Server HACKER!!! RCON STEALER

JackAv · **Joined:** 09.27.09 **Posts:** 80

Hallo Leute.
Seit ein paar tagen werden meine Server regelmäßig gehackt.
Es heist immer in so ner vote:

Code:

map x rconpassword eatmynade

Und dann ist können die alles auf meinen server machen.
Dann geht nichtmal mehr B3.
Angeblich ist das irgendso eiin Bug in der Q3 energie.Gibts da ne alternative methode ohne mapvote zu deaktivieren?
Ich hoff ihr könnt mir helfen. Das dumme ist uc seh im Log nichtmal wer das war.
HAb jetzt meine Server heruntergefahren.

Rylius · **Joined:** 01.24.09 **Posts:** 312 **Location:** Germany

Quote:

Important Security Update

This is a very important security update. About 2 months ago we released a security fix for the Vote System expoilt that allowed people to steal control of your servers. Up until now the damage has been minimal, however, there are now people activly using this method in Europe and in which case most likely to spread almost everywhere!

It is very important that all server admins use the new server binary. At the moment we only have this file for linux in 32bit. This can be found here. I have had reports from many people within the community about there servers being stolen.

All future released of Urban Terror will have this patch included. If you do not use the above binary, i strongly suggest turning voting off. Thanks!

wtf how does that sloganizer come into my sig? :O

wurst · **Posted:** 10.20.09

plz go to http://www.urbanterror.net/news.php

and read this again:

URT official News wrote:

This is a very important security update. About 2 months ago we released a security fix for the Vote System expoilt that allowed people to steal control of your servers. Up until now the damage has been minimal, however, there are now people activly using this method in Europe and in which case most likely to spread almost everywhere!

It is very important that all server admins use the new server binary. At the moment we only have this file for linux in 32bit. This can be found here. I have had reports from many people within the community about there servers being stolen.

All future released of Urban Terror will have this patch included. If you do not use the above binary, i strongly suggest turning voting off. Thanks!

then klick on this link
ftp://ftp.snt.utwente.nl/pub/games/urba ... rTded.i386

btw: we have topic ouselfse somewhere bout that prob.
THing on this site is that we run a custom self-compiled binary.
voting is off..

ps ui rylius, u was faster.
whatever i was faster with the sig lol. its btw the croppalizer since it snipps the sloganizer

JackAv · **Joined:** 09.27.09 **Posts:** 80

Ah thx but my server is running windows :cry:

I heard there is a fix fpr windows. Bur i dont know how to find the fix btw wherte i can download this.
Is ist the same problem if i run urt mod under quake 3 ?

PLS help me i am afraid to start my servers

Now i make a backup of all servers. So i can recover my servers if someone try to crash my server.

SvaRoX · **Joined:** 11.29.08 **Posts:** 1972

First disable voting...
You didn't find any Windows binary ??

JackAv · **Joined:** 09.27.09 **Posts:** 80

No i found nothin gi was seaching for urban terror rcon stealer fix and other tags.

AimMe · **Posted:** 10.20.09

They gave source, can't you compile it?

Unclefragger · **Posted:** 10.20.09

http://forums.urbanterror.net/topic/183 ... ty-update/
I think they did post some binaries as well there

wurst · **Posted:** 10.20.09

oki i did it, please test my wife force me to go shopping :shock:

hope i didnt screw up any, compiled as usual.
hope i didnt overwrite now the maxclients etc, i hd somehow 2 trunks on my messed up drive...

Code:

florian@FLO /ioq3-source
$ make
make&#91;1&#93;: Entering directory `/ioq3-source'

Building ioquake3 in build/release-mingw32-x86:
  PLATFORM: mingw32
  ARCH: x86
  COMPILE_PLATFORM: mingw32
  COMPILE_ARCH: x86
  CC: gcc

  CFLAGS:
    -MMD
    -Wall
    -fno-strict-aliasing
    -Wimplicit
    -Wstrict-prototypes
    -DUSE_ICON
    -Icode/SDL12/include
    -DUSE_OPENAL=1
    -DUSE_OPENAL_DLOPEN
    -DUSE_CURL
    -DCURL_STATICLIB
    -m32
    -DUSE_LOCAL_HEADERS
    -DNDEBUG
    -O3
    -march=i586
    -fno-omit-frame-pointer
    -ffast-math
    -falign-loops=2
    -funroll-loops
    -falign-jumps=2
    -falign-functions=2
    -fstrength-reduce

