Post by |'L0.| on Jun 21, 2014 3:35:11 GMT
About :: Security fix
A long persisting nuke exploit was detected and fixed. This is a little known attack that popped occasionally over the years but was never clear what it was. Last few months it's been actively used by few to attack various servers. I finally took the time and set a honeypot cluster of servers where I've track the stuff and eventually successfully identified and patch it.
Please note that this is not a AvP mod exploit, it's a general exploit that works on any 1.0 mod.
I've so far patched H4S 1.4.8 (x01), S4NDMoD 2.3 (x01), AvPMOD 1.4 (1.4.1), AOD 3.7 (did not yet commit the source to Skull) and rtcwPub (0.2 - not yet commited the source). I also addressed CU 6.1 but in a different manner since source code is not available.
Any other mods and versions are completely vulnerable to it. Any (known & legit) modder can freely contact me for how to solve it.
How it works:
Specific command + parameter basically sends server to a infinite loop which causes server to crash as well as eventually overloads cpu.
How it was dealt with:
Loop basically needs to be fixed to exit after it went through all the slots. Since this particular command was more or less never used with exception of ones that wish to nuke the server, I decided to simply log it in a separated log then auto-ban the client and kick them. This approach is used so owners can identify the players if they try to pull it off.
Release Log
MOD: AvPMOD
Version: 1.4.1
Date: 21 Jul 2014 / 5.08 am (CET)
Author: Nate 'L0
Contact: nate.afk@gmail.com
Forums: rtcwx.com
Note: It's been around 5 years since the last release but this had to be solved.
-------------------------------
This is a maintenance release.
-------------------------------
A exploit that eluded the security net for 10+ years has been identified and patched.
This particular exploit had ability to crash the server as it sent game to a infinite loop.
Changes
-------------------------------
- Fixed crash nuke,
- Added g_logUsrCmds, when enabled it will log all user commands so players
as well as their doings can be (if needed) investigated.
- Added latch flag to following forced variables:
cl_timenudge, cl_maxpackets, rate
- Added nuke check under user commands for string length and few other things..
Notes
-------------------------------
- This is basically the 1.4 release with few security features applied.
- Check the 1.4 for server config as it's more or less the same.
- This build is build with all forced restrictions (forcing downloads, vertex..).
URL: pub.rtcwx.com/index.php?path=rtcw%2F1.0%2FAvPMOD%2F1.4.1/
A long persisting nuke exploit was detected and fixed. This is a little known attack that popped occasionally over the years but was never clear what it was. Last few months it's been actively used by few to attack various servers. I finally took the time and set a honeypot cluster of servers where I've track the stuff and eventually successfully identified and patch it.
Please note that this is not a AvP mod exploit, it's a general exploit that works on any 1.0 mod.
I've so far patched H4S 1.4.8 (x01), S4NDMoD 2.3 (x01), AvPMOD 1.4 (1.4.1), AOD 3.7 (did not yet commit the source to Skull) and rtcwPub (0.2 - not yet commited the source). I also addressed CU 6.1 but in a different manner since source code is not available.
Any other mods and versions are completely vulnerable to it. Any (known & legit) modder can freely contact me for how to solve it.
How it works:
Specific command + parameter basically sends server to a infinite loop which causes server to crash as well as eventually overloads cpu.
How it was dealt with:
Loop basically needs to be fixed to exit after it went through all the slots. Since this particular command was more or less never used with exception of ones that wish to nuke the server, I decided to simply log it in a separated log then auto-ban the client and kick them. This approach is used so owners can identify the players if they try to pull it off.
Release Log
MOD: AvPMOD
Version: 1.4.1
Date: 21 Jul 2014 / 5.08 am (CET)
Author: Nate 'L0
Contact: nate.afk@gmail.com
Forums: rtcwx.com
Note: It's been around 5 years since the last release but this had to be solved.
-------------------------------
This is a maintenance release.
-------------------------------
A exploit that eluded the security net for 10+ years has been identified and patched.
This particular exploit had ability to crash the server as it sent game to a infinite loop.
Changes
-------------------------------
- Fixed crash nuke,
- Added g_logUsrCmds, when enabled it will log all user commands so players
as well as their doings can be (if needed) investigated.
- Added latch flag to following forced variables:
cl_timenudge, cl_maxpackets, rate
- Added nuke check under user commands for string length and few other things..
Notes
-------------------------------
- This is basically the 1.4 release with few security features applied.
- Check the 1.4 for server config as it's more or less the same.
- This build is build with all forced restrictions (forcing downloads, vertex..).
URL: pub.rtcwx.com/index.php?path=rtcw%2F1.0%2FAvPMOD%2F1.4.1/