All Admin GUID Stolen with a 2.55+ Server version Against "wwwdl exploit" workaround

(BigBear) #1

Hi!

An Admin have reported me that all the GUID of his server have been completely Stolen

Do you think is that possible With servers that use ?:

1)2.55+ Patched Server version Against “wwwdl exploit” workaround

2) shrubbot.cfg files have unguessable names

3) QMM + Last Bugfixes

4) NO REFEREE PASSWORD

[B]It seem now possible to Steal all the GUID from a Server to create an ETKEY

Does someone think it could be possible and it could be a New Security Breach ?[/B]

Does they want WET to DIE ?

Thank you :wink:

(Loffy) #2

W:ET will never die.

(BigBear) #3

Yeah but it do not answer my question ?

If necessary please Answer in PM

(schnoog) #4

The GUID is hashed from etkey.
If someone knows the exact GUID, and have a ton of time, he could bruteforce until he get the etkey.
Without the issuedate from the etkey, its a long term work, and not done in a few hours.

(TimOOn) #5

First of all, how do you know that ALL GUIDs have been stolen?

[QUOTE=schnoog;385783]If someone knows the exact GUID, and have a ton of time, he could bruteforce until he get the etkey.
Without the issuedate from the etkey, its a long term work, and not done in a few hours.[/QUOTE]
GUID is easly spoofable so you don’t have to waste years to get the exact copy of admins etkey.

(hellreturn) #6

Possibilities:

  1. Probably quake 3 traversal bug. I haven’t used ETpub since a while but i guess shrubbot path is logged in server log so from their he got it.
  2. One of your clan member who had !finger gived out info to others or someone got !finger command he got all info.

Solution:

  1. Reset all GUID’s if they are stolen.

I see Nitmod is having nitmod GUID’s. Might want to use that or we are going to release silEnT 0.5.0 with mod based GUID system which also includes GUID spoofing protection. It’s around the corner and we are testing OS X support for it.

We will be supporting PB GUID and silEnT GUID together. !finger and !usersearch screenshots :slight_smile: Off course their are more enhancements in 0.5.0. Also since now !finger contains client version, you can ask players to patch their ET to 2.6b rather then 2.55. You can search through full user db using name, IP, GUID or using together i.e. name and level too.

(schnoog) #7

GUID is easly spoofable so you don’t have to waste years to get the exact copy of admins etkey.

To get the exact copy of the guid, yes. But not for the exact copy of etkey. (the guid is a multiple offset md5 hast of the etkey).
So without bruteforcing isnt possible to rebuild an exact copy of the etkey files (otherwise youve found a weak point in MD5 :slight_smile: )

(BigBear) #8

Thank you for your answers :slight_smile:

Obviously it exist Harmful persons and too “kids in their head” peoples that have enough time just to think about disturb many servers.

TAKE CARE : Very HIGH Elaborated hack :

What I have seen is : Faked GUID, Faked Names, Faked FLAGS, Faked IP and PING and >>> Many faked player connected on the same Server using Many countries with many GUID including of some admin using @ flag

The fact is that many have spoken on this Forum about how is GUID/etkey structure can have perhaps given ideas to some bad persons. I am scared it could be the next step and a big risk for many Servers and Clans… including if they have developed something like in the goal listen the data exchanges.

First they identify potential online admin… After they listen data exhanges… and last point they have the time and the motivation to do it.

I think it is perhaps the time to think another alternative in the goal to secure Player Identification. Custom ideas are good but require to be included in the MOD ; but problem many MOD will have no more version. Yeah change of version of MOD not always the easy way it require many custom many settings and always a lot of work and unknown problems.

Can be good to have something that work like as the idea of an ADD-ON as like QMM or an LUA script can be perhaps an idea in the goal to have something that can be custom and personalized (example an unique encoded key for each server or for a group of servers) that could work with any MODs. I suggest to do not wait anymore before it could be too late.

I think problem is certainly more dangerous as it appear for the moment : I think too that it is just a test and problem will be extended to attack other servers. Future risk to be darker and problem risk to be uncontrolled for all.

For sure only time will say… but when too late it is too late.

(hellreturn) #9

If you have that hack, please PM it to me and we can try to add protection against that in silEnT mod.

(diaboliksmart) #10

hmmm seems good this silEnT mod (actually run jaymod+enhmod) but does your mod permit the connection without ETkey ?

(hellreturn) #11

Indeed you can join without etkey. In fact once you join server, mod will generate the key so that no players faces XP save or admin issues.

Mod will generate unique key for all players.

(aaa4) #12

[QUOTE=hellreturn;385800]Possibilities:

  1. Probably quake 3 traversal bug. I haven’t used ETpub since a while but i guess shrubbot path is logged in server log so from their he got it.
  2. One of your clan member who had !finger gived out info to others or someone got !finger command he got all info.

Solution:

  1. Reset all GUID’s if they are stolen.

I see Nitmod is having nitmod GUID’s. Might want to use that or we are going to release silEnT 0.5.0 with mod based GUID system which also includes GUID spoofing protection. It’s around the corner and we are testing OS X support for it.

We will be supporting PB GUID and silEnT GUID together. !finger and !usersearch screenshots :slight_smile: Off course their are more enhancements in 0.5.0. Also since now !finger contains client version, you can ask players to patch their ET to 2.6b rather then 2.55. You can search through full user db using name, IP, GUID or using together i.e. name and level too.[/QUOTE]

a true business man. leaves no chances of selling his totally awesome silent mod. in fact, all i hear is: silent mod, silent mod, silent mod. great work!!

(hellreturn) #13

Business man makes money and I don’t make single cent from any online gaming. That being said, I rest assure you we will keep progressing and we will always try to provide something nice to community as far as we can. Feel free to troll as much as you like and it’s not going to bother me at all.

For the record, I received the PM from the person who started this topic and he asked me for help/opinion which I did. The more you troll about us, more I feel happy because when u do something good some people always get jealous.

What happened to your last post? I guess other developers spoke themselves :slight_smile:

http://www.splashdamage.com/forums/showthread.php/31278-silEnT-mod-0.4.0

(aaa4) #14

then send him your silent mod offerings/commercials in a pm and spare us with any of your countless advertisements (spam) here in this forum.

(hellreturn) #15

He asked me for the help in this topic. May be since you have nothing better to say or nothing to help, keep on trolling. You have history of trolling. :slight_smile:

Here is the answer to you:
http://www.splashdamage.com/forums/showthread.php/21825-Et-Xreal?p=384312&viewfull=1#post384312

(aaa4) #16

[QUOTE=hellreturn;385957] …keep on trolling. You have history of trolling. :slight_smile:

Here is the answer to you:
http://www.splashdamage.com/forums/showthread.php/21825-Et-Xreal?p=384312&viewfull=1#post384312[/QUOTE]

stop insulting me. you have been reported!

(diaboliksmart) #17

All mods have avdantages VS inconvenients, but would someone (RedSector/Equalone or ??) build a new patched ET.exe, including the bypass of etmain etkey ? Possible ?