[0xyGens]

Hi, someone download my server.cfg (server.cfg.ZTMP created).
And attacker put html meta refresh code on my motd.txt how can i fix this ?

LOG:

Code:

08/13/2012 - 14:17:10: Rcon: "rcon challange password motd_write <META HTTP-EQUIV=Refresh CONTENT="0 URL=VIRUSURL">" from "İP"

[YamiKaitou]

Replace your motd file with the correct one and then change your password

EDIT: Also, make sure your server is using the latest Steam version

[0xyGens]

hi YamiKaitou, i changed password 9 words (number/upper/lower) and attacked again. server.cfg.ZTMP created , modt.txt file is changed.
im using 4883 engines. how can i fix this ?

[YamiKaitou]

Update your Steam Only server to the latest version

[0xyGens]

hi again, i tried latest steam hlds binary (54xx) but my server crashing every hour so i returned 4883 engine. how can i block motd_write servercmd

i tried following code but not working

Code:

#include <amxmodx>

#define VERSION "1.0"

public plugin_init()
{
    register_plugin("Block modt_write", VERSION, "0xyGens")
    register_srvcmd("motd_write", "block_write")
}

public block_write()
{
    server_print("blocked")
    return PLUGIN_HANDLED
}

[YamiKaitou]

We cannot assist you if you are not using the latest Steam Only build. This exploit was fixed (I believe) by an HLDS update.

[warlock]

Set the correct permissions on motd.txt and the problem will vanish.

[0xyGens]

chmod 0644 ?

[Gam3ronE]

I got the same issue. Trying 0600 now.

I know what you mean with latest build always crashing. I use 4883 too.

[fysiks]

Quote:

Originally Posted by 0xyGens chmod 0644 ?

chmod should only be given 3 digit numbers. Does it ignore the first digit when you actually put it in that way?