ITT: People scared of the 'unknown'.
On Mon, May 4, 2009 at 9:51 AM, NiC <[email protected]> wrote: > I'm not offering it. Read my post again. It's a workaround. My patch is > static and doesn't require a plugin, though. Haven't made a linux version > as > there doesn't seem to be any good search and replace patchers that are > multiplatform and I am far too lazy to make one myself. > I bet that you (or anyone in the end) run far more suspicious executables > from the Internet while you are browsing than from mailing lists. > > I'm not used into mailing lists either so hence I'm posting the first time > here. > > Unknownzd already stated what the patcher does. I just patch the first byte > to be 00(hex) of the string itself which prints out the A2C_PRINT command > so > it can not be abused anymore. Though, you won't receive any important > message anymore (if there are any that is) > Don't use it, I just merely showed what I was offering in the irc channel. > > My server has been Dossed with this before I even knew what it was. It > still > hasn't been fixed so I wanted to do something. Now it's done. I hope I just > don't have to regret. I also basically started this drama.. lets hope it > doesn't turn out to be a tragedy. > > Now can we for god's sake wait for valve to reply or something. Flaming me > or anyone wont get this fixed any faster :) > > > 2009/5/4 Bengt Rosenberger <[email protected]> > > > Posting for the first time, talking about using exploits and then > > offering a patch.exe... Yeah, I will totally install it - NOT. > > > > The plugin posted here works and is safe. > > > > Lauri Koivunen schrieb: > > > (first time with mailing lists so if this goes somewhere where it > > shouldn't > > > then just disregard this post) > > > > > > It seems that action was the best technique. > > > My apologies goes towards the 10 servers that I brought down for ~30 > > seconds > > > to make something happen. I hope I didn't cause any major damage. > > > > > > As Unknownzd stated they wouldn't listen to "us" and now if it doesn't > > get > > > "fixed" I don't know what to do. > > > I thought it would be better to just bring down 10 servers instead of > > > releasing the exploit to public. Congratulations for revealing it > here... > > A > > > lot of servers are much safer now. > > > > > > I was rather shocked that my small DoS got so much attention. I > wouldn't > > > even have noticed 30 seconds freeze on my own servers at all. > > > Sorry again to everyone who I harmed, at least now something happened > > > instead of the exploit report staying on some valve employee's mailbox > > doing > > > nothing. > > > > > > Here's a small patch as a temporary fix I was offering for the people > who > > > joined the irc channel: > > > easy-share.com/1905012260/patch.exe > > > For all those suspicious people ( > > > http://www.virustotal.com/analisis/6422efb688fb2321362045b27c9e687d ) > > the > > > file is just a patcher. > > > It just patches one byte in the hex editor which you could easily do in > a > > > hex editor. This is just for the desperate server owners like me > > > _______________________________________________ > > > To unsubscribe, edit your list preferences, or view the list archives, > > please visit: > > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > > > > > > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list archives, > > please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
