If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.
Has anyone tried to exploit Net/Quake/World and/or Q2 servers to gain root access to the underlying hardware?
I don't know if anybody actually has. But I recall about 2 years ago someone came across a vulnerability in the code for the KTX server mod for Quakeworld that could have potentially allowed access. It has since been fixed.
@izhido, yes.
one of the mvdsv developers used an exploit to gain access in order to upgrade the version of mvdsv+ktx running on a popular-but-outdated server. obviously when the server admin realised, he took down the server completely.
the vanilla quakeworld client+servers had numerous stack smashing holes. don't run vanilla.
the vanilla nq source was in a much better state (ignoring the 'idgods' console-access backdoor that was present in at least one pre-source-release binaries).
never run a game server as root. not even non-quake ones.
Just a head's up, some asshole's spamming some of the servers,"Skeletor" 173.255.192
EzJacK
Might be worth letting Slot, Zop or possibly Painkiller know in case they have the appropriate access to the back end logs and may wish to add this individual to the ban list?
Kind regards
Monty
Mr.Burns "Helping to keep this community friendly, helpful, and clean of spammers since 2006" WWW:Quake Terminus , QuakeVoidYou Tube:QuakeVoid Servers: Quake.shmack.net, damage.servequake.com News: JCR's excellent ctsj_jcr map is being ported to OOT
Comment