rcon password for samp

Beremix · **Joined:** 14 Sep 2010 09:30 **Posts:** 5

hi aluigi can you make rcon password for samp

like cracker or some thing please

aluigi · **Posted:** 02 Oct 2010 08:32

and on what technical principle? the "nothing"?
blah

Beremix · **Joined:** 14 Sep 2010 09:30 **Posts:** 5

what you mean ?

aluigi · **Posted:** 02 Oct 2010 20:10

I mean that what you said means exactly nothing because "cracking" something remote means just nothing.

you can't "magical" guess a password.
and brute forcing a remote resource (without even considering all the other additional things like banning, false positives and so on) is impossible, except if you have nothing to do the next century and the server will be never reboot/shutdown/changed and is located in your LAN.

oh come on, I mean at least a minimum of logical...

Sethioz · **Posted:** 04 Oct 2010 08:09

Luigi, he actually gave me an idea, which could be useful.
as you already said, remote is nearly impossible, but never count out the stupidity of admins.
anyways doesnt matter for what purpose, i will find it extremely useful (no not what he asked).

how about an universal remote "cracker", that supports bruteforcing with a resume (you can save and load the last position where it was) and wordlist attack with resume option. something like your tcpfp, which can be made to work with nearly any game and other applications.
where you just have to dump your own data from a packet as a reply from server, like "wrong password" or "successful login" (those examples were taken from some chatroom).

so ppl would stop asking for such crackers, and as i said before, i would personally find it very useful too. and not just for attacking ppl, while ago i forgot my "server's" (pc that i use as server, 24/7 on) password, but i knew more or less what i used there, so i could have cracked that password with it. or also i forgot my router's password. i had to reset it, which wiped out all my settings too ofc, its very annoying to set it up again.

basically something like "brutus", but im sure you make one that actually works. brutus is stupid, it always gives false positives.

aluigi · **Posted:** 04 Oct 2010 14:17

multircon is something similar since it's a rcon client supporting multiple engines (at least the most known) and there is a brute forcing/wordlist feature implemented.

but in any case I don't support brute forcing stuff because doesn't have a point.

Sethioz · **Posted:** 06 Oct 2010 22:01

my idea was more like a general, not for specifc games. like your universal players limiter, where user have to dump the data into a file and such.
something where user have to find the connect packet and dump it into a file and so on, if game protocol needs something else, then user have to get right packets.
also not just games, but everything else too, like http authorization (ones that routers use), or FTP. its not exactly your field, but it could be useful and interesting tool, because no such thing exists, brutus is as close as it gets, but it its like 10 or more years old and it doesnt work as it should.

bruteforcing is not useful, but it should be there for testing purposes and never underestimate lazyness of admins, putting only few chars as pass.

anyways its kind a offtopic, so thats it from my side, you can poke me in msn when you get there sometime.

aluigi · **Posted:** 07 Oct 2010 07:39

the problem is that rcon is a protocol so having a "dump" is not enough due to the presence of fields with a meaning (for example a password can be a simple null delimited string or a string after a 8, 16 or 32bit value specifying its size).

then rcon can be on udp or tcp connections adding other complexity

and then most games and engines don't have a dedicated rcon channel, an example is the unreal engine where someone should write a full minimalistic client to have the possibility of sending commands like in the game.
indeed the quake engine and the other games supported in multircon are an exception to the rule.

Sethioz · **Posted:** 08 Oct 2010 08:10

not exactly what i had in mind, but it could be amazing tool. if it supports as many protocols as possible. i meant something that supports like http, https, ftp, "rcon" ... etc and then finally you can even choose either udp or tcp.

aluigi · **Posted:** 10 Oct 2010 09:13

if existed 1000 Luigi Auriemma programming together I'm sure that a lot of these crazy and interesting ideas could be realized :)
one person that doesn't like computers much is not enough unfortunately, so the current multircon is all the one I can do

wocarin · **Joined:** 27 Apr 2011 18:44 **Posts:** 47

I think that this universal bruteforcer does exists....
It is called brutus, doesn't support any kind of RCON protocol thought.

Sethioz · **Posted:** 08 May 2011 15:40

brutus cannot handle such things, it didnt even work on my router, with a simple http auth.
it always says password found or not found, doesnt matter what wordlist i use. its a jurassic tool, 1998 or something if im correct. or 2000 and in computer world anything that is over 1 year old, is well OLD.

wocarin · **Joined:** 27 Apr 2011 18:44 **Posts:** 47

Sethioz wrote:

brutus cannot handle such things, it didnt even work on my router, with a simple http auth.
it always says password found or not found, doesnt matter what wordlist i use. its a jurassic tool, 1998 or something if im correct. or 2000 and in computer world anything that is over 1 year old, is well OLD.

I respect that you don't like it, I was just saying that this tool EXISTED not that is new nor that I use it. You stop trolling me please.