New ET exploit?

Avoc · 2010-07-24 17:34:27 UTC

So, the last two days my clans server has been hit by some people who have found a very annoying exploit.

Our clan runs a decently popular etpro server, though what this exploit does is that it pretty much kicks everyone off the server. Needless to say, its a server killer.

I have uploaded a demo here:
www.eft-clan.com/~avoc/LOTTEPRIV.zip

I was recording the demo as evidence before banning I Jih for wallhacking, so it is a bit long. However, at 6:50 you can see the player called LOTTE.PRIV do his magic.

Anyone else who has experienced the same? For reference, our server is running the newest ET and the newest etpro.

Burneddi · 2010-07-24 17:55:16 UTC

Yes, there is a fix out, see here:
http://www.crossfire.nu/?x=forum&mode=item&id=33891

Avoc · 2010-07-24 18:20:18 UTC

Thanks a lot!

acQu · 2010-07-24 18:33:27 UTC

damn these ragers ? any chance to get a fix committed to the active mods ?

acQu · 2010-07-24 18:45:13 UTC

Damn these ragers ? Any chance to get a fix committed to the active mods ?

valkyr · 2010-07-24 18:57:39 UTC

^ it’s nothing that can be fixed by mods; it’s a flaw in the game engine.

acQu · 2010-07-24 19:02:09 UTC

Yep i just checked it out. The fix is a whole new etded.exe.

BackSnip3 · 2010-07-24 21:17:59 UTC

Muahahaha:stroggtapir::stroggbanana:

macbeth · 2010-07-26 09:59:49 UTC

i am having a big problem
we run NOQUARTER 123 and since i updated with the new etded.x86 when i try to !nextmap we stuck on the first map …
any idea?
and with the new update on our etpub server it is working fine…

set d1 “set g_gametype 2 ; map subway : set nextmap vstr d2”
set d2 “set g_gametype 2 ; map mlb_temple ; set nextmap vstr d3”
set d3 “set g_gametype 2 ; map maat_b2 ; set nextmap vstr d4”
set d4 “set g_gametype 2 ; map glider ; set nextmap vstr d5”
set d5 “set g_gametype 2 ; map radar_summer ; set nextmap vstr d6”
set d6 “set g_gametype 2 ; map frostbite ; set nextmap vstr d7”
set d7 “set g_gametype 2 ; map el_kef_final ; set nextmap vstr d8”
set d8 “set g_gametype 2 ; map whoreage_canyon10 ; set nextmap vstr d9”
set d9 “set g_gametype 2 ; map et_beach ; set nextmap vstr d10”
set d10 “set g_gametype 2 ; map Goldrush-GA ; set nextmap vstr d11”
set d11 “set g_gametype 2 ; map steelplant2 ; set nextmap vstr d12”
set d12 “set g_gametype 2 ; map axislab_final ; set nextmap vstr d13”
set d13 “set g_gametype 2 ; map penemuende_b2 ; set nextmap vstr d14”
set d14 “set g_gametype 2 ; map ge_temple_v2a ; set nextmap vstr d15”
set d15 “set g_gametype 2 ; map V1rocket_b2 ; set nextmap vstr d16”
set d16 “set g_gametype 2 ; map pha_horus ; set nextmap vstr d17”
set d17 “set g_gametype 2 ; map oasis ; set nextmap vstr d18”
set d18 “set g_gametype 2 ; map supply_pro ; set nextmap vstr d19”
set d19 “set g_gametype 2 ; map snatch3 ; set nextmap vstr d20”
set d20 “set g_gametype 2 ; map cathedral_final ; set nextmap vstr d21”
set d21 “set g_gametype 2 ; map 2hide_cal_r1 ; set nextmap vstr d22”
set d22 “set g_gametype 2 ; map password2 ; set nextmap vstr d23”
set d23 “set g_gametype 2 ; map venice ; set nextmap vstr d24”
set d24 “set g_gametype 2 ; map frost2_final ; set nextmap vstr d1”

vstr d1

UJERebel · 2010-07-26 10:44:14 UTC

Sure the fix was for NQ too? not sure if this is the problem…

macbeth · 2010-07-26 11:14:07 UTC

i have absolutly no idea but it works fine with etpub and i cant post on s h i tstorm their site is still down…
i installed noquarter123 for our second server to see if it was not a server problem like we had with our main but same on the other server i cant have the server working fine : we stuck on the first map

system · 2010-07-26 11:51:43 UTC

I doubt fixing the etded.x86 has anything to do with the MOD you are using…
You could doublecheck and replace the fixed etded.x86 version with the original etded version.
The dirty fix works for our mod without a problem.

ps. i can access ****storm without problems ( http://forums.s hitstorm.org/index.php ).

mortis · 2010-07-26 17:08:17 UTC

Macbeth:

set d1 “set g_gametype 2 ; map subway : set nextmap vstr d2”

should be

set d1 “set g_gametype 2 ; map subway ; set nextmap vstr d2”

You used a colon ( : ) instead of a semicolon ( ; )

macbeth · 2010-07-26 18:01:00 UTC

[QUOTE=mortis;234146]Macbeth:

set d1 “set g_gametype 2 ; map subway : set nextmap vstr d2”

should be

set d1 “set g_gametype 2 ; map subway ; set nextmap vstr d2”

You used a colon ( : ) instead of a semicolon ( ; )[/QUOTE]

yes ty a lot Mortis , mine bad

acQu · 2011-12-03 15:52:21 UTC

Hey,

sorry for bumping again. I cannot reproduce the error on 2.6d. However on et2.6b (without using the patch provided) it kicks me and all other clients on the server, with cl_parseservermessage: illegible server message 0 (i used the same script)

Now

this is the error, no ?
has it been fixed on et 2.6d ?

I watched the changelog, but all entries are dated to 2007 and below.

Indloon · 2011-12-03 15:57:43 UTC

It hasn’t fixed in ET2.60b.
However it has been fixed at ioquake3 and Xreal.

Just check this: http://bani.anime.net/banimod/forums/viewtopic.php?t=6777&start=60

acQu · 2011-12-03 16:00:14 UTC

I know these fixes, but they are old (from back in the days when 2.6d was not released). So it might be a double fix, that is why i ask.

Nail · 2011-12-04 07:56:14 UTC

2.60d is a Mac version, 2.60b is the latest Windows/Linux version

afaik, it’s a Q3 exploit not a W:ET exploit

ooops, posted in wrong thread, but thanks for calling me a troll NM and downrepping me, I’ll try return the favour

acQu · 2011-12-04 13:51:15 UTC

I just want to know if it is fixed within et-gpl source release.

acQu · 2011-12-04 13:58:29 UTC

I just want to know if it is fixed within et-gpl source release.