Raised This Month: $ Target: $400
 0% 

Admin Boot Hack


Post New Thread Reply   
 
Thread Tools Display Modes
Author Message
LordFerret
Junior Member
Join Date: Jun 2008
Location: NJ USA
Old 06-09-2008 , 04:38   Admin Boot Hack
Reply With Quote #1

Hello all, new here -

I've run across a situation on our server(s) and I'm hoping to find additional information from here.

We run a 24/7 Avalanche DoD server and a CS 1.6 server, both running AMXx v1.8.0.3360. Lately we've encountered a number of players entering the servers and using some manner of hack which kicks all Admins present in the server. The only evidence of this is in the AMXx logs, which shows the errant player issuing an amx_chat command that contains a long text string of jumbled letters (some manner of code?). The command is spammed repeatedly, effectively kicking all Admins. There is no logged entry of the errant player logging in as an Admin as AMXx normally shows.

Any feedback on this? Have I posted this in the right place? I have more data to supply to the devs if they're interested.

Thanks.
LordFerret is offline
Send a message via ICQ to LordFerret Send a message via AIM to LordFerret Send a message via MSN to LordFerret Send a message via Yahoo to LordFerret
CubanSpike
Member
Join Date: Mar 2008
Old 06-09-2008 , 09:27   Re: Admin Boot Hack
Reply With Quote #2

I am not part of the AMXX team, but I came across your post. I had a similar problem a while back on my CS 1.6 server. I changed the rcon password and it seemed to work. Also, make sure in your amxx.cfg that the default access for non-admin users is "z".

Best of luck,

Cuban
CubanSpike is offline
LordFerret
Junior Member
Join Date: Jun 2008
Location: NJ USA
Old 06-09-2008 , 10:07   Re: Admin Boot Hack
Reply With Quote #3

I will look into this immediately. Thanks!
LordFerret is offline
Send a message via ICQ to LordFerret Send a message via AIM to LordFerret Send a message via MSN to LordFerret Send a message via Yahoo to LordFerret
LordFerret
Junior Member
Join Date: Jun 2008
Location: NJ USA
Old 06-10-2008 , 14:45   Re: Admin Boot Hack
Reply With Quote #4

Followup:

Our default access for non-admin users was set to "z". I've changed our RCON password to a very large one, generated by a site which utilizes cryptographically-strong pseudo random number generators {Rijndael (AES) ciphers}... fancy talk for a nice unique password lol (better than I could do). Good luck brute-force hackers. So far it seems to be working!

Thanks again for the tips!
LordFerret - Mamma Jamma's Server Group & Community Administrator
LordFerret is offline
Send a message via ICQ to LordFerret Send a message via AIM to LordFerret Send a message via MSN to LordFerret Send a message via Yahoo to LordFerret
CubanSpike
Member
Join Date: Mar 2008
Old 06-10-2008 , 15:57   Re: Admin Boot Hack
Reply With Quote #5

w00t!

No problem,

Cuban
CubanSpike is offline
Mlk27
Veteran Member
Join Date: May 2008
Old 06-10-2008 , 21:32   Re: Admin Boot Hack
Reply With Quote #6

LordFerret

for addition security, you can use these settings in server.cfg it will ban your ip for 24 hours after 2 times of failed rcon authentication

Quote:
// RCon security
sv_rcon_banpenalty 1440
sv_rcon_maxfailures 2
sv_rcon_minfailures 2
sv_rcon_minfailuretime 30
Mlk27 is offline
LordFerret
Junior Member
Join Date: Jun 2008
Location: NJ USA
Old 06-10-2008 , 23:47   Re: Admin Boot Hack
Reply With Quote #7

Excellent! Thanks!
LordFerret is offline
Send a message via ICQ to LordFerret Send a message via AIM to LordFerret Send a message via MSN to LordFerret Send a message via Yahoo to LordFerret
Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 19:08.


Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Theme made by Freecode