PDA

View Full Version : because i can



php
4th April 2014, 04:18
-

kung foo man
4th April 2014, 09:06
Closed source: unsecure as fuck, Company gives no fuck.

php
4th April 2014, 10:05
-

BurntToast
4th April 2014, 13:18
Honestly though why did you post this? You didn't even propose a useful method of protecting against it, instead choosing to release this "big security breach" to the public.

php
4th April 2014, 13:29
-

kung foo man
4th April 2014, 14:43
You didn't even propose a useful method of protecting against it, instead choosing to release this "big security breach" to the public.

Your fears in honor, but this "possibility" exists for a long time and not only CoD1, also CoD2 and CoD4. Is something more secure, because less people know about it, though others exploit it already?

I don't have Facebook, maybe somebody wants to inform Infinity Ward.

Probably it wouldn't even be allowed to patch those security errors, since Reverse Engineering is not allowed.

Just asked php to test this in Sandboxie (http://www.sandboxie.com/), the download and execution still works, but it might give more security, because it prevents total access on the filesystem.

Sandboxie is able to whitelist processes, this may help (please try php and tell us :D):

686

687

All big Companies start seeing the value of Open Source, Google with Android, Microsoft is open sourcing C# etc... I hope IW will release the source code of Call Of Duty 1, 2, 4... otherwise there is nobody fixing their bugs.

php
4th April 2014, 17:41
-

Tally
4th April 2014, 18:32
OK, I am a little confused. Perhaps some clarification would help:

You can spoof an executable and make it look like an IWD/PK3 file. And this can be downloaded to the client as if it were a mod file. How is the executable started once its in the client's PC? Is it self-executing? I was under the impression that it is very difficult to make a self-executing executable. Even viruses need you to execute them before they can do any damage.

Or, does the fake-IWD/PK3 file sit there and wait/hope that the client gets curious and double-clicks it to see what it is?

php
4th April 2014, 18:35
-

Tally
5th April 2014, 08:18
Would love to tell you, but I won't.

EDIT:
The client itself doesn't have to do anything, upon connecting or whenever u want (in the gif upon playerspawn) you can do it.

Then it's pointless you telling us about it. So you can make an executable mascaraed as a PK3 file. Whoppyfuckingdoo. If it doesn't do anything then no one is going to worry.

IzNoGoD
5th April 2014, 10:14
Would love to tell you, but I won't.

EDIT:
The client itself doesn't have to do anything, upon connecting or whenever u want (in the gif upon playerspawn) you can do it.


As i see it, the server forces the client to execute said .exe file, aka remote execution, virus-worthy.

php
5th April 2014, 11:17
-

iBuddie
5th April 2014, 22:05
One form of this vulnerability has already been made public in 2006 (by Luigi Auriemma). I'm not sure if you followed the same approach, but it does not matter as long as you do not release a PoC or other kinds of detailed information about the vulnerability - there is always guys who abuse it!

Fortunately, most do not know the major (unpatched) security leaks of the older Call of Duty series, which would make it unplayable. Better keep it like that ;)

php
6th April 2014, 11:28
-

Selbie
6th April 2014, 16:07
I wonder if you have used the exploit(s) I found inside cod2.
One of them was also possible to run arbitrary code on clients.

Should be kept secret or patched.