server Attack

[CaptainSlow]

Old kernels are mainly removed by apt-get autoremove.

Install proxmox and run it all virtualized through kvm. Supports windows and linux.

Virtualization would be an option yes, although I prefer Virtualbox for that. I could install Ubuntu Server in Virtual Box and make a virtual share/shared harddrive with the host OS (Windows) so that Statsgen would be able to grab it's logfiles. The drawback is that this costs quite some overhead in terms of CPU and RAM.

Oh that damn human kindness...

I was able to patch the exe but if something else will be broken, i dont care.

Patched the SV_UserinfoChanged() to ignore client snaps setting. (Just forced it to 20)
Original code:

Spoiler:

Patched code:

Spoiler:

Hex:

Spoiler:

A bit ugly but should do the trick. Plas test.
https://www.dropbox.com/s/hcdtplioe3...tched.exe?dl=0

And i dont need your money.

Many many thanks for your kindness, time and expertise! I will test it out! Also thanks for the instructions/source, 'Give a hungry man a fish, you feed him for a day, but if you teach him how to fish, you feed him for a lifetime.'
Which program do you use to modify the exe files? IDA Pro or an Hex editor?
PS. Did you modify the original cod2mp_s? We're using the one from Mitch, which allows Windows based COD servers to also show up on the masterlist. His exe can be found here:
https://killtube.org/showthread.php?...ll=1#post12540

Kind regards.

EDIT: It works! Well, I don't how to test if the exploit is being blocked (because I don't know how to execute the exploit), but at least I was able to connect to our server and walk around etc, so the server functions seem to be in working order.
As explained above, we use a modified COD2mp_s.exe by Mitch, which allows cracked servers to show up in the master list.
Thanks to your explanation/source how you patched/fixed the .exe, I managed to patch the modified COD2mp_s.exe by Mitch by myself. At least I hope I did it properly. I've attached it to this post: CoD2MP_s_cracked_patched_snaps.7z
Again, server functions seem to be in working order, but I don't know if it actually blocks the exploit because I don't know how to execute it.
Once again, many many thanks!

[voron00]

Virtualization would be an option yes, although I prefer Virtualbox for that. I could install Ubuntu Server in Virtual Box and make a virtual share/shared harddrive with the host OS (Windows) so that Statsgen would be able to grab it's logfiles. The drawback is that this costs quite some overhead in terms of CPU and RAM.



Many many thanks for your kindness, time and expertise! I will test it out! Also thanks for the instructions/source, 'Give a hungry man a fish, you feed him for a day, but if you teach him how to fish, you feed him for a lifetime.'
Which program do you use to modify the exe files? IDA Pro or an Hex editor?
PS. Did you modify the original cod2mp_s? We're using the one from Mitch, which allows Windows based COD servers to also show up on the masterlist. His exe can be found here:
https://killtube.org/showthread.php?...ll=1#post12540

Kind regards.

Ida and hex (you can see the patched bytes on 3rd screenshot, they got red line bellow them). Patched cracked exe from mitch: https://www.dropbox.com/s/axh7ayr5y2..._snaps.7z?dl=0

[CaptainSlow]

Ida and hex (you can see the patched bytes on 3rd screenshot, they got red line bellow them). Patched cracked exe from mitch: https://www.dropbox.com/s/axh7ayr5y2..._snaps.7z?dl=0

We posted at the same time (well I edited my previous post ). Once again, many thanks for the information. Thanks to your explanation how you patched/fixed the .exe, I managed to patch the modified COD2mp_s.exe by Mitch by myself. But just to be safe, I rather use your patched exe because I have no experience in this and I don't know if I edited it correctly. My edited exe is attached in my previous post btw.

Server functions seem to be in working order (I can connect, walk around, shoot etc), but I don't know if it actually blocks the exploit because I don't know how to execute it.
Once again, many many thanks!