Simple google search reveals: http://www.hackforums.net/showthread.php?tid=265369
Image of the application: http://img39.imageshack.us/img39/4663/serenityclient.png They're selling slots at unbeatable prices! All you want trolling for one easy payment of $50 for 5 months of access! Quote from the forums: [quote='hav0k' pid='2565535' dateline='1266110769'] LOL I wanna get 0:0:1 [/quote] - There is an Alfred wanna be already! It's rather disappointing to see this game out for over 5 years, and clients can still freely set their SteamID (Along with HL1, which has been out for well over 10). Along with maliciously attack servers flooding commands, or simple Denial of Service attacks using 5kb/s of bandwidth, but can bring the servers CPU to its knees. What's even worse is Valve not even addressing these as issues, it's completely asinine. COMPLETELY UNRELATED | Personal Experience | Ranting | Speculation: So I was running SRCDS as root (bad, I know). Just before we were about to swap the IP addresses with the DC, someone had formatted the box for us. Since SRCDS was the only program running as root... I can only draw one conclusion. In the end we only lost one L4D and one TF2 server (both of which have not been brought back up since), however if we were not in the process of moving, that could have been catastrophic. Since then there have been multiple extensions have been blacklisted. Why on earth not create a whitelist? I have a white list of good cvars/commands and the rest have cheats set. I honestly cannot understand the reasoning behind not doing this. However, this is just flogging a dead horse to be honest, the exploit is terribly old and first showed itself in 04 when the game was released. It would be nice to have some protection though, instead of relying on numerous extensions/plugins. As always, I've seemed to have taken the topic in another direction. However, all of these exploits are monumental, and can cause catastrophic damage to the server if used maliciously. Just like client plugins, something needs to be done. Kyle. On Sat, Aug 14, 2010 at 2:59 AM, ics <[email protected]> wrote: > Apparently there is some sort of things going on. Found this > http://www.facepunch.com/showthread.php?t=962042 > > Perhaps someone has found a way to make it work on TF2 and other Source > games. Propably some sort of LUA thing again, with clientside plugins. > > -ics > > 14.8.2010 6:12, Kyle Sanderson kirjoitti: > > Alfred is quite the troll, apparently. >> >> In all seriousness though, it isn't difficult at all to change a clients >> SteamID server side. It would not surprise me if this exploit still >> exists, >> I know this still exists in HL1 (as of 2009, that is). Just look at file >> Downloads/Uploads(deletions), they are still an issue to this day. >> >> It's just sad, >> Kyle. >> >> On Fri, Aug 13, 2010 at 8:01 PM, DontWannaName!<[email protected] >> >wrote: >> >> >> >>> VAC Banned says This SC ID does not match any Steam account. >>> >>> On Fri, Aug 13, 2010 at 7:51 PM, ics<[email protected]> wrote: >>> >>> >>> >>>> Heh, steam 0:0:1 belongs to valve folks so either you pranked somehow or >>>> the old trick has resurfaced, which allows somehow player to change the >>>> steamid he uses. This was happening last time around 6 years ago when CS >>>> Source came out. Someone should look into this @ Valve before it >>>> spreads. >>>> >>>> -ics >>>> >>>> 14.8.2010 5:41, Eric Riemers kirjoitti: >>>> >>>> All, >>>> >>>> >>>>> I might not be up to date, but tonight i had a mic spammer. So I kicked >>>>> him, >>>>> came back ofcourse, banned him.. then still came back, then did some >>>>> speedhacks. (we use sourcebans btw) >>>>> >>>>> When I did a "status" in my console to get the steamid it was >>>>> "STEAM_0:0:1" >>>>> thats also the id sourcebans tried to ban him for. He also came back >>>>> >>>>> >>>> with >>> >>> >>>> something like "STEAM_0:1:0", in the end I just banned his ip >>>>> (84.74.29.218) >>>>> >>>>> Seen something familiar like this? >>>>> >>>>> See the stats as example >>>>> http://stats.lethal-zone.eu/hlstats.php?mode=playerinfo&player=486342 >>>>> >>>>> http://stats.lethal-zone.eu/hlstats.php?mode=playerinfo&player=486344 >>>>> >>>>> (trying google with those steam id's didn't actually show up what I >>>>> wanted) >>>>> >>>>> Eric >>>>> >>>>> >>>>> _______________________________________________ >>>>> To unsubscribe, edit your list preferences, or view the list archives, >>>>> please visit: >>>>> http://list.valvesoftware.com/mailman/listinfo/hlds_linux >>>>> >>>>> >>>>> >>>>> >>>> >>>> _______________________________________________ >>>> To unsubscribe, edit your list preferences, or view the list archives, >>>> please visit: >>>> http://list.valvesoftware.com/mailman/listinfo/hlds_linux >>>> >>>> >>>> >>> _______________________________________________ >>> To unsubscribe, edit your list preferences, or view the list archives, >>> please visit: >>> http://list.valvesoftware.com/mailman/listinfo/hlds_linux >>> >>> >>> >> _______________________________________________ >> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >> http://list.valvesoftware.com/mailman/listinfo/hlds_linux >> >> > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
