Fix for rcon crash exploit?

retsam · **Author**

Is there any way to fix the rcon exploit crash? Some asshat is crashing all of our servers with it. Theres gotta be some way.

PS: Why is valve so stupid?

bl4nk · 06-23-2009 , 17:17 Re: Fix for rcon crash exploit?

Do you know any details on the crash?

retsam · *Last edited by retsam; 06-23-2009 at 17:31.*

Well yes, I got the ips from them. Friend looked their ips up and has their info and talking to their isp now.

But its this crap.

rcon from "75.x.x.x:4313": Bad Password
L 06/23/2009 - 13:28:22: rcon from "75.x.x.x:4313": Bad Password
L 06/23/2009 - 13:28:22: rcon from "75.x.x.x:4313": Bad Password
L 06/23/2009 - 13:28:22: rcon from "75.x.x.x:4313": Bad Password
L 06/23/2009 - 13:28:22: rcon from "75.x.x.x:4313": Bad Password
L 06/23/2009 - 13:28:22: Addip: "<><><>" was banned by IP "for 10.00 minutes" by "Console" (IP "75.x.x.x")

Server crashes right after that.

Could you make a plugin that checked how many times someone enters a bad rcon password? Then ban them after like 2 times? This wouldnt allow them to do it all 4 times. I dont know if that would stop it since im not 100% sure how it works but..

bl4nk · 06-23-2009 , 17:32 Re: Fix for rcon crash exploit?

The only way to fix that is to either disable rcon or to increase the following two cvars to something really high:

sv_rcon_minfailures
sv_rcon_maxfailures

This is Valve's problem, nothing we can fix.

retsam · 06-23-2009 , 17:37 Re: Fix for rcon crash exploit?

How do you disable rcon anyways? Thanks for info bl4nk.

bl4nk · 06-23-2009 , 18:40 Re: Fix for rcon crash exploit?

You don't set a rcon_password.

retsam · *Last edited by retsam; 06-23-2009 at 22:45.*

Damn it looks like sv_rcon_minfailures
sv_rcon_maxfailures have max values of like 15 or 20 or something. I set it to 10000 but i just tested it and it still ip bans me after a 15 or so attempts. : /

Value is freaking genius.

EDIT: Oh and, entering nothing for rcon_password or "" does NOT prevent the exploit. It still sees any entry as a bad rcon attempt. That does not help at all. : (

So...theres no way to disable rcon?

bl4nk · 06-24-2009 , 01:46 Re: Fix for rcon crash exploit?

Try completely removing "rcon_password" from your server.cfg file.

psychonic · 06-24-2009 , 06:55 Re: Fix for rcon crash exploit?

Quote:

Originally Posted by retsam

So...theres no way to disable rcon?

If you don't do downloads from the server (meaning you do have a sv_fastdownloadurl set) and if you have access to the server, you can block all tcp access on the port the game server runs on. Players joining and a2s queries are done through udp.

retsam · 06-24-2009 , 16:39 Re: Fix for rcon crash exploit?

humm..I didnt think of that. Not a bad idea. Ill try that a little later.

Thx