After my not so recent advisories about security bugs exploitable in some games through punkbuster Evenbalance has applied the following limitations:
- any byte which is not in the range space-'z' is no longer printable:
"............................... !"#$_&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz....................................................................................................................................."
- the % char is substituited with _
- the various commands which were possible to send with my pbmsgs tool are now filtered or time limited ("pbmsgs -u SERVER PORT hello" works each 5 seconds)
The above 3 limitations have been used to avoid or limit the windows console hell bell bug, possible format string in the games and server freeze through flooding (
http://aluigi.org/adv/pbmsgsdos-adv.txt).
But these limitations could lead to the following problems:
- the filtered chars (like % or the accented letters) used in nicknames could have interesting effects, anyway this has not been tested so it's only an hypothesis
- the 5 second limitation in the commands could allow to ignore the real UCON and other packets from the PB master server, tested just in this moment and seems to work perfectly in a similar way to the rcon DoS in the Quake 3 engine caused by the half-second limitation.
in my test in fact I was no longer able to use the pbucon tool
