Security by obscurity is never a good idea. Thanks for posting, and thanks to Tony for the quick fix :)
On Mon, May 4, 2009 at 04:54, Saul Rennison <[email protected]> wrote: > You reported that weeks ago. Who gives a shit if we're posting it in > the wild? There's a fix already and Valve just need to hurry the fuck > up and patch it. > > Sent from my iPhone > > On 4 May 2009, at 02:17, "Unknown | zD." <[email protected]> wrote: > > > Can you guys just stop saying / posting the exploit / command / packet > > capture in the wild? coz I have reported the issue to valve already > > and they have replied to me by saying this ........ > > 3 « MESSAGE BY DWIGHT ON TUE, 28TH APR 2009 3:24 PM » > > Hello, > > Thank you very much for bringing this to our attention. Your comments > > will be passed along accordingly. It is much appreciated. > > > > And make sure that you have done any one of the following thing before > > its get fixed ....... > > - Disable the beep sound driver (beep.sys) by delete it or disable it > > via devmgmt.msc when showing the hidden devices and non-PnP drivers > > - Start the server in GUI mode only > > In addition, you are always able to trace the hacker / DoSer by > > starting the server with -dev parameter. And yes, this command means > > "Any to Client printing" according to proto_oob.h > > ( > http://72.14.235.132/search?rlz=1C1GGLS_zh-TWHK324HK324&sourceid=chrome&ie=UTF-8&q=cache:http://www.inxbus.net/hldoc/d4/df7/proto__oob_8h-source.html > > ) > > and I guess valve is using this command for maintenance / backup usage > > when the normal encrypted protocol from the steam server does not > > work. So just clam down and stop asking about that .... I guess valve > > will have to fix it soon otherwise I will just make the exploit in > > public ..... I have asked for them to fix the problem alraedy. > > In addition, you are able to fix the problem by yourself too if you > > are able to modify the engine.dll .... search the following string in > > the engine.dll and patch it by replacing NULL character to the whole > > string or at least to the last %s. > > A2C_PRINT from %s : %s > > > > And ya, cs.rin.ru will not do any harmful thing on your machine if you > > don't piss off them ..... all they do is just printing some lulz > > strings atm .... but if they really want to DoS your server ..... they > > can replace the string by using some harmful characters ..... so just > > stop and clam down about that ..... otherwise I guess just more server > > operators will get in trouble soon as you guys have given out the > > command / exploit directly. > > > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list > > archives, please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > -- -dave foster _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
