theghost
31-01-2008, 10:54 PM
Rcon this needs looked at asap
--------------------------------------------------------------------------------
ok TRL came to me and said that there is a way to take over the Rcon for our server by anyone that knows how to do it. they can hax the console box...take over Rcon and use it to boot people form our own clan or just boot the entire playing members from our servers.
I need someone to contact TRL admin to get the fix for it. This isn't a joke btw. I'll get the contact MSN details and post up her name here. Need someone to look at this and implement the fix they've created to stop people taking over our Rcon on our servers.__________________
a reply:- Hmmm seems very strange that they can hack the game aswell as cybernetics security......But i will speak to her and find some more info
another reply :-We think this might be an exploit of the d/load command, ie reversing it and using the port that allows this to actually take files off the server concerned, like the server.cfg from there you take the passwords and take over the server.
We had one MoHAA server with this vulnerability, we've altered it already, if its not that then we will find out tonight.
We will keep you up to date with developments.
don't want to give names out but just to warn you lot
would done a pm to Scotty but he away at 6 am tomorrow morning going to Dubai lucky twat
so posted on here
--------------------------------------------------------------------------------
ok TRL came to me and said that there is a way to take over the Rcon for our server by anyone that knows how to do it. they can hax the console box...take over Rcon and use it to boot people form our own clan or just boot the entire playing members from our servers.
I need someone to contact TRL admin to get the fix for it. This isn't a joke btw. I'll get the contact MSN details and post up her name here. Need someone to look at this and implement the fix they've created to stop people taking over our Rcon on our servers.__________________
a reply:- Hmmm seems very strange that they can hack the game aswell as cybernetics security......But i will speak to her and find some more info
another reply :-We think this might be an exploit of the d/load command, ie reversing it and using the port that allows this to actually take files off the server concerned, like the server.cfg from there you take the passwords and take over the server.
We had one MoHAA server with this vulnerability, we've altered it already, if its not that then we will find out tonight.
We will keep you up to date with developments.
don't want to give names out but just to warn you lot
would done a pm to Scotty but he away at 6 am tomorrow morning going to Dubai lucky twat
so posted on here