File upload exploit fix - Page 2

voogru · 08-20-2009 , 00:18 Re: File upload exploit fix

Yeah I had a crash too, had to remove the code sadly.

I run srcds as another user that has no write permissions to anything except logs and downloads anyway so don't really think I'm too vulnerable.

Lethal- · 08-20-2009 , 06:37 Re: File upload exploit fix

Quote:

[EXP] Exploitable FS_OPen() call!, file=addons\sourcemod\configs\admin_groups.cf g redirecting to exploits/1250764546.txt

is it supposed to do that?

psychonic · 08-20-2009 , 06:51 Re: File upload exploit fix

Quote:

Originally Posted by Lethal-

is it supposed to do that?

I know it's tough to read a whole 1.2 page topic, but if you had...

"Blocks sourcemod from creating files." appears twice

psychonic · 08-20-2009 , 07:55 Re: File upload exploit fix

Quote:

Originally Posted by DontWannaName

Crash as a result of this?

@devicenull

Callstack:
http://psychonic.ampaste.net/f37d5f2b4

devicenull · 08-20-2009 , 12:36 Re: File upload exploit fix

updated to attempt to fix this crash issue

BrutalGoerge · 08-20-2009 , 14:00 Re: File upload exploit fix

how easy is it for a client to take advantage of this exploit?

I just barely started to hear talk of this. thanks for the fix btw

Hipster · 08-20-2009 , 15:30 Re: File upload exploit fix

Quote:

Originally Posted by BrutalGoerge

how easy is it for a client to take advantage of this exploit?

I just barely started to hear talk of this. thanks for the fix btw

It's an external program that needs to be recompiled or hex edited for an attacker to upload a file, so you're probably safe from pissed off 13-year-olds.

Editing the source code is pretty straight-forward, though, so I think you'd be vulnerable to anyone who knows how to open and compile a C program.

ilovelamp · 08-20-2009 , 20:44 Re: File upload exploit fix

There is apparently a workaround, as I have this loaded on to both Windows AND Linux boxes and I have someone still overwriting my gameinfo.txt and server.cfg files.

Metamod is loading these as I've been checking in the meta list.

devicenull · 08-20-2009 , 21:54 Re: File upload exploit fix

Quote:

Originally Posted by ilovelamp

There is apparently a workaround, as I have this loaded on to both Windows AND Linux boxes and I have someone still overwriting my gameinfo.txt and server.cfg files.

Metamod is loading these as I've been checking in the meta list.

I know. I'm working with someone else to confirm I have a fix for that too before I release it.

ilovelamp · 08-20-2009 , 22:33 Re: File upload exploit fix

Quote:

Originally Posted by devicenull

I know. I'm working with someone else to confirm I have a fix for that too before I release it.

I know. <3

We were just testing it on my jailbreak server, after all.

Thank you for putting all this work into the fix.