The server has a plugin, which spawns the cases in the random points of a map.
In the cases can be found the health points, a game currency, the points for
/anew, some experience for a rank, nothing, or a privilege (for 1-2 hours) (!).
Briefly about the privileges. There are few VIP levels: VIP, premium VIP and
super VIP (BTW, there are few admin levels such as gold admin, super admin,
et cetera). For example, super VIP allows you buy the special weapons with a
30% damage boost, you take 10% less damage, have a heal grenade, restoring
100 HP, and have a little speed boost with a more powerful knife. Also, you
can buy a double jump ability (that is a separate privilege, along with VIP).
I want fk up them and silently play with super VIP (possibly, with a double
jumping), granting it for yourself for 1-2 hours every day. (Not sure, how
soon will I leave vim, if you'll help me with direction, where to see, so
that write a hack, but during the tests, I'll definitely try to run a code
on the server.) :-)
The server uses amxmodx. And the plugins (including a plugin for the
privileges, a plugin for the cases' generation), probably, uses it. Is there
any leaks in amxmodx? In general, I would like to get a plugin list of the
hl-server, to start. But, I obviously don't have the rights. (It is such a
trifle, but I can't to bypass this constraint, even...). It would be cool
already, if I can do it - I'll write a small system and will upgrade it, to
get a powerful hack (let it only will be able to get a plugin list, at first:
execute an amxx_plugins command without the rights).
The server has an own site, where privilege can be purchased. The site has a
7.2.19 php version and made on GameCMS engine.
There was few ideas:
- intercept a site's request, when buying a privilege (to get it without
- modify the cases' bonus type (to get only the privileges from each case);
- find a players' database and modify a yourself profile's row, to get a
A second idea is dangerous for me, because it may lead me to VAC ban; third
idea is hard, because I don't know where a database is located.
Think, that I should to hack the site. I believe, that it is possible and not
so difficult, because I just want to send a simple request to web server, when
buying a privilege: run my code on "Purchase" button's event. Otherwise, I
don't know more safer ways to hack a privilege...
By the way, a 7.2.19 php version has the 3 leaks. Is there any reason to
implement one of them, to send a custom request?
Also, there is a night mode on hl-server, that gets a free privilege for you
for few hours every day. Is there any reason to explore moments, when this
mode starts and ends to find out any leaks, to run a code in this moments
(in order to break a privilege's system)?
I have a fog in my head. I don't know where to start...
(I willn't give a server's IP and site for confidentiality purposes.)
I explored a GameCMS' hosting and imagined an its scheme.
+--- [The hosting] ---+
| | | |
v v v v
---- ---- ---- ----
| DB | | DB | | DB | | DB |
---- ---- ---- ----
The circled databases means, that it's use a GameCMS content management system
and is GUI wrapped.
An each database has a partial owner, that is a site's administrator, which,
perhaps, is a HLDS' owner (in this case, it's true).
A site's database linked with a HLDS through a separate channel, using a
GameCMS API plugin.
| DB | <- - - -> | HLDS |
I can connect either to the site, or to the server. Thereby, can to look at
the system on the both ends, having the poor rights.
What's going between the site and server is a complex interaction, though.
And the GameCMS implements a transaction system, passing a client's data in
a payment system, providing a data's security. I. e., to get a privilege for
free, hacking a 'vanilla' side of this system, I have to bypass a protection
of a large payment system, such the PayPal or VISA. And this is a completely
different hacking level...