Hello There, Guest! Register

TF2 Server Crash Exploit
CaffeinePowered
Mad Hatter
*******

Posts: 12,998
Joined: Mar 2008
#1
08-03-2010, 09:47 PM

Had a couple of griefers that were able to send some kind of command or DDoS to the server to crash it, not sure what it is, and Ive not seen anything about new exploits on the HLDS, if anyone knows what this might be or any fixes let me know


[Image: caffsighl7.jpg]Â[Image: 1184299259221.gif]
Sig by Joel
Reply
Evil Cheese
Sad Keeanu


Posts: 886
Joined: Apr 2008
#2
08-04-2010, 07:10 AM

Can you get connection/security logs from the hosting company? They might indicate if it was a DoS or some kind of network related attack.
Reply
CaffeinePowered
Mad Hatter
*******

Posts: 12,998
Joined: Mar 2008
#3
08-04-2010, 07:16 AM

(08-04-2010, 07:10 AM)Evil Cheese link Wrote: Can you get connection/security logs from the hosting company? They might indicate if it was a DoS or some kind of network related attack.

It was way too quick for a DoS attack, I couldn't find anything from parsing the logs last night but I was planning on submitting a ticket to them


[Image: caffsighl7.jpg]Â[Image: 1184299259221.gif]
Sig by Joel
Reply
Evil Cheese
Sad Keeanu


Posts: 886
Joined: Apr 2008
#4
08-04-2010, 09:18 AM

Was it the application/process that was brought down or the entire physical server? I'm not sure how your hosting service works, but I'm assuming you're on a shared physical box with various other application/processes running on it. How much control do you have over the space you're hosted on?
Reply
CaffeinePowered
Mad Hatter
*******

Posts: 12,998
Joined: Mar 2008
#5
08-04-2010, 09:21 AM

(08-04-2010, 09:18 AM)Evil Cheese link Wrote: Was it the application/process that was brought down or the entire physical server? I'm not sure how your hosting service works, but I'm assuming you're on a shared physical box with various other application/processes running on it. How much control do you have over the space you're hosted on?

I don't have access to the physical box or VM, so I doubt it would be the whole physical server that went down. Possibly a signal sent to the proc, but I'm not sure. Also a DDoS wont cause the server necessarily to crash, but it will cause lag outs, not a reset of the executable.


[Image: caffsighl7.jpg]Â[Image: 1184299259221.gif]
Sig by Joel
Reply
Kirby
Uninstalling
***

Posts: 3,853
Joined: Jun 2009
#6
08-04-2010, 11:23 AM

(08-04-2010, 09:21 AM)Caffeine link Wrote: [quote author=Evil Cheese link=topic=4872.msg167572#msg167572 date=1280931485]
Was it the application/process that was brought down or the entire physical server? I'm not sure how your hosting service works, but I'm assuming you're on a shared physical box with various other application/processes running on it. How much control do you have over the space you're hosted on?

I don't have access to the physical box or VM, so I doubt it would be the whole physical server that went down. Possibly a signal sent to the proc, but I'm not sure. Also a DDoS wont cause the server necessarily to crash, but it will cause lag outs, not a reset of the executable.
[/quote]

strip out what you want and send me a copy of teh logaround the time, I'd like to read it line by line >_>


[Image: fastdlusage.png]


[Image: b_350_20_5A6C3E_383F2D_D2E1B5_2E3226.png]
[Image: b_350_20_FFAD41_E98100_000000_591F11.png]
[Image: b_350_20_692108_381007_FFFFFF_000000.png]

[Image: b_350_20_323957_202743_F19A15_111111.png]

[Image: amd.jpg]
[Image: radeon.jpg]
[Image: win7.jpg]
[Image: ubuntu.jpg]
[Image: xp.jpg]
[Image: chrome.jpg]
[Image: pyro.jpg]
Reply
copulatingduck
Following in Gordon's Footsteps


Posts: 7,518
Joined: Apr 2008
#7
08-04-2010, 01:22 PM

It happened to Jiggly's FunHouse late last night as well...


Ripped like paper
raped with ease
hey scrub nerd pyros
suck on these
Reply
[fr31ns]Karrde
The Handy Murse


Posts: 2,655
Joined: May 2008
#8
08-04-2010, 01:36 PM

Lol, the name of that server always makes me laugh.  I'd submit something to valve as well, caff, tho I'm guessing it's probably already known at this stage.  I'd be surprised if something isn't mentioned on the list in the next few days.  These sorts of exploits do seem to come around periodically. 


<+Karrde> welp, time to learn some basic patterning skills
<@Negate> 12121212121212121212
<@Negate> there is a simple pattern
<+Karrde> I changed my mind.  Gonna cosplay as a gay demon from hell and get negate raped instead XD
<+Caffeine`work> Karrde: Gay demon? Why would you need to cosplay just go as yourself
<+FlyingMongoose> Caffeine`work: Karrde would actually have to tone it down some.
Reply
Darklink
BRB, Posting


Posts: 833
Joined: Jul 2008
#9
08-05-2010, 12:18 PM

you can crash a server just by constantly spamming two scripts full of timeleft and nextmap repeated with a wait command inbetween


[Image: 2uthqip.png]
Reply


Forum Jump:


Users browsing this thread: 4 Guest(s)