Page 1 of 1
tam hack
Posted: Tue Jul 25, 2006 5:54 pm
by Porkinator
this from viper
Hey bud, just to let you know there is a bad hack being used to access servers running TAM 257 and 3.0. This hack allows the hacker to gain control of web admin on the server and do all sorts of nasty stuff. You can read more of this at
http://www.unrealadmin.org/forums/showt ... hp?t=16042
Wormbo has released a fix for 257 and the guys at 3SPN have released TAM 3.10. I would highly recommend patching to either or both. If you are using your server for TWL TAM ladder matches I would recommend the 257 fix, since they still require 257 for ladder matches. This is a server side only fix. There is a hitch: Once applied to the server anyone who logs onto the server will download the 3SPN257.u fixed file. Since I WILL NOT be redirecting the file for security purposes the download will go over 100%. The work around for this is for folks to install TAM 257 on their client (if they haven't already). They can pick that up at
http://www.vipersservers.com/downloads.htm at the bottom of the page. Just install it on your client just as you would any mutator. No need to edit your ini.
If you are NOT using your server for TWL TAM matches I would recommend deleting all previous versions of TAM and installing TAM 3.10. It is already redirected.
Let me know what you want to do ASAP. Once a server is compromised you will have to change all your admin logins and passwords.
Posted: Tue Jul 25, 2006 8:44 pm
by pewterdragn
Guys, I can't patch this tonight so TAM is going down. I'll try to get them fixed for tomorrow.
Posted: Tue Jul 25, 2006 8:48 pm
by law.of.averages
pewterdragn wrote:Guys, I can't patch this tonight so TAM is going down. I'll try to get them fixed for tomorrow.
Let me be the first to say thank you sir, for your dilligent efforts.
Posted: Wed Jul 26, 2006 1:48 pm
by pewterdragn
This is a quote from Wormbo on unrealadmin.org:
Wormbo wrote:If you are using 3SPN v2.57 I can provide an unofficial fix for the exploit:
DownloadThis ZIP file contains a drop-in replacement for the original 3SPNv257.u and only needs to be present on the server to work. I suggest keeping the original file on the redirect so clients do not get this unofficial recompiled version. The original and this modified version are compatible to each other (like UT2004 patches), unless an anti-cheat tool performs MD5 checks and expects only one version.
Again: Keep this file on your server and let clients download the original version via redirect! I don't want to see any complaints concerning MD5 mismatches because the server sent the modified file instead of the official one! This fix was not released or created by 3SPN, hence "unofficial".
To install, shut down your server or switch to a gametype other than TAM/AM. Extract 3SPNv257.u from the ZIP file into your server's System directory, overwriting the existing file. Restart your server and switch back to TAM/AM and you're done. Every time someone tries to exploit the bug, he will broadcast the chat message "I tried to hack the server!" and the server will log the player's nick, IP and GUID to "UserLogs/3SPN_Abuse.log". Feel free to send the information gathered in that file to Epic's abuse email address or use it yourself to contact the hacker's ISP and hopefully get his internet access suspended.
As mentioned before I highly recommend changing ALL your passwords and making sure there's no additional admin account created by a hacker if you're using advanced admin. Remember changing passwords on other servers as well if they are the same as on the compromised server!
[edit]
Quote:
[00:51:48] <`Piglet> Putting the original version on the redirect means that if there's a new client without TAM it gets the redirect version fast and then the serverside version very slowly...
So better put the new version on redirect.
I will be following his instructions and putting the file on our redirect for fast downloading. Cross your fingers.
Admins: Please report anything to me immediately if you find one of our servers has an issue. I don't think we've been compromised at this point.
TAM 2.57 Servers Patched
Posted: Wed Jul 26, 2006 1:57 pm
by pewterdragn
Ok all,
The TAM servers are back online with the security patches and the redirect is enabled. If you do not want to use the redirect I recommend using the DOWNLOAD link in Wormbo's quoted post above to get the right version.
Please let me know if you have problems.
Re: TAM 2.57 Servers Patched
Posted: Wed Jul 26, 2006 5:08 pm
by law.of.averages
pewterdragn wrote:Please let me know if you have problems.
How big is your PM box?
Once, again..thanks chief!
Re: TAM 2.57 Servers Patched
Posted: Wed Jul 26, 2006 5:23 pm
by pewterdragn
law.of.averages wrote:How big is your PM box?
oh shit!
Posted: Wed Jul 26, 2006 5:33 pm
by Sideous Prime
dragn <--------- da man!
Posted: Wed Jul 26, 2006 5:53 pm
by Yrrek
Thanks Dragn!
Posted: Wed Jul 26, 2006 7:05 pm
by Nytefyre
yar!
Posted: Wed Jul 26, 2006 7:09 pm
by Porkinator
much grassy ass senior dragon.
Posted: Fri Apr 06, 2007 10:08 am
by hottiger
Damn a job like that you must feel like that sometimes. Either being the one beaten by the fish, or the one doing the beating. I dont know wats worse. Fish are pretty hard to grab onto specially to beat someone with. Sounds like that kinda job sometimes. But, then again you get special mesages like these that let you know people appreciate you. Thank you for your time. From, pretty much a complete stranger. But, is no stranger to admin and freaking whiners. And freakin hackers, well, how is that fun? It seems to me your defeating the purpose of buying a game for fun and challenges, but then again thats just me.
~Aly~ aka -MLH-Tig Thank you again
Posted: Fri Apr 06, 2007 3:47 pm
by Avaris
Danke, good sir