AlliedModders
Page 2 of 22 1 2 3412 Last »
Show 40 post(s) from this thread on one page

AlliedModders (https://forums.alliedmods.net/index.php)
-   Extensions (https://forums.alliedmods.net/forumdisplay.php?f=134)
-   -   ServerSecure (Files only) - Server protection against the Upload / Download exploit. (https://forums.alliedmods.net/showthread.php?t=142249)

Atreus 11-16-2010 06:11
Re: ServerSecure (Files only) - Server protection against the Upload / Download explo
 
Awesome! Thanks asher :3

tigerox 11-19-2010 13:31
Re: ServerSecure (Files only) - Server protection against the Upload / Download explo
 
Quote:
Originally Posted by tigerox (Post 1341884)
Would this allow someone to upload a file with the same name as a vaild downloadable file, or are file overwrites not exploitable?

Example. Overwriting map files in the /maps folder.
Does anyone have an answer to this question? Asked a while ago with no reply.

Thanks.

asherkin 11-19-2010 13:45
Re: ServerSecure (Files only) - Server protection against the Upload / Download explo
 
As far as I know, Valve actually succeeded in patching the uploading portion of the exploit, they just left holes in the download filter.

EDIT: <@AzuiSleet> you can't overwrite files except by converting them to directories (which isn't possible with the fix)

tigerox 11-19-2010 17:21
Re: ServerSecure (Files only) - Server protection against the Upload / Download explo
 
Quote:
Originally Posted by asherkin (Post 1352501)
As far as I know, Valve actually succeeded in patching the uploading portion of the exploit, they just left holes in the download filter.
Great. Thanks for the reply.

sinblaster 11-27-2010 07:57
Re: ServerSecure (Files only) - Server protection against the Upload / Download explo
 
Quote:
Originally Posted by asherkin (Post 1342569)
Only with D-FENS (and ServerSecure if on Windows).

I appologise in advance asherkin but I am lost with this mate. I am running Windows Server / mmsource-1.8.4 / sourcemod-1.3.6

I also have D-fens. I should uninstall D-fens if I want to use this?

KyleS 11-27-2010 08:06
Re: ServerSecure (Files only) - Server protection against the Upload / Download explo
 
Quote:
Originally Posted by sinblaster (Post 1357727)
I should uninstall D-fens if I want to use this?
You should remove D-Fens if you want to use this.

sinblaster 11-27-2010 08:09
Re: ServerSecure (Files only) - Server protection against the Upload / Download explo
 
Thanks kyle its just when it mentioned (and ServerSecure if on Windows) and the name of this extension being "ServerSecure" I got lost.

Really appreciate your help.

Xaphan 04-14-2011 16:38
Re: ServerSecure (Files only) - Server protection against the Upload / Download explo
 
I was using D-FENS until last night...
yes servers all updated to current version, this must be new exploit on win servers only.
Quote:
L 04/13/2011 - 23:09:09: [D-FENS] "<><STEAM_0:1:26233280><IP>" uploaded file "maps/cs_office.bsp\hacked.txt".
I removed D-FENS and install this extension.

Question is: Will this extension log actions?

asherkin 04-15-2011 03:16
Re: ServerSecure (Files only) - Server protection against the Upload / Download explo
 
This extension has been updated for todays update.

Quote:
Originally Posted by Xaphan (Post 1449706)
Question is: Will this extension log actions?
Yes.

tigerox 04-15-2011 07:30
Re: ServerSecure (Files only) - Server protection against the Upload / Download explo
 
Quote:
Originally Posted by asherkin (Post 1450029)
This extension has been updated for todays update.
Could you please post the updated files.

Thanks.


All times are GMT -4. The time now is 16:25.
Page 2 of 22 1 2 3412 Last »
Show 40 post(s) from this thread on one page

Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.