Jump to content

Home

Packet Hacks - Ja Server Problem


Recommended Posts

Hello There,

 

I posted recently about an apparent Q3fill issue which was resolved mostly by updating to the newest version of japlus.

 

My friends server is being hacked by a person named 'zarath' who is apparently using packet hacks to crash the server, yet he is apparently unable to do it to mb2 servers.

 

Does anyone know how to fix this?

 

Thank You.

 

Aidenius.

Link to post
Share on other sites

what i know of there is only one way.. make slider to code the game it self to be better protected by hackers.. or turn off you allowdownload what can cost it.. changes you rconpassword and don't make it small make it over the 20 number/words to keep it away from stuff like that make new admin passwords.. i can't see what else there could be done sens it is many years ago i used JA+ Server files and don't know his config's anymore..

Link to post
Share on other sites
  • 2 months later...

Old, but I gotta post this since it's completely related.

 

There was a hack with callvote, where you can edit the packet to change the rcon address (while the vote is in progress) and the password. Lugormod fixed this, but since it's closed source I have no idea how to do this...

Link to post
Share on other sites

Inside void Cmd_CallVote_f( gentity_t *ent ) in g_cmds.c

 

Look for this line:

if( strchr( arg1, ';' ) || strchr( arg2, ';' ) ) {

 

And replace it with:

if(strchr(arg1, ';') || strchr(arg2, ';') || strchr(arg1, '\r') || strchr(arg2, '\r')) {

 

As you may know already, packets were being modified to make the server execute multiple commands via the use of the \r line feed character.

 

Exploiters used modified clients to do this most of the time by replacing ; in their callvote string with \r.

So /callvote timelimit "60;set rconPassword lol" was in fact being changed to /callvote timelimit "60\rset rconPassword lol"

 

The code I gave you will block the use of the \r line feed character, therefore patching the callvote exploit :thmbup1:

 

If you wanted to be really harsh you could kick the player from the server in that if statement if you wanted. :xp:

Link to post
Share on other sites

*EDIT: Replying to Didz*

Indeed, the above will patch callvote.

 

Back to the original post, I doubt he was using anything too harmful - Probably just trying to boost his 'omg i r l33t hax0r ololol' ego.

There was a G_Malloc exploit that's been fixed in JA+ 2.4beta5, the details were posted here

This may have been what you were referring to.

 

 

 

I thought /n and /t could also be used.

\n is already patched, and I'm pretty sure \t can't be used.

 

If only you could make them do r_primi or something? Can you? =o

Well yes, so long as you require they have a client plugin - otherwise nope.

Edited by -=*Raz0r*=-
Link to post
Share on other sites
×
×
  • Create New...