|
Luigi Auriemmaaluigi.org (ARCHIVE-ONLY FORUM!) |
|
It is currently 19 Jul 2012 15:41
|
View unanswered posts | View active topics
Author |
Message |
aluigi
|
Post subject: Posted: 15 Dec 2007 22:40 |
|
Joined: 13 Aug 2007 21:44 Posts: 4068 Location: http://aluigi.org
|
the unban thing was just referred to the ip since I thought that removing the "ip" field with that bug was possible to hide the real one, but I have tested this thing just now and the IP visualized with status is the real.
So, no I don't know other way to spoof or hide the IP (you can try using -m \ip\1.2.3.4 which probably can work on some old servers but I'm not sure).
|
|
Top |
|
|
evan1715
|
Post subject: Posted: 15 Dec 2007 23:15 |
|
Joined: 05 Oct 2007 01:20 Posts: 402 Location: Florida
|
ok :S yeah spoofed ip or whatever lol xD
So can u add the 2 options for q3fill?
-wait second(s) between each fake player connect
-1 fake player option instead of filling
|
|
Top |
|
|
aluigi
|
Post subject: Posted: 16 Dec 2007 19:35 |
|
Joined: 13 Aug 2007 21:44 Posts: 4068 Location: http://aluigi.org
|
|
Top |
|
|
evan1715
|
Post subject: Posted: 16 Dec 2007 20:26 |
|
Joined: 05 Oct 2007 01:20 Posts: 402 Location: Florida
|
|
Top |
|
|
evan1715
|
Post subject: Posted: 17 Dec 2007 22:23 |
|
Joined: 05 Oct 2007 01:20 Posts: 402 Location: Florida
|
err... again with q3fill lol... can u make an option that can ignore ban messages, passwords and stuff because once it does that it stops trying to fill the server, and in jk2 if u do it really really fast q3unban will work and let u in, but i cant do it as fast as an automatic can. :)
|
|
Top |
|
|
aluigi
|
Post subject: Posted: 18 Dec 2007 10:18 |
|
Joined: 13 Aug 2007 21:44 Posts: 4068 Location: http://aluigi.org
|
No, I can't make an ignore option.
Anyway the q3unban feature can be forced with -u
|
|
Top |
|
|
malo
|
Post subject: Posted: 20 Dec 2007 15:34 |
|
Joined: 09 Oct 2007 17:49 Posts: 19
|
I don't get how to use q3unban properly... And in fact this thread did not helped me yet, too.
Server IP: 213.200:95:26
Server PORT: 28923
It's a JK:JA server(i changed the numbers a bit ^_^)... anyway, then I typed
C:\alugi\sudp>sudppipe -l plugins/q3unban_sudp.dll 213.200.95.26 28923 29070
and pressed enter. Entered my client, i typed /connect 127.0.0.1:29070 in the console and it tried to connect, but there was an "Awaiting gamestate...xx" all the time. And in the cmd console there was nothing like "q3unban activated" or so, there was nothing more then the line "-ready" - it stuck. So I tried it with another local port.
C:\alugi\sudp>sudppipe -l plugins/q3unban_sudp.dll 213.200.95.26 28923 28923
Then /connect 127.0.0.1:28923 in the client console.
Worked much better, I could connect and in the cmd console was an "-add 127.0.0.1:29070" and a "q3unban activated", but I was still banned.
What's my fault? And additonally, what is a localport and how to get it? =/
thanks and greetings
|
|
Top |
|
|
aluigi
|
Post subject: Posted: 20 Dec 2007 15:46 |
|
Joined: 13 Aug 2007 21:44 Posts: 4068 Location: http://aluigi.org
|
In my tests (as visible also in my video) JA was vulnerable.
