Hlsheld

Xpander · **Joined:** 26 Oct 2007 17:38 **Posts:** 25

When the hlfill will brake hlsheld... Is there option 4 do it ?

Guest · **Posted:** 31 Oct 2007 21:45

no since the bug has been patched by hlshield

Gibon · **Joined:** 15 Nov 2007 20:39 **Posts:** 1

is there any exploit or tool who are not catched by HLShield ?

What do you think about this:
http://securityvulns.com/Adocument827.html

I try to complete with cygwin but didn't succeed.

aluigi · **Posted:** 16 Nov 2007 10:40

that's for an old version of Half-Life, antecedent my hlbof-server bug so no longer existent.
Anyway, in case you want to try by yourself, the attached is the compiled executable of that code (which required some modifications for native compiling).

Xpander · **Joined:** 26 Oct 2007 17:38 **Posts:** 25

What does it mean

Code:

.  half-life 3.1.0.x remote buffer-overflow for linux x86
.  (c)2000, Tamandua Sekure Laboratories
.  Authors: Thiago Zaninotti & Gustavo Scotti
.  connecting to the server... done
         server_name 
            map_name  [cs_assault]
           game_name  [Counter-Strike]
        users_online  [11 of 14]
           remote_OS  [linux]
.  localinfo 
.  TCP listen port number 25000
.  sending poison code. 1003 bytes sent
*  waiting for connect_back shellcode responde... failed!

?? Is it works with servers protected password?

aluigi · **Posted:** 22 Nov 2007 16:31

it's a bug in the rcon service and as written in the source code of the exploit, no password is required and any server is vulnerable (naturally referring to the versions which have this bug)

Xpander · **Joined:** 26 Oct 2007 17:38 **Posts:** 25

What program is finding hl bugs ? How Can find hl sheld bugs?

Xpander · **Joined:** 26 Oct 2007 17:38 **Posts:** 25

I have a question nowadays a few servers are secure by VAC, but they are still nonsteam your crasher is not working with it...

aluigi · **Posted:** 23 Nov 2007 18:15

I have never used VAC so I don't know if is this anti-cheat to block the crash or these servers use my patches

Xpander · **Joined:** 26 Oct 2007 17:38 **Posts:** 25

And how to find server bug (with hlsheld)

aluigi · **Posted:** 23 Nov 2007 22:17

Finding bugs is not a thing which can be explained with two words.
You need knowledge and luck

Xpander · **Joined:** 26 Oct 2007 17:38 **Posts:** 25

Are you searching for the bugs now ??

aluigi · **Posted:** 24 Nov 2007 12:29

No, Half-Life is no longer subject of my research from years

Xpander · **Joined:** 26 Oct 2007 17:38 **Posts:** 25

Why, couse the most of players,plays Counter strike (who is on hl engine)

evan1715 · **Posted:** 24 Nov 2007 19:59

no, i'm assuming VAC and their continuous updates, fixes and patches for them.

Xpander · **Joined:** 26 Oct 2007 17:38 **Posts:** 25

I know, but you only can do that, if somebody has got crasher it is made by you... Who is making crashers nowadays ?

aluigi · **Posted:** 25 Nov 2007 15:01

I bet that other people find bugs in game
the only differences between me and them is that for me is a research and not a "crasher", I contact the developers and I release my research publicly with the description of the problem.
So the fact that don't exist new public bugs for a game doesn't mean that they don't exist or nobody has already found them.

Luigi Auriemma

Hlsheld