Sv_pure 2 folk kan ikke spraye?

[lol554]

(03-19-2010, 11:26 PM)realchamp Wrote:  Du lytter åbenbart ikke efter. Jeg er care på det prove, for det virker ikke!

Der står også på - at alt andet ikke virker det er bare mit argument...

Han kan jo ikke lytte... Det bliver jo skrevet - og din side er nede (krise)

[egor1908]

Ved du hvad dette exploit går ud på?

[realchamp]

Ja......

[egor1908]

(03-20-2010, 06:24 AM)realchamp Wrote:  Ja......

Hvorfor er der så lavet en plugin, hvis det er så nemt at fikse?

[realchamp]

Fordi folk ikke vil have sv_allowupload på :-)

[Raser21]

Nu må i altså stoppe diskussionen.... Realchamp har ret man kan ikke uploade når sv_allowupload er sat til 0. det gør så serveren fuldstændigt udelukker uploads

[egor1908]

Okay jeg vil sgu lige prøve exploitet på min lokal server.

Hvorfor skriver A. Luigi så at

Quote:using "sv_allowupload 0" does NOT solve the situation.

? Er det mani-relateret?

[realchamp]

(03-21-2010, 07:56 AM)egor1908 Wrote:  Okay jeg vil sgu lige prøve exploitet på min lokal server.

Hvorfor skriver A. Luigi så at

Quote:using "sv_allowupload 0" does NOT solve the situation.

? Er det mani-relateret?

Måske. Jeg har ikke rørt Mani i flere år

[egor1908]

Jeg skrev et email til ham, der er tale om en helt "clean" server. Det betyder nok at dette er ikke mani relateret.

[realchamp]

isias Wrote:Based on a more and more widely spread, not yet fully fixed SRCDS exploit, it is possible to upload files to game servers, allowing a person to change the rcon password (via uploading a new server.cfg) or adding themselves in all plug-ins using a .txt / .cfg file for admin authentication (for example uploading a new adminlist.txt / clients.txt for Mani Admin Plug-in, a new admins_simple.ini / admins.cfg for SourceMod or a new autoexec.cfg for Eventscripts eXtensible Admin etc.). This exploit is not based on any plug-in installed on your gameserver. This exploit is based on the SRCDS itself.

Valve is aware that there is a file upload exploit and already fixed it partly for TF2 and has already fixed another even older upload exploit. But until yet, this exploit still is possible.

To prevent this, it is advised to set sv_allowupload 0 in your server.cfg, disallowing uploads completely.

This will break some in game spray functionality, since spray's can't get uploaded to the server anymore. Still, it is highly advised to set this CVar to 0 to prevent your server from being exploited by file uploads. Also, set your server to sv_cheats 0 to prevent a very common exploit allowing a person to gain rcon access.

Also, make sure you update all your plugins you're using on the server to the latest build. If you want some extra protection it is advised to set the rcon password in the start up command line instead of specifying it in the server.cfg, That way it can't be changed

[Raser21]

Hvad sagde jeg???
Jeg havde ret

[egor1908]

Ja ved i hva, en programmør ved nok mere end det der står i et eller andet faq. Han sagde selv, at dette løser ikke problemet.

[realchamp]

Jeg er da ligeglad med om du så var kron prins, det har ingen betydning.

[klausenbusk]

Nu må i to holde op med at diskutere

[realchamp]

(03-24-2010, 06:15 PM)klausenbusk Wrote:  Nu må i to holde op med at diskutere

Nej det har vi skam lov til