DoomServ security hole

[GavinJCD]

Toke said:

He could have kept it quiet and everyone would have been happy

Woah.....
I'm beginning to wonder if someone foun out about this months ago and didn't inform anyon eh Toke. It's beginning to sound as if you knew about this shit.
Now I am appauled at some of the remarks said in here, if he had kept it quiet then he would have been very irresponsable and would have been letting a whole load of ppl use unsafe software when he knew what could happen.

I'm warning you TOKE, if you knew about this and I find out...you will be in some serious shit.

[Guest fod_vile]

aurikan said:

Toke, I wish you'd focus on the issue and stop attacking me. Th issue is that doomserv has security holes - very SERIOUS security holes. I'm not talking about a small exploit that gives your internet explorer cookies to a malicious user if you are stupid enough to open an attachment. This exploit gives full access to a malicious user and there is nothing you can do to stop it except close doomserv before your system is compromised - but by then it might be too late.

And seeing the pattern on who is lying and who is telling the truth in this "discussion" ... you and your screenshots, fod and his missing files ... i think we all know what the real story is.

grow up

No aurikan your missing something,
the whole start of this reply to your post was not that you exposed the insecurity, it is the instructions to all hackers on how to do it, instructions from a 3rd party. I have discovered
you were told how to do it , tried it and found it works, I found it works 2nd hand :)
TGO was not given a "reasonable" chance to fix it.You knew a v4 was due out, it took 2 yr for this flaw to be discovered and didn't you jump on that bandwaggon?
My only disgust with you is the instructions to hackers, your trial test on me, and the speed of disclosure
THIS HAS BEEN EDITED TO MAKE IT MORE COGNIZANT TO AURIKAN

[stphrz]

fod_vile said:

oh dear Gavin's looking under his bed for bogeymen now :)

<BLOCKQUOTE><FONT size=1>quote:<HR>That this exploit is a bug?, or is it quite possibly there by design, something for you all to think about.<HR>[/quote]

Ya know fod.... I was also sort of wondering the same thing. Paranoid I am not. I have unfortunately come to the conclusion that DoomServ, its creator(s), and its proponents simply cannot be trusted. I'm glad I was able to realize that BEFORE my private files were perused/stolen or my hard disk formatted.

[GavinJCD]

AriocH said:

"
1) By installing this program, the user acknowledges that this program can potentially enable hackers to use the user's computer to commit heinous crimes against the greater community of Internet users. The user also absolves the author of all culpability or responsibility, real or imagined, in any such situations.

2) The user realizes and acknowledges that this program could potentially be used by someone to maliciously hack into his or her computer and delete or otherwise modify his or her files. The user, by installing this program, automatically relinquishes any right to legal or civil recourse in case of damages to his or her computer. The author of the program does not recognize that such a problem in fact does exist with his program, and will not post that such a problem does exist, even if it does.

3) The user should have fun with the program, unless somebody is deleting his or her files."

--- DoomServ EULA

OK...please tell me that shit aint real, because if it is then TGO knew about this shit and did nothing. I'm beginning to wonder just how many ppl knew about this and decided to just casually brush it under the carpet.

[Linguica]

/me considers deleting this whole mess

If only I could just prevent any further messages from being posted...

Actually, never mind, if you guys want to waste your time downloading a 300 KB thread just to yell at each other, be my guest.

[aurikan]

fod_vile said:

You do have some "unusual" fixation with grammar
I assume you mean the "told" in school?That was intentional, but I hardly think that posts to here should have to be edited, fine honed, and polished to get accross their meaning? One thing I DO notice is it took you 24hrs to read my little snippet , think, and reply with something that contributes nothing to this discussion, and after reading most of your msg's I allow one was interesting but wrong, the rest are either snide remarks or factually wrong, I also note that Islebot's interjection of "A secrity hole ridden pece of crap "(sic) has completely got past your grammar fixation, perhaps we will need to wait another 24 hrs ?
As it took you 3 readings of my little msg and 24 hrs I shall , in future, type more slowly as obviously you cannot read very fast

you're the one who isn't contributing anything to the "discussion". All of your posts are flaming me or other people who are defending my actions. Obviously we all know who is the useless one in this "discussion".

[GavinJCD]

Toke said:

That has been there for 2 years and nothing happened.

you don't know that dude, your GUESSING. many users could have had stuff fucked with

[GavinJCD]

aurikan said:

actually, gavin in this case is rather well-informed. i logged on, successfully, with both telnet, and the client (after a bit of hex editing the exe). fortunately the beta seems leaps and bounds better in terms of the protocol fitness. however that doesn't mean it's secure. however, it is a step in the right direction.

heh, how about that. As I said I am not up to date with the workings of doomserv, if I had access to the source I would take a look, as I am in the process of learning VB.

[GavinJCD]

Linguica said:

/me considers deleting this whole mess

If only I could just prevent any further messages from being posted...

Actually, never mind, if you guys want to waste your time downloading a 300 KB thread just to yell at each other, be my guest.

actually Ling since it's all mostly text my modem downloads it at close to 10k/sec...wooo
Don't delte it, I believe there is still much to be said.

[Guest fod_vile]

GavinJCD said:

you don't know that dude, your GUESSING. many users could have had stuff fucked with

jeez gav i have been on doomserv since start at least 6 hrs a day and sometimes 15hrs (ok yep i do like playing doom)
i think i would have been most vulnerable person there
ok maybe luck, but i still say publishing flaw was cool and responsible , its only the details of how to i detest

[Arioch]

GavinJCD said:

OK...please tell me that shit aint real, because if it is then TGO knew about this shit and did nothing. I'm beginning to wonder just how many ppl knew about this and decided to just casually brush it under the carpet.

It's not.

It's my representation of a possible EULA for DoomServ, based on what Fod and Toke (alleged moderators) seemed to be advocating for the users of DoomServ.

[aurikan]

fod_vile said:

i in no way decry the laudability of Aurikan's posting of a security flaw (sound of handclapping in background)
the posting details of how any one could do it i do decry
and since halfway thro this discussion? I begin to doubt his reasons

Obviously you disagree with the philosophy of full disclosure, a philosophy i believe in as much as i believe in open-source software. So we disagree whether or not I should have publicized this information. Ultimately, it was my call (as TGO states far earlier) and I believe I made the right decision. So stop whining/flaming and go do something useful.

[Guest fod_vile]

aurikan said:

why don't you just complain i didn't post the whole article?? you've stated "reasonable chance" a number of times, and i argue that i did - by trying to contact him. Now you're just distracting the argument.

And i didn't "deliberately omit" it. yes, i omitted it, because i didn't feel like typing out the whole quote, and replaced it with an ellipsis (sp?) But to accuse me of doing it deliberately - that's laughably wrong

fod tutorial #1
right click mouse button highlight what u "should" need and copy and paste :) "i dint want to type out..blah blah , what a lame reason

[Guest AFTERSHOCK]

fod_vile said:

jeez gav i have been on doomserv since start at least 6 hrs a day and sometimes 15hrs (ok yep i do like playing doom)
i think i would have been most vulnerable person there
ok maybe luck, but i still say publishing flaw was cool and responsible , its only the details of how to i detest

Gee, fodders, first you were mad because you didn't think Aurikan did a good enough job following the principles outlined in the full disclosure article. Now you're mad that he did follow them?

I quote from the restrictions section:

» When releasing the vulnerability details they should be released completely. The attackers usually have a lot of spare time to figure out the missing parts, but the busy administrators usually don't.

I'm wondering about how quickly you forgot that part...

AFTERSHOCK

[aurikan]

fod_vile said:

and your going to follow protocol and inform TGO of the insecurety?
doubt it
like you ommited all this in earlier post about "being banned and not able to get on" ohhhh no one use doomserv

it was since that post that i was able to reverse-engineer the protocol and log in. i haven't found any security holes yet, but i'm not looking too hard. after all, after i save all your asses again you'll just whine and complain some more. it would probably be better just to white-paper document a new, safer protocol, and let someone who does know how to program implement it.

[GavinJCD]

fod_vile said:

jeez gav i have been on doomserv since start at least 6 hrs a day and sometimes 15hrs (ok yep i do like playing doom)
i think i would have been most vulnerable person there
ok maybe luck, but i still say publishing flaw was cool and responsible , its only the details of how to i detest

well you did mention files were deleted.....

[Guest fod_vile]

aurikan said:

you're the one who isn't contributing anything to the "discussion". All of your posts are flaming me or other people who are defending my actions. Obviously we all know who is the useless one in this "discussion".

i only reacted with flames to people that were flaming me in the 1st place
gavin i excuse, he just gets overexcited
the ones who defend your actions i respond to
others just flame me or make assumptions and i flame back

[GavinJCD]

aurikan said:

it was since that post that i was able to reverse-engineer the protocol and log in. i haven't found any security holes yet, but i'm not looking too hard. after all, after i save all your asses again you'll just whine and complain some more. it would probably be better just to white-paper document a new, safer protocol, and let someone who does know how to program implement it.

Aurikan, I know the amount of bullshit you have recieved here is pretty bad, but still, don't hold back if you find something new.

[Guest fod_vile]

GavinJCD said:

well you did mention files were deleted.....

not by a hacker just by someone proving a point

[jon^c]

This whole post has turned into simply a place for a few select people to yell at eachother. There cannot be a reasonable solution that will cause one side to back down. So this whole think is gradually becoming totally futile. Maybe everyone so pissed off should calm down a little bit. I think that fixing doomserv would be a better way to spend time than posting here calling the other people names. And the rest of you should just kinda stop wasting your time here. Just my opinion. Ill probably get flamed now...

[Guest fod_vile]

aurikan said:

Odd -- it seems you already have, and soundly lost

hey that's so cool :)
never once in all my years has anyone actually admitted to being unarmed in the wits department :) nice one

[Guest AFTERSHOCK]

fod_vile said:

i only reacted with flames to people that were flaming me in the 1st place
gavin i excuse, he just gets overexcited
the ones who defend your actions i respond to
others just flame me or make assumptions and i flame back

Doomserv is for neither players nor hackers. Doomserv is for egotistical, foul-mouthed, misspelling, illogical fools with a serious need to go take their medication.

That my friend is a flame. You have received very few flames so far. You probably just assumed that all the others were flames because the logic in them was too hard for you to understand without a healthy dose of profanity to keep the big words apart.

AFTERSHOCK

[GavinJCD]

fod_vile said:

No aurikan your missing something,
the whole start of this reply to your post was not that you exposed the insecurity, it is the instructions to all hackers on how to do it, instructions from a 3rd party. I have discovered
you were told how to do it , tried it and found it works, I found it works 2nd hand :)
TGO was not given a "reasonable" chance to fix it.You knew a v4 was due out, it took 2 yr for this flaw to be discovered and didn't you jump on that bandwaggon?
My only disgust with you is the instructions to hackers, your trial test on me, and the speed of disclosure
THIS HAS BEEN EDITED TO MAKE IT MORE COGNIZANT TO AURIKAN

Once again I must point out that that bug may have been discoevered before now, TOKE has already hinted that he may have known about it but decided to leaves us in the dark.

[Guest AFTERSHOCK]

Mantra said:

This whole post has turned into simply a place for a few select people to yell at eachother. There cannot be a reasonable solution that will cause one side to back down. So this whole think is gradually becoming totally futile. Maybe everyone so pissed off should calm down a little bit. I think that fixing doomserv would be a better way to spend time than posting here calling the other people names. And the rest of you should just kinda stop wasting your time here. Just my opinion. Ill probably get flamed now...

You're a fat cow!

Consider yourself flamed.

AFTERSHOCK

[GavinJCD]

Mantra said:

This whole post has turned into simply a place for a few select people to yell at eachother. There cannot be a reasonable solution that will cause one side to back down. So this whole think is gradually becoming totally futile. Maybe everyone so pissed off should calm down a little bit. I think that fixing doomserv would be a better way to spend time than posting here calling the other people names. And the rest of you should just kinda stop wasting your time here. Just my opinion. Ill probably get flamed now...

unfortunatley doomserv may not get fixed, the enwest version is out and looks as if it still has holes, though I can't be sure. That bug has existed for a long time and I don't know who found it first and what they did.

[Guest fod_vile]

AriocH said:

It's not.

It's my representation of a possible EULA for DoomServ, based on what Fod and Toke (alleged moderators) seemed to be advocating for the users of DoomServ.

in none of this discussion?, have i stated i am a moderator, someone earlier said Toke was one i have no knowledge of this
maybe he is

[aurikan]

fod_vile said:

fod tutorial #1
right click mouse button highlight what u "should" need and copy and paste :) "i dint want to type out..blah blah , what a lame reason

this doesn't make a fucking shred of difference; just because i didn't doesn't mean it was intentional.

seeing as i spend most of my time in solaris/linux/unix, where a lot of the copy/paste is not integrated, (especially not between processes or with the mouse) i'm not surprised i didn't think