New RCON exploit - Page 3

cheeeeese · 11-11-2009 , 22:01 Re: New RCON exploit

I'm not sure, but I can't find them in the logs folder.

Its as if he deleted the logs ;-;

Isias · 11-12-2009 , 12:34 Re: New RCON exploit

It's quit hard to start fixing something, without any informations where to look for it in first place. But if you're running Eventscripts 1.5, update it to the latest version, there was a rcon exploit. Also it is possible to overtake the server once sv_cheats 1 is set, wether with or without any plugin installed. So check for this two possiblitys please.

cheeeeese · 11-12-2009 , 18:11 Re: New RCON exploit

Well the server is running ES 2.0+

and the server is on sv_cheats 0.

Also, isnt it possible to make one with the log that the thread starter posted?

Fearts · 11-13-2009 , 02:34 Re: New RCON exploit

Here is his SteamID and IP so you can just ban him from your server. It wont stop anyone else who has the script but at least the creator wont be able to connect.

CaMeRoN187
STEAM_0:1

9273
68.41.41.69

Wolfman · 11-19-2009 , 03:52 Re: New RCON exploit

hate to say this but ive spoken to this hacker and he has been attacking me on this hack he is using a VPN to hide his IP address and also he has over 100+ steam account bcoz ive already banned like 10 steam accounts and ip address so banning wont stop him but the answer would be remove mani admin plugin and use sourcemod but you could also get a coder to recode mani admin or find a fix for it or something idk but banning him wont stop him.

Wolfman · 11-19-2009 , 04:02 Re: New RCON exploit

btw he has told me that he uses a exploit in the CSS engine or source engine of valve that he hacks in i dont know if this is true or not but idk ive put everything i think in place and he said he is planning on taking my server down for good so we will see what happens on my server coz he got it out for me

devicenull · 11-19-2009 , 15:15 Re: New RCON exploit

While there are some suspicions as to how this works, posting them publicly is not really a great idea for this exploit. I'm usually all for releasing the details, but in this case we have no full patch, and valve will take forever to fix this.

Isias · 11-20-2009 , 16:20 Re: New RCON exploit

Quote:

valve will take forever to fix this

Since you had a look at the exploit, was it engine-only related, so working on any server even with sv_cheats 0 and without any plugins at all? I hope it's not another exploit allowing to upload all kind of files to the server, like the one Valve fixed with the latest engine update -.-

And:

Quote:

I can verify this at some point this week, but I don't have CSS installed on my laptop right now.

Have you had some time to have a look at it? Sry for bugging :- )

NouveauJoueur · 11-21-2009 , 03:47 Re: New RCON exploit

Quote:

Originally Posted by devicenull

While there are some suspicions as to how this works, posting them publicly is not really a great idea for this exploit. I'm usually all for releasing the details, but in this case we have no full patch, and valve will take forever to fix this.

And how we're supposed to find a fix for ou servers if we don't even know how this exploit works ?

Wolfman · 11-21-2009 , 08:12 Re: New RCON exploit

well i recon you should remove mani admin plugin coz thats how he gets control of it and maybe put some bugs into mani admin about this coz what ive seen him do is does a brute force of rcon password and get it to right a adminlist.txt file to your plugin folder so if you remove mani admin and use SM it should fix this but i found a program called that devicenull has made which has seem to stop him so far.

File upload exploit (1.0.0.2) by devicenull

you should find it easy. on this forums