself. > > > > - voogru. > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of Andrius Pirus > > Sent: Tuesday, April 29, 2008 2:24 AM > > To: Half-Life dedicated Win32 server mailing list > > Subject: Re: [hlds] New server exploit (not nuking) > > > > no. and i think we shouldnt make offtopic :) > > Quoting voogru : Do you run the tf2.gign.lv servers by any chance? > > - voogru. > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of Andrius > > Pirus > > Sent: Tuesday, April 29, 2008 2:03 AM > > To: Half-Life dedicated Win32 server mailing list > > Subject: Re: [hlds] New server exploit (not nuking) > > So i think found out the hacker's who sent those bots in my server > > ip > > and steamid: > > from logfile: > > "The Spamminator" connected, address "65.13.45.43:50347" > > "The Spamminator" STEAM USERID validated > > "The Spamminator" joined team "Spectator" > > "Bot01" connected, address "0.0.0.0:0" > > "Bot01" entered the game > > "Bot01" joined team "Blue" > > "Bot01" changed role to "engineer" > > "Bot01" triggered "builtobject" (object "OBJ_SENTRYGUN") (position > > "-3202 2784 -445") > > "Bot02" connected, address "0.0.0.0:0" > > "Bot02" entered the game > > and so on.. while the server became full of bots :( I hope this > > could > > someone find out the reason of this problem > > Quoting "P. Bhandal" : I'd really prefer it if they spent their time > > ensuring that the wonder that > > is the custom tab is successful rather than patching this security > > hole. > > Priorities people! > > On Mon, Apr 28, 2008 at 10:02 PM, voogru <[EMAIL PROTECTED]> > > wrote: > > > Well, we still did the right thing. > > > > > > Whether they give us credit or not, no big deal. > > > > > > It would be neat though :D > > > > > > - voogru. > > > > > > -----Original Message----- > > > From: [EMAIL PROTECTED] > > > [mailto:[EMAIL PROTECTED] On Behalf Of Tony > > Paloma > > > Sent: Tuesday, April 29, 2008 12:54 AM > > > To: 'Half-Life dedicated Win32 server mailing list' > > > Subject: Re: [hlds] New server exploit (not nuking) > > > > > > One srcds exploit. I helped. That reminds me, didn't valve say > > they'd give > > > us a mention in a steam news update thing? > > > > > > -----Original Message----- > > > From: [EMAIL PROTECTED] > > > [mailto:[EMAIL PROTECTED] On Behalf Of > > voogru > > > Sent: Monday, April 28, 2008 9:41 PM > > > To: 'Half-Life dedicated Win32 server mailing list' > > > Subject: Re: [hlds] New server exploit (not nuking) > > > > > > No. > > > > > > Me first. > > > > > > I probably found some of the coolest srcds exploits anyway (was > > recently > > > fixed :D) > > > > > > - voogru. > > > > > > -----Original Message----- > > > From: [EMAIL PROTECTED] > > > [mailto:[EMAIL PROTECTED] On Behalf Of Tony > > Paloma > > > Sent: Tuesday, April 29, 2008 12:24 AM > > > To: 'Half-Life dedicated Win32 server mailing list' > > > Subject: Re: [hlds] New server exploit (not nuking) > > > > > > Uhm, me first. > > > > > > -----Original Message----- > > > From: [EMAIL PROTECTED] > > > [mailto:[EMAIL PROTECTED] On Behalf Of > > Nephyrin Zey > > > Sent: Monday, April 28, 2008 9:19 PM > > > To: Half-Life dedicated Win32 server mailing list > > > Subject: Re: [hlds] New server exploit (not nuking) > > > > > > Dear Valve: > > > > > > God damn. > > > I just finished my damn iptables rule to fix your broken > > packethandling. > > > > > > In conclusion, give me a job. (please? I'll pretend to like wow > > around > > > gabe!) > > > > > > - Neph > > > > > > On Mon, Apr 28, 2008 at 9:12 PM, Tony Paloma > > <[EMAIL PROTECTED]> > > > wrote: > > > > Found the problem > > > > > > > > "sv_benchmark_force_start" > > > > game > > > > - Force start the benchmark. This is only for debugging. > > It's better > > > to > > > set > > > > sv_benchmark to 1 and restart the level. > > > > > > > > Players can run this and make the server start the > > benchmark. Real bad > > > > mmmmk. > > > > > > > > > > > > -----Original Message----- > > > > From: [EMAIL PROTECTED] > > > > > > > > [mailto:[EMAIL PROTECTED] On Behalf Of > > Ian Shaffer > > > > Sent: Monday, April 28, 2008 9:06 PM > > > > To: Half-Life dedicated Win32 server mailing list > > > > > > > > > > > > Subject: Re: [hlds] New server exploit (not nuking) > > > > > > > > What map is running? > > > > > > > > Tony Paloma wrote: > > > > > Also, this is what shows up in the logs. No > > indication of any RCON > > > > commands > > > > > being executed. > > > > > > > > > > ... > > > > > L 04/28/2008 - 22:43:54: "Anona > > > > > mouse<12><STEAM_0:0:4512137><Unassigned>" > > > > > joined team "Red" > > > > > L 04/28/2008 - 22:43:54: server_cvar: > > "mp_teams_unbalance_limit" "0" > > > > > L 04/28/2008 - 22:43:54: > > "Thomas<2><STEAM_0:1:3471103><Red>" say > > > "hmmm" > > > > > L 04/28/2008 - 22:43:55: > > "Bot01<17><BOT><>" connected, address > > > "0.0.0.0:0" > > > > > L 04/28/2008 - 22:43:55: > > "Bot01<17><BOT><>" entered the game > > > > > L 04/28/2008 - 22:43:55: > > "Voltaic<6><STEAM_0:0:851288><Blue>" > > changed > > > role > > > > > to "medic" > > > > > L 04/28/2008 - 22:43:55: > > "Bot01<17><BOT><Unassigned>" joined team > > > "Blue" > > > > > L 04/28/2008 - 22:43:55: > > "Bot01<17><BOT><Blue>" changed role to > > > "engineer" > > > > > L 04/28/2008 - 22:43:55: > > "Bot01<17><BOT><Blue>" triggered > > > "builtobject" > > > > > (object "OBJ_SENTRYGUN") (position > > "-3202 2574 -450") > > > > > ... > > > > > > > > > > Again, another time: > > > > > .. > > > > > L 04/28/2008 - 22:42:49: server_cvar: > > "mp_teams_unbalance_limit" "0" > > > > > L 04/28/2008 - 22:42:50: > > "Bot01<22><BOT><>" connected, address > > > "0.0.0.0:0" > > > > > L 04/28/2008 - 22:42:50: > > "Bot01<22><BOT><>" entered the game > > > > > ... > > > > > > > > > > -----Original Message----- > > > > > From: [EMAIL PROTECTED] > > > > > [mailto:[EMAIL PROTECTED] On > > Behalf Of Tony Paloma > > > > > Sent: Monday, April 28, 2008 8:52 PM > > > > > To: 'Half-Life dedicated Win32 server mailing list' > > > > > Subject: [hlds] New server exploit (not nuking) > > > > > > > > > > So my servers are getting this in the console: > > > > > > > > > > > > > > > > > > > > Benchmark: 40% complete. > > > > > > > > > > Benchmark: 43% complete. > > > > > > > > > > (:: lmao > > > > > > > > > > Benchmark: 46% complete. > > > > > > > > > > Benchmark: 49% complete. > > > > > > > > > > Compressing fragments (552 -> 521 bytes > > > > > > > > > > Benchmark: 52% complete. > > > > > > > > > > Compressing fragments (691 -> 667 bytes > > > > > > > > > > Benchmark: 55% complete. > > > > > > > > > > > > > > > > > > > > People are claiming to see bots spawning and crazy > > stuff happening > > > then > > > > > "something to do with balance being turned to 0 > > then it crashes." > > > > > > > > > > > > > > > > > > > > Another report said, "it said team balance set > > to 0 then it crashed." > > > > > > > > > > > > > > > > > > > > So I'm thinking either my RCON password was > > compromised or a new > > > exploit > > > > is > > > > > going around. I checked real quick and didn't find > > anything to > > > suggest > > > it > > > > > was my RCON password getting out. Anyone know what > > commands cause > > > this > > > > > Benchmark thing? > > > > > > > > > > _______________________________________________ > > > > > To unsubscribe, edit your list preferences, or view > > the list > > > archives, > > > > > please visit: > > > > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > > > > > > > > > > _______________________________________________ > > > > > To unsubscribe, edit your list preferences, or view > > the list > > > archives, > > > > please visit: > > > > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > > > > > > > > > > > > > _______________________________________________ > > > > To unsubscribe, edit your list preferences, or view the > > list archives, > > > > please visit: > > > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > > > > > > > _______________________________________________ > > > > To unsubscribe, edit your list preferences, or view the > > list archives, > > > please visit: > > > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > > > > > _______________________________________________ > > > To unsubscribe, edit your list preferences, or view the list > > archives, > > > please visit: > > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > > > > _______________________________________________ > > > To unsubscribe, edit your list preferences, or view the list > > archives, > > > please visit: > > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > > > > _______________________________________________ > > > To unsubscribe, edit your list preferences, or view the list > > archives, > > > please visit: > > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > > > > _______________________________________________ > > > To unsubscribe, edit your list preferences, or view the list > > archives, > > > please visit: > > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > > > > _______________________________________________ > > > To unsubscribe, edit your list preferences, or view the list > > archives, > > > please visit: > > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list > > archives, please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds > > Links: > > ------ > > [1] mailto:[EMAIL PROTECTED] > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list > > archives, > > please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list > > archives, please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > Links: > > ------ > > [1] mailto:[EMAIL PROTECTED] > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list archives, > > please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list archives, > > please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list archives, > > please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds >
The bad guys already knew it, so I think it should be public. And you already get a workaround for this sechole. Tyrael _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