So now the hypotesis are the following:
- that version of JA is not vulnerable (I have tested only version 1.0.1.0)
- the server has been patched with my patch
- that server uses a particular mod which isn't affected by the problem
|
|
Top |
|
|
malo
|
Post subject: Posted: 20 Dec 2007 16:00 |
|
Joined: 09 Oct 2007 17:49 Posts: 19
|
1. Hmm maybe, but that was a 1.0 server and I don't really think that 1.0 > 1.0.1.0 when you know what I mean...
2. Possible, but unlikey imho, because except the popular buffer overflow fix they do not have any other fixes at all...
3. No, this one is a completely pure basejk server
|
|
Top |
|
|
malo
|
Post subject: Posted: 20 Dec 2007 19:05 |
|
Joined: 09 Oct 2007 17:49 Posts: 19
|
omfg
could it be that the exploit does not work because the server has sv_allowanonymous disabled? -.-'
|
|
Top |
|
|
aluigi
|
Post subject: Posted: 20 Dec 2007 20:47 |
|
Joined: 13 Aug 2007 21:44 Posts: 4068 Location: http://aluigi.org
|
no, because for example my local test server doesn't have sv_allowanonymous set at all (and the same is for Quake 3).
About the version, seems that online there are only 1.0.1.x servers so forget my first hypotesis.
About the other two, are you 100% sure that the server doesn't use a server-side-only mod or my patch?
my q3unban fix is recent, sure, but watching what you report seems just the only explanation.
|
|
Top |
|
|
malo
|
Post subject: Posted: 21 Dec 2007 16:47 |
|
Joined: 09 Oct 2007 17:49 Posts: 19
|
I finally asked an admin about their fixes, and the server is just protected against a config-caused buffer overflow and that's no real problem for your infostring exploit you know... Well in fact I don't understand why it does not work =(
|
|
Top |
|
|
malo
|
Post subject: Posted: 21 Dec 2007 17:57 |
|
Joined: 09 Oct 2007 17:49 Posts: 19
|
And btw, the q3fill unban-forcing through the option "-u" does not work eiter... Any ideas?
|
|
Top |
|
|
evan1715
|
Post subject: Posted: 21 Dec 2007 19:41 |
|
Joined: 05 Oct 2007 01:20 Posts: 402 Location: Florida
|
it works does work... ? all it does instead of the automatic unban that is detected it FORCES it to use the overflow bug so basically it executes it even if ur banned or not
|
|
Top |
|
|
malo
|
Post subject: Posted: 21 Dec 2007 21:59 |
|
Joined: 09 Oct 2007 17:49 Posts: 19
|
lol... on another server your exploit worked without any problems oO the only different between these two servers are that the one on which the programm worked was unpure.... huh i'm going to test the vulnerabilty of some other servers pure and unpure during the next few weeks i think.
But to get to point, your programme finally did his job very well =D and you seem to be right with your hypothesis that the server's version and cfg or whatever can destroy its vulnerability to that exploit. Well, like I said ill test some servers to proof if this idea is true and give you a feedback then, if you want.
excuse my bad english >.<
|
|
Top |
|
|
evan1715
|
Post subject: Posted: 21 Dec 2007 23:25 |
|
Joined: 05 Oct 2007 01:20 Posts: 402 Location: Florida
|
^_^ or 1 of the servers u tried has patch and the other one doesn't >_<
|
|
Top |
|
|
evan1715
|
Post subject: Posted: 22 Dec 2007 02:50 |
|
Joined: 05 Oct 2007 01:20 Posts: 402 Location: Florida
|
Quote: - Fake players:
Player: .. "PKWbQVJ9nzwXc" .. - activated auto unbanning trick
Player: .. "Cx" .. - Your IP address is banned. - par\val: "IP" "banned"
Error: the more buffer can't contain all the data
What does that error mean?
MM one more thing, multircon...
Heh, adding an option again;
can u add one that guesses a command? i got rcon for this server and my friend keeps changing the 'kick' command on me lol, ive found it out twice but uh can u add the option that searches for it and how many characters it can be. So type in the password, type in how many characters it is, and start guessing all the possiblities. (possibilites of four characters in this example)
I know you want like multircon and q3fill in the right subjects but it's just easier to use 1 subject that covers a lot :)
|
|
Top |
|
|
malo
|
Post subject: Posted: 22 Dec 2007 10:42 |
|
Joined: 09 Oct 2007 17:49 Posts: 19
|
[quote="evan1715"]^_^ or 1 of the servers u tried has patch and the other one doesn't >_<[/quote]
Nah. Read my posts, I asked the admin and he said that his server has no q3unban-fix...
|
|
Top |
|
|
evan1715
|
Post subject: Posted: 22 Dec 2007 14:31 |
|
Joined: 05 Oct 2007 01:20 Posts: 402 Location: Florida
|
k i did re-read ur post twice, theres nothing about an admin
|
|
Top |
|
|
aluigi
|
Post subject: Posted: 22 Dec 2007 15:37 |
|
Joined: 13 Aug 2007 21:44 Posts: 4068 Location: http://aluigi.org
|
that error you received is for avoiding an overflow of the buffer called more (the one which contains the unban stuff and other automatic parameters).
it's used in a experimental function for the handling of uncommon parameters and other dynamic stuff.
Anyway in your case your IP was still banned.
|
|
Top |
|
|
malo
|
Post subject: Posted: 24 Dec 2007 10:24 |
|
Joined: 09 Oct 2007 17:49 Posts: 19
|
malo wrote: I finally asked an admin about their fixes, and the server is just protected against a config-caused buffer overflow and that's no real problem for your infostring exploit you know... Well in fact I don't understand why it does not work =(
nc
Okay, I already tested sum other servers now, and it seems that the q3unban exploit works perfect on every server, excpect the described 213.200.95.26:28923... Well, strange thing(they don't have any fixes <.<), but in fact I don't really care about just one lonely server... Whatever... Anyway, you did a very good job with this exe, it can even erase a subnet ban ^_^ n1 gz etc
keep up your good work ;D
|
|
Top |
|
|
aluigi
|
Post subject: Posted: 24 Dec 2007 12:00 |
|
Joined: 13 Aug 2007 21:44 Posts: 4068 Location: http://aluigi.org
|
Anyway I have a doubt... why your IP/subnet is banned on all these servers?
8-)
|
|
Top |
|
|
evan1715
|
Post subject: Posted: 24 Dec 2007 15:11 |
|
Joined: 05 Oct 2007 01:20 Posts: 402 Location: Florida
|
malo, 2 different posts i thought u where talking about ur most recent: here
|
|
Top |
|
|
malo
|
Post subject: Posted: 25 Dec 2007 11:48 |
|
Joined: 09 Oct 2007 17:49 Posts: 19
|
aluigi wrote: Anyway I have a doubt... why your IP/subnet is banned on all these servers? 8-) Stole rcon with q3dirtrav or asked the admin if he could ban me because I want to test something... Wasn't a big problem ^_^ evan1715 wrote: malo, 2 different posts i thought u where talking about ur most recent: here
Whew dude, whatever... Nevermind, np ;D
|
|
Top |
|
|
evan1715
|
Post subject: Posted: 25 Dec 2007 14:44 |
|
Joined: 05 Oct 2007 01:20 Posts: 402 Location: Florida
|
malo wrote: Stole rcon with q3dirtrav or asked the admin if he could ban me because I want to test something... Wasn't a big problem ^_^
LOLROFLHAHAHAROFLLLLLLLLL
if ur going to steal rcon, make sure ur undetected(u amateur :D)... ban to test what?! q3unban? why dont u try it on 1 of those servers u stold rcon from! Also, what game is this you're playing on?
|
|
Top |
|
|
malo
|
Post subject: Posted: 26 Dec 2007 19:01 |
|
Joined: 09 Oct 2007 17:49 Posts: 19
|
evan1715 wrote: LOLROFLHAHAHAROFLLLLLLLLL Of course. evan1715 wrote: if ur going to steal rcon, make sure ur undetected(u amateur :D)... Shh. You know a crap about the ways I'm stealing rcons and which precautions I take. Just don't care, I know how to stay undetected and don't getting into bigger trouble, believe me. A good advice: Don't call somebody an 'amateur' when you've just no clue about his working methods. evan1715 wrote: ban to test what?! q3unban? why dont u try it on 1 of those servers u stold rcon from! You still know a crap. Firstly, knowing at least just a bit about q3dirtrav would help you to dare to talk like that. In fact, this exploit doesn't work on every server. Additionally, other programs like multircon take too much time to reach the target 'rcon'. Secondly/Thirdly, in such situations I just say "i will try to unban me =D", and no one cares anymore. evan1715 wrote: Also, what game is this you're playing on?
For the second time, read my posts/learn to read, whatever.
Owned?
Merry Christmas,
malo
|
|
Top |
|
|
aluigi
|
Post subject: Posted: 26 Dec 2007 19:49 |
|
Joined: 13 Aug 2007 21:44 Posts: 4068 Location: http://aluigi.org
|
can I ask to both of you to don't start flame wars?
evan, since the beginning you started with stupid comments and attitude and I don't refer only to this case but also to other topics so if you need to do/say anything not-related to this forum there are many others on internet.
|
|
Top |
|
|
evan1715
|
Post subject: Posted: 26 Dec 2007 21:49 |
|
Joined: 05 Oct 2007 01:20 Posts: 402 Location: Florida
|
malo wrote: A good advice: Don't call somebody an 'amateur' when you've just no clue about his working methods. in my book, getting caught means you would be an amateur malo wrote: I know how to stay undetected and don't getting into bigger trouble, believe me. Stole rcon with q3dirtrav k, apparently not malo wrote: ...this exploit doesn't work on every server.... duhhhhhhhhh, most servers have download off servers that do (the 1 out of 30) have it on they could have luigi's patch for it, or there could be a bug and it not work, or the name of the .cfg ur trying to get is not server.cfg or jampserver.cfg or whatever JA has. malo wrote: Additionally, other programs like multircon take too much time to reach the target 'rcon'. duh. malo wrote: For the second time, read my posts/learn to read, whatever. or u can not be a prick and just say jedi academy aluigi wrote: can I ask to both of you to don't start flame wars?
yes of course, malo u may choose one of my contacts if u intend to proceed in the argument, no need for luigi to lock topic, close topic, or ban either of us.
pm
msn
aim
my forum
xfire = evan1715
Holler.
|
|
Top |
|
|
malo
|
Post subject: Posted: 27 Dec 2007 13:25 |
|
Joined: 09 Oct 2007 17:49 Posts: 19
|
I'm done with you, there's no need for further conversations. Like i see, you unfortunately did not get what I tried to tell you. Well, maybe that's just because my english isn't as peferct as yours, hm... Nevemind, I don't regret this 'defeat' tbh, I couldn't care less about it. So I cut this now, get over it, deal with it, whatever. Luigi is right, you too: Back to topic. Boom. Contact me via PM when you think that there's still a reason for talking with me.
Luigi, is there any possibility to make the fake players of your q3fill exploit join the game, just like bots? I don't mean that they shall fight then, I just want them execing configs like bof, modelcrash etc., so they could stay in spec mode. Any ideas?
|
|
Top |
|
|
evan1715
|
Post subject: Posted: 27 Dec 2007 15:22 |
|
Joined: 05 Oct 2007 01:20 Posts: 402 Location: Florida
|
malo, it's possible but i beleive it would be hard...
Also, heres a secret, you can execute at anytime... I mean like when it says Connecting... and it finally says Awaiting Gamestat, before the map loads you can execute stuff, so you can execute a binded crash and they wont know your ip because you executed it too fast when you connected... unless your playing on 1.01 which they may have connect logs, like the Gamall Mod. But most have JA+ Mod so I don't know what sort of logs that mod has.
So yes... stuff can be executed directly when connected, I don't know if it can through fake players but try it, I don't know if you knew that because most don't.
oh and I read your posts again, which version of JA do you play? 1.01 or 1.0?
and you can also try force crash, it's a JO and JA only crash since it's force.
|
|
Top |
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot post attachments in this forum
|
|