[[cTs] Corvette]

Well, after it happened again tonight, the hacker knew we were on to him so he came forward to tell us how he was doing it:

There are some ways to get rcon of some really noob servers with sv_downloadurl.

1) Developer 1
2) Copy the line of the sv_downloadurl to firefox/ie
3) Check if server.cfg is here
4) Take rcon

We had recently changed hosting and needed a temporary fast download site, and it turns out the whole directory was exposed. So, now that you know, you might want to make sure the same thing doesn't happen to you.