TommoUK Posted July 5, 2014 Member ID: 21196 Group: **- Inactive Registered Users Followers: 0 Topic Count: 1 Topics Per Day: 0.00 Content Count: 2 Content Per Day: 0.00 Reputation: 3 Achievement Points: 23 Solved Content: 0 Days Won: 0 Joined: 07/05/14 Status: Offline Last Seen: July 6, 2014 Posted July 5, 2014 (edited) Hi guys was discussing this with boomboom other day, you seem to have had your server rcon hacked a few times now.. I don't know if you know of this information already, but just incase.. There has been an exploit around for a while (years now) now that allows anyone to download server config files (SHOULD they know the name of the config file), therefore gaining access to your rcon pass (but nothing else important). If your servers config is server.cfg this will be hacked very easily you can fix this by renaming your config file (if it is still server.cfg).. As you guys have a dedi box, I will assume this will fix the problem as you can set your own config to start the server with, Where as on a lot of game server hosts you cannot change "server.cfg" being called on the startup. Also another way to fix this (or put off most hackers) is to have your config file be near empty, containing nothing but a call for another config file, eg "exec 10oOo00O10IiIllL.cfg". Give the config a mix of zero's and uppcase / lowercase O's and I's, And the hacker will soon get pretty bored of trying to type all these impossible config names to download. Again you guys may already know this, but hope this can be of help if not! Feel free to give me a message / reach me in-game if you need further explanation Also as this is my 1st post, hello to everybody on the forums! Edited July 5, 2014 by TommoUK LOCO, iboomboom and ChknFngr 3
ChknFngr Posted July 5, 2014 Member ID: 922 Group: ***- Inactive Clan Members Followers: 72 Topic Count: 149 Topics Per Day: 0.03 Content Count: 3472 Content Per Day: 0.62 Reputation: 1286 Achievement Points: 23224 Solved Content: 0 Days Won: 1 Joined: 12/23/09 Status: Offline Last Seen: November 16, 2021 Birthday: 10/01/1975 Posted July 5, 2014 thank you Tommo, im sure our admin will have an eye on this Awards
LOCO Posted July 5, 2014 Member ID: 465 Group: ***- Inactive Clan Members Followers: 59 Topic Count: 397 Topics Per Day: 0.07 Content Count: 2182 Content Per Day: 0.38 Reputation: 2640 Achievement Points: 20166 Solved Content: 0 Days Won: 22 Joined: 09/20/09 Status: Offline Last Seen: November 4, 2024 Birthday: 02/09/1977 Device: Windows Posted July 5, 2014 a new config file name and a stronger and longer password would help too Awards
Sammy Posted July 5, 2014 Member ID: 3036 Group: ***- Inactive Clan Members Followers: 32 Topic Count: 219 Topics Per Day: 0.04 Content Count: 9419 Content Per Day: 1.92 Reputation: 7515 Achievement Points: 62539 Solved Content: 0 Days Won: 21 Joined: 11/29/11 Status: Offline Last Seen: March 17 Birthday: 04/26/2008 Device: Windows Posted July 5, 2014 Yea several of those are already done but it happened anyways somehow. I'm not nearly as well versed on server operations as many others here so I dont know how he did it. Awards
TommoUK Posted July 5, 2014 Member ID: 21196 Group: **- Inactive Registered Users Followers: 0 Topic Count: 1 Topics Per Day: 0.00 Content Count: 2 Content Per Day: 0.00 Reputation: 3 Achievement Points: 23 Solved Content: 0 Days Won: 0 Joined: 07/05/14 Status: Offline Last Seen: July 6, 2014 Author Posted July 5, 2014 (edited) Ahh you store them inside a mod iwd instead correct? The XImodfiles.iwd or whatever. I believe this can also be downloaded should the hacker know the name of it, again make sure that .iwd file is given a name with lots of random letters! Forgive me if my knowledge is a bit old, it has a been a couple of years since I have owned a server on COD4, but I know this method is still used. Edited July 5, 2014 by TommoUK
fireurza Posted July 6, 2014 Member ID: 677 Group: ***- Inactive Clan Members Followers: 18 Topic Count: 172 Topics Per Day: 0.03 Content Count: 1457 Content Per Day: 0.26 Reputation: 791 Achievement Points: 9890 Solved Content: 0 Days Won: 5 Joined: 11/02/09 Status: Offline Last Seen: January 16, 2024 Birthday: 02/20/1986 Posted July 6, 2014 (edited) was it a rcon hack or a xuid hack? Edited July 6, 2014 by fireurza Awards
Recommended Posts