Luigi Auriemma

the unban thing was just referred to the ip since I thought that removing the "ip" field with that bug was possible to hide the real one, but I have tested this thing just now and the IP visualized with status is the real.
So, no I don't know other way to spoof or hide the IP (you can try using -m \ip\1.2.3.4 which probably can work on some old servers but I'm not sure).

ok :S yeah spoofed ip or whatever lol xD

So can u add the 2 options for q3fill?
-wait second(s) between each fake player connect
-1 fake player option instead of filling

version 0.4.2

yes!! thank u luigi ! :)

err... again with q3fill lol... can u make an option that can ignore ban messages, passwords and stuff because once it does that it stops trying to fill the server, and in jk2 if u do it really really fast q3unban will work and let u in, but i cant do it as fast as an automatic can. :)

No, I can't make an ignore option.
Anyway the q3unban feature can be forced with -u

I don't get how to use q3unban properly... And in fact this thread did not helped me yet, too.

Server IP: 213.200:95:26
Server PORT: 28923
It's a JK:JA server(i changed the numbers a bit ^_^)... anyway, then I typed

C:\alugi\sudp>sudppipe -l plugins/q3unban_sudp.dll 213.200.95.26 28923 29070

and pressed enter. Entered my client, i typed /connect 127.0.0.1:29070 in the console and it tried to connect, but there was an "Awaiting gamestate...xx" all the time. And in the cmd console there was nothing like "q3unban activated" or so, there was nothing more then the line "-ready" - it stuck. So I tried it with another local port.

C:\alugi\sudp>sudppipe -l plugins/q3unban_sudp.dll 213.200.95.26 28923 28923

Then /connect 127.0.0.1:28923 in the client console.
Worked much better, I could connect and in the cmd console was an "-add 127.0.0.1:29070" and a "q3unban activated", but I was still banned.
What's my fault? And additonally, what is a localport and how to get it? =/


thanks and greetings

In my tests (as visible also in my video) JA was vulnerable.
So now the hypotesis are the following:
- that version of JA is not vulnerable (I have tested only version 1.0.1.0)
- the server has been patched with my patch
- that server uses a particular mod which isn't affected by the problem

1. Hmm maybe, but that was a 1.0 server and I don't really think that 1.0 > 1.0.1.0 when you know what I mean...
2. Possible, but unlikey imho, because except the popular buffer overflow fix they do not have any other fixes at all...
3. No, this one is a completely pure basejk server

omfg
could it be that the exploit does not work because the server has sv_allowanonymous disabled? -.-'

no, because for example my local test server doesn't have sv_allowanonymous set at all (and the same is for Quake 3).

About the version, seems that online there are only 1.0.1.x servers so forget my first hypotesis.
About the other two, are you 100% sure that the server doesn't use a server-side-only mod or my patch?
my q3unban fix is recent, sure, but watching what you report seems just the only explanation.

I finally asked an admin about their fixes, and the server is just protected against a config-caused buffer overflow and that's no real problem for your infostring exploit you know... Well in fact I don't understand why it does not work =(

And btw, the q3fill unban-forcing through the option "-u" does not work eiter... Any ideas?

it works does work... ? all it does instead of the automatic unban that is detected it FORCES it to use the overflow bug so basically it executes it even if ur banned or not

lol... on another server your exploit worked without any problems oO the only different between these two servers are that the one on which the programm worked was unpure.... huh i'm going to test the vulnerabilty of some other servers pure and unpure during the next few weeks i think.
But to get to point, your programme finally did his job very well =D and you seem to be right with your hypothesis that the server's version and cfg or whatever can destroy its vulnerability to that exploit. Well, like I said ill test some servers to proof if this idea is true and give you a feedback then, if you want.

excuse my bad english >.<

^_^ or 1 of the servers u tried has patch and the other one doesn't >_<

What does that error mean?