  Output:
    build/release-mingw32-x86/ioUrTded.x86.exe

make&#91;2&#93;: Entering directory `/ioq3-source'
DED_CC code/server/sv_bot.c
DED_CC code/server/sv_client.c
DED_CC code/server/sv_ccmds.c
DED_CC code/server/sv_game.c
DED_CC code/server/sv_init.c
DED_CC code/server/sv_main.c
code/server/sv_main.c: In function `SV_Frame':
code/server/sv_main.c:873: warning: implicit declaration of function `SV_CheckClientUserinfoTimer'
DED_CC code/server/sv_net_chan.c
DED_CC code/server/sv_snapshot.c
code/server/sv_snapshot.c: In function `SV_CheckClientUserinfoTimer':
code/server/sv_snapshot.c:719: warning: implicit declaration of function `SV_UpdateUserinfo_f'
DED_CC code/server/sv_world.c
DED_CC code/qcommon/cm_load.c
DED_CC code/qcommon/cm_patch.c
DED_CC code/qcommon/cm_polylib.c
DED_CC code/qcommon/cm_test.c
DED_CC code/qcommon/cm_trace.c
DED_CC code/qcommon/cmd.c
DED_CC code/qcommon/common.c
DED_CC code/qcommon/cvar.c
DED_CC code/qcommon/files.c
DED_CC code/qcommon/md4.c
DED_CC code/qcommon/msg.c
DED_CC code/qcommon/net_chan.c
DED_CC code/qcommon/net_ip.c
DED_CC code/qcommon/huffman.c
DED_CC code/qcommon/q_math.c
DED_CC code/qcommon/q_shared.c
DED_CC code/qcommon/unzip.c
DED_CC code/qcommon/vm.c
DED_CC code/qcommon/vm_interpreted.c
BOT_CC code/botlib/be_aas_bspq3.c
BOT_CC code/botlib/be_aas_cluster.c
BOT_CC code/botlib/be_aas_debug.c
BOT_CC code/botlib/be_aas_entity.c
BOT_CC code/botlib/be_aas_file.c
BOT_CC code/botlib/be_aas_main.c
BOT_CC code/botlib/be_aas_move.c
BOT_CC code/botlib/be_aas_optimize.c
BOT_CC code/botlib/be_aas_reach.c
BOT_CC code/botlib/be_aas_route.c
BOT_CC code/botlib/be_aas_routealt.c
BOT_CC code/botlib/be_aas_sample.c
BOT_CC code/botlib/be_ai_char.c
BOT_CC code/botlib/be_ai_chat.c
BOT_CC code/botlib/be_ai_gen.c
BOT_CC code/botlib/be_ai_goal.c
BOT_CC code/botlib/be_ai_move.c
BOT_CC code/botlib/be_ai_weap.c
BOT_CC code/botlib/be_ai_weight.c
BOT_CC code/botlib/be_ea.c
BOT_CC code/botlib/be_interface.c
BOT_CC code/botlib/l_crc.c
BOT_CC code/botlib/l_libvar.c
BOT_CC code/botlib/l_log.c
BOT_CC code/botlib/l_memory.c
BOT_CC code/botlib/l_precomp.c
BOT_CC code/botlib/l_script.c
BOT_CC code/botlib/l_struct.c
DED_CC code/null/null_client.c
DED_CC code/null/null_input.c
DED_CC code/null/null_snddma.c
DED_CC code/sys/con_log.c
DED_CC code/sys/sys_main.c
AS code/asm/ftola.s
AS code/asm/snapvectora.s
AS code/asm/matha.s
DED_CC code/qcommon/vm_x86.c
WINDRES code/sys/win_resource.rc
DED_CC code/sys/sys_win32.c
code/sys/sys_win32.c:41: warning: 'homePath' defined but not used
DED_CC code/sys/con_win32.c
LD build/release-mingw32-x86/ioUrTded.x86.exe
make&#91;2&#93;: Leaving directory `/ioq3-source'
make&#91;1&#93;: Leaving directory `/ioq3-source'

 

im back in 2-3h

gg

Unclefragger · **Posted:** 10.20.09

you do see that you are using gcc in a mingw environment? ^^
I would have to be familiar with the exploit in order to live test it ... maybe someone is ...

Server HACKER!!! RCON STEALER

Who is online