Luigi Auriemma

aluigi.org (ARCHIVE-ONLY FORUM!)
It is currently 19 Jul 2012 19:50

All times are UTC [ DST ]





Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 5 posts ] 
Author Message
 Post subject: Password hack for swbf2?
PostPosted: 14 Jun 2009 17:08 

Joined: 30 May 2009 17:54
Posts: 16
hey aluigi, some people in the game are telling that there is a hacker that can get any server password and like last night he knew our server password, so i was curios, do you think anyone can make this? oh ye, the person who had the pass was only14, so do you think someone had made one of these, or maybe you have made one of these?


Top
 Profile  
 
 
 Post subject: Re: Password hack for swbf2?
PostPosted: 15 Jun 2009 20:24 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
a vulnerability can allow anything, included this possible effect.
but as said that other time I have never tested/played with swbf2 so I know nothing about it.

my first suggestion is to AVOID to use DSManager to start your server, use directly the full command-line and delete the bf2cmd.txt and cmdline.txt files.
for being more secure when you launch the server scans its whole directory searching if there are still occurrencies of some sensitive informations (your admin password) in other files there.

this simple foresight allows to avoid possible problems regarding the reading of arbitrary files on the server so if the problem rehappens means it's something inside the server code (the reading of a variable or something similar).

keep me update about if the situation changes after such modification.


Top
 Profile  
 
 Post subject: Re: Password hack for swbf2?
PostPosted: 16 Jun 2009 21:03 

Joined: 30 May 2009 17:54
Posts: 16
ok thank you, i will keep upadating you about the situation...


Top
 Profile  
 
 Post subject: Re: Password hack for swbf2?
PostPosted: 20 Jun 2009 19:42 

Joined: 24 Sep 2007 02:12
Posts: 1114
Location: http://sethioz.co.uk
everything is possible over internet.

if some 14yo had your server password, then it is very unlikely that he/she wrote the program or found the exploit to do so.

if its out in public, then don't you think you would have found it (i assume you tried to google).

from my own experience i know that lot of ppl (specially some stupid wannabe kids) are just bragging that they hacked something, so don't belive everything you see/hear, do what Luigi suggested and also use stronger password (like at least 10 letters with 1 symbol in it). like "pAss@word11" .. and now if he/she does it again, then its quite certain that there is some exploit out there that can easily get server's password.

..so how he/she got password ? well think if you shared that password with anybody at all or maybe you had some friend at your place who was able to look at it and shared it.

Also from my own experience. some time ago i hacked some freeforum which some dumb kids used as their clan site, i read their PMs and hidden topics and got the password for server, i messed around with it for a while and then rumors got out that im some yber hacker and can get any server's password ... so in other words they made up their own fears.
so just make sure that your password did not leak and its secured (what Luigi suggested) and see if it happens again, i doubt it will.


Top
 Profile  
 
 Post subject: Re: Password hack for swbf2?
PostPosted: 24 Jun 2009 20:46 

Joined: 26 Apr 2008 21:50
Posts: 27
he may reside on the same machine as you are hosted, so sometimes permissions are weak and he could read your config files and know your password. just a guess, much times machines are securised against these vulnerability, Battlefield 2 is such a vulnerable game not build with security in mind that there could be a vulnerability in it like Luigi said.


Top
 Profile  
 
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 5 posts ] 

All times are UTC [ DST ]


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
cron