MM one more thing, multircon...
Heh, adding an option again;
can u add one that guesses a command? i got rcon for this server and my friend keeps changing the 'kick' command on me lol, ive found it out twice but uh can u add the option that searches for it and how many characters it can be. So type in the password, type in how many characters it is, and start guessing all the possiblities. (possibilites of four characters in this example)

I know you want like multircon and q3fill in the right subjects but it's just easier to use 1 subject that covers a lot :)

[quote="evan1715"]^_^ or 1 of the servers u tried has patch and the other one doesn't >_<[/quote]
Nah. Read my posts, I asked the admin and he said that his server has no q3unban-fix...

k i did re-read ur post twice, theres nothing about an admin

that error you received is for avoiding an overflow of the buffer called more (the one which contains the unban stuff and other automatic parameters).
it's used in a experimental function for the handling of uncommon parameters and other dynamic stuff.
Anyway in your case your IP was still banned.

nc
Okay, I already tested sum other servers now, and it seems that the q3unban exploit works perfect on every server, excpect the described 213.200.95.26:28923... Well, strange thing(they don't have any fixes <.<), but in fact I don't really care about just one lonely server... Whatever... Anyway, you did a very good job with this exe, it can even erase a subnet ban ^_^ n1 gz etc

keep up your good work ;D

Anyway I have a doubt... why your IP/subnet is banned on all these servers?
8-)

malo, 2 different posts i thought u where talking about ur most recent: here

Stole rcon with q3dirtrav or asked the admin if he could ban me because I want to test something... Wasn't a big problem ^_^

Whew dude, whatever... Nevermind, np ;D

LOLROFLHAHAHAROFLLLLLLLLL

if ur going to steal rcon, make sure ur undetected(u amateur :D)... ban to test what?! q3unban? why dont u try it on 1 of those servers u stold rcon from! Also, what game is this you're playing on?

Of course.

Shh. You know a crap about the ways I'm stealing rcons and which precautions I take. Just don't care, I know how to stay undetected and don't getting into bigger trouble, believe me. A good advice: Don't call somebody an 'amateur' when you've just no clue about his working methods.

You still know a crap. Firstly, knowing at least just a bit about q3dirtrav would help you to dare to talk like that. In fact, this exploit doesn't work on every server. Additionally, other programs like multircon take too much time to reach the target 'rcon'. Secondly/Thirdly, in such situations I just say "i will try to unban me =D", and no one cares anymore.

For the second time, read my posts/learn to read, whatever.

Owned?


Merry Christmas,
malo

can I ask to both of you to don't start flame wars?

evan, since the beginning you started with stupid comments and attitude and I don't refer only to this case but also to other topics so if you need to do/say anything not-related to this forum there are many others on internet.

in my book, getting caught means you would be an amateur

k, apparently not

duhhhhhhhhh, most servers have download off servers that do (the 1 out of 30) have it on they could have luigi's patch for it, or there could be a bug and it not work, or the name of the .cfg ur trying to get is not server.cfg or jampserver.cfg or whatever JA has.
duh.
or u can not be a prick and just say jedi academy

yes of course, malo u may choose one of my contacts if u intend to proceed in the argument, no need for luigi to lock topic, close topic, or ban either of us.

pm
msn
aim
my forum
xfire = evan1715

Holler.

I'm done with you, there's no need for further conversations. Like i see, you unfortunately did not get what I tried to tell you. Well, maybe that's just because my english isn't as peferct as yours, hm... Nevemind, I don't regret this 'defeat' tbh, I couldn't care less about it. So I cut this now, get over it, deal with it, whatever. Luigi is right, you too: Back to topic. Boom. Contact me via PM when you think that there's still a reason for talking with me.


Luigi, is there any possibility to make the fake players of your q3fill exploit join the game, just like bots? I don't mean that they shall fight then, I just want them execing configs like bof, modelcrash etc., so they could stay in spec mode. Any ideas?

malo, it's possible but i beleive it would be hard...

Also, heres a secret, you can execute at anytime... I mean like when it says Connecting... and it finally says Awaiting Gamestat, before the map loads you can execute stuff, so you can execute a binded crash and they wont know your ip because you executed it too fast when you connected... unless your playing on 1.01 which they may have connect logs, like the Gamall Mod. But most have JA+ Mod so I don't know what sort of logs that mod has.

So yes... stuff can be executed directly when connected, I don't know if it can through fake players but try it, I don't know if you knew that because most don't.

oh and I read your posts again, which version of JA do you play? 1.01 or 1.0?

and you can also try force crash, it's a JO and JA only crash since it's force.