Quote: "Pardon me for saying this, but it seems you just took an automatic rifle with a laser sight and shot yourself in the foot with it. "
Hawkeye,sir,that was a most excellent and, solid comment.
Quote: "x1b, your reasons are flawed. There is nothing to gain from hacking a BF server, but the game itself may benefit from fixing that exploit."
ionstream, that was a extremely ignorant and weak comment. disappointing.
Quote: "yes but your forgetting that this is an ea game, so no it wont get fixed.
"
Granted,however,if you consider where Counter-Strike began and, where it now,then verily,this company is heading the same direction and merrits the same respect.
Allow me to view this from a Security Analyst point of view:
A remote vulnerabillity has been identified and confirmed,albeit, this specific attack is reasonabley harmless. So, I my self would ask the next question "ok...so technically I have remote access and means past the Network IDS. Can I now elevate to default user access via this "XSS like" attack? And in so,what access will I have? Can I elevate to the next level or gain additional permission? Can i open ports past the 16000 range and upload minor software such as netcat to inject 2-3kb of code and W access to compile and run a sniffer and check its 3kb logs once every few hours? or spawn a remote shell via yet a 2nd dll? What servers are on their Subnet that i may attack spoofed as this server for something more interesting,or...and I assure you this list can grow FAR past these questions. R access? RW access? RWX access? identify Services, network topology, ports and protocols behind and before IDS, can I force spoofed packets? Spoofed MAC, Spoofed ARP? and related injections? and this list too, can go way on.
Its far past "just a game server" I swear it.
People like me live for Admins with that exact mentallity.
I honestly can not count how many "Just an X server" list I had root or admin access to,and would use just to bounce my attacks from and to the next "Just an X server" then to the intended target. Or just use their Routers to "Router Hop" and split through proxy servers from the "Just an X server" shells and to the intended victim.
I suppose you will now argue "lol,how SLOW would that attack be!! LOL HAHAHAHHA"
Extremely,extremely,slow...and buried in hundreds of thousands of other IPs and packets to the intended victim,spoofed as the previous "Just an X" servers.
if you go back and read the "dbman" attack I wrote about. he too laughed and told me "hahaha all you get is R access on a default shell!! hahaha!" week later he was emailed to him self from him self as root with explanation of how I gained root.
Anyhow,im not here to be l33t ub3r h4x0r. im here because im hooked on Game Developent. Just saw a security related post.
