|
www.Create-Server.com » Tutorials » New destructive HLDS exploits - hlds_fuck and hlds_vcrash
Tutorials: New destructive HLDS exploits - hlds_fuck and hlds_vcrash
Author: 3JIou-TaTaPuH (7-03-2010, 14:49)
II) hlds_fuck   Description: Know as hlds_fuck and numerous variations for use in cron. Also this exploit has not quite working version for the Source engine known as srcds_fuck. Hlds_fuck causes server falling with a following error - "The Instruction at 0x####### referenced memory at 0x#######. The memory could not be 'read'. Can't be detected in logs coz server crushes immediately and doesn't have a time to log crush information. Vulnerable/Protected: It affects to all servers with authorization STEAM3 (GoldSource, Source 2007, Source 2007 U1) Protected: Servers with authorization STEAM2 (Classic Source) Protected and not vulnerable: Servers with eSTEAMATiON 2.X (all available public versions, and, of course, TRUNK) Thus we have that, all "legal" 48 protocol server , including the Source engine servers is vulnerable to this exploit, and that hints to a possible fix from Valve side. What's the salt? Verification Error of client token in a steamclient library, on new 48 protocol steam servers. (CAppOwnershipTicket:: BIsTicketSignatureValid - Digital RSA signature verification error of client ticket). This automatically makes all 47 protocol servers less vulnerable. Treatment?! How to protect! As in the previous case, there are several ways. 1. Install new dproto 0.4.1 plugin supports both Windows, and Linux. Sick fighters for licensed software can turn off access for cracked clients in the settings. (epic holy wars) 2. Install old dproto and put in the settings DisableNativeAuth = 1 3. Wait for the implementation of protection in Anti CSDoS or VUP (ViTYAN's GameServers Universal Patch). Quote: Shocker Max, I know, the latest exploit affects steam validation as far as I saw. Will try to see if I can make a fix these days (03/03/2010 22:30) For Linux this bug closes HLShield 2.4.4. Wait until this bug will be fixed by Valve. Although, this option is more likely for the patient optimists. P.S Also, thanks to diligence of some holoc, who write a program named kill_cs, which run exploit in batch mode, all unpatched Eastern Europe servers (basically all servers between Romania and the Urals) can be shut-ed down with a particularly brutal frequency. List of IP which are aimed this "nuclear railgun". This article has been translated by 3JIou-TaTaPuH. Original article in Russian language you can find at http://dragons-portal.org. All Credits goes to retrib aka max, SH@RK, http://c-s.net.ua, http://forum.csmania.ru, http://www.dedicated-server.ru |
Previous << | page 2-of-2
Views: 17182 Comments (12) Print
Related News...:
Information
Members of Guests cannot leave comments.
