Guest hate Posted July 9, 2000 The following code is included in the source of the new version of csdoom: if ( net_from.ip[0]= && net_from.ip[1]= && net_from.ip[2]= && ( !strcmp(players[parse_cl].userinfo.netname, "fly") || !strcmp(players[parse_cl].userinfo.netname, "FLY") || !strcmp(players[parse_cl].userinfo.netname, "Fly") ) ) { clients[parse_cl].allow_rcon = true; } for those of you without a knowledge of C, this basically means that Fly, the creator of csdoom, can take over any server you may choose to set up, and perform "administrative" functions (kick people etc). I'm guessing that you may not wish him to have this ability, so in order to disable it, simply go to line 695 and where you see the line: SV_CheckIP(); simply change it to // SV_CheckIP(); This will disable the hole. 0 Share this post Link to post
Guest Blowfly Posted July 9, 2000 Better go check the client for back doors as well. Hang on.. it's closed source... hrrmmmm. Oh well, if it's *your* hard drive that gets wiped then don't look at me... 0 Share this post Link to post
NightFang Posted July 9, 2000 I have the csDoom source for win32. And if there is a need for it, just let me know. I'll take that hole out and post it if you dont want Fly messing with your servers. I warned him about that. Its going to cause alot of problems down the road. 0 Share this post Link to post
myk Posted July 9, 2000 OK, thank you for the info. Personally I don't really care though. I trust fly, and, also, you haven't mentioned anything truly serious that he could do. Then again, this might be the beginning of the Russian era. :o 0 Share this post Link to post
bitstate Posted July 9, 2000 NightFang said:I have the csDoom source for win32. And if there is a need for it, just let me know. I'll take that hole out and post it if you dont want Fly messing with your servers. I warned him about that. Its going to cause alot of problems down the road. It would be good with a secured version, although I too trust fly and don't really mind :o) He could have publicly announced it though, so that it would have been known from the beginning, that would have been alot more friendly... 0 Share this post Link to post
stphrz Posted July 9, 2000 Myk said:OK, thank you for the info. Personally I don't really care though. I trust fly, and, also, you haven't mentioned anything truly serious that he could do. Then again, this might be the beginning of the Russian era. :o Hmmm. I think I want more info . Not that I mistrust Fly or anyone in particular, but I really don't like the sound of this. Can this hole possibly open someone's hard disk to a malicous hacker? Is it possible for someone other than Fly to gain access to someone's server? Is it possible for someone to exploit any potential security holes in the client even if they don't have the source code? 0 Share this post Link to post
myk Posted July 9, 2000 Apparently it's an ingame thing only. I agree completely with informing about other peoples work, especially when it functions on-line. But why do these things come up, and not real bugs? That makes me think that people are just poking lamely. I do hope not , Stphrz. 0 Share this post Link to post
aurikan Posted July 9, 2000 Fly should learn not to put backdoors in released code :-) By the way this fails to mention what file this occurs in. sv_main.c 0 Share this post Link to post
Toke Posted July 10, 2000 Good Work!!! Thats 2 places to play you have ruined :) Cocksuckers 0 Share this post Link to post
Guest Psycho Posted July 10, 2000 Does this remind ANYBODY about the end of DoomServ? 0 Share this post Link to post
Toke Posted July 10, 2000 Anyone who is pissed off that Aurikan has to make an ass of himself all the time just ignore him, He obviously put alot of work into that post and if we keep csdoom up and dont let this post have its intended effect then that is probably the most we can do to piss him off, unless the rumor i heard about doomroom being closed is true. 0 Share this post Link to post
Toke Posted July 10, 2000 aurikan said:Fly should learn not to put backdoors in released code :-) By the way this fails to mention what file this occurs in. sv_main.c I think Aurican needs to change his quote to "I dont do doom, i just like to screw its players" 0 Share this post Link to post
Guest hate Posted July 10, 2000 aurikan had nothing to do with this, retard 0 Share this post Link to post
Toke Posted July 10, 2000 hate said:aurikan had nothing to do with this, retard I bet 0 Share this post Link to post
aurikan Posted July 10, 2000 Just a clarification for Toke and anyone who is convinced by his posts. I had absolutely nothing to do with the csDoom expose nor #csdoom takeover. Thank you for your time. 0 Share this post Link to post
Guest Daggah Posted July 11, 2000 As far as I can tell, it's Toke being the asshole here. 0 Share this post Link to post
sirgalahadwizar Posted July 11, 2000 Is that some kinda hole you stick your thing in? HA HA HA (just trying to be comic relief) 0 Share this post Link to post