Vulnerability Development mailing list archives
Re: CounterStrike (HalfLife?) Server possible DoS attack.
From: hellNbak <hellnbak () nmrc org>
Date: Thu, 28 Nov 2002 23:32:01 -0600 (CST)
Dude don't mess with my fraggin counterstrike. :-) Tested on latest version with all patches and it doesn't work. But if I remember correctly the patch was on the server side so mileage may vary. On Thu, 28 Nov 2002, Patrick Webster wrote:
Date: Thu, 28 Nov 2002 11:12:24 +1100 From: Patrick Webster <webster_p () DeMorgan com au> To: "SF-Vuln-Dev (E-mail)" <vuln-dev () securityfocus com> Subject: CounterStrike (HalfLife?) Server possible DoS attack. Hi Guys, Could someone who actually has CounterStrike on their PC look into this for me and see if it still exists? Last I remember, it was possible to crash a CS server and thus disconnect all users by requesting "say nextmap" multiple times. To reproduce this attack, you simply bind any key to ask the server to display the next map - I recall it as 'say nextmap'. So, for example; F6 = 'say nextmap; say nextmap; say nextmap; say nextmap; say nextmap; say nextmap; say nextmap; say nextmap; say nextmap; say nextmap; say nextmap' Connect to a server, and rapidly press F6 until you are disconnected. Try and reconnect - the service should have crashed. Thanks, Patrick Webster, Systems Administrator DeMorgan Information Security Services Freecall: 1800 DE MO RG (33 66 74) Tel: +61299290377 Fax: +61299290917 Mob: +61403421390 Address: Level 2, 41 McLaren St North Sydney, NSW, 2060, Australia Visit us at: www.demorgan.com.au
-- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- "I don't intend to offend, I offend with my intent" hellNbak () nmrc org http://www.nmrc.org/~hellnbak -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Current thread:
- CounterStrike (HalfLife?) Server possible DoS attack. Patrick Webster (Nov 28)
- Re: CounterStrike (HalfLife?) Server possible DoS attack. r00t (Nov 29)
- Re: CounterStrike (HalfLife?) Server possible DoS attack. hellNbak (Nov 29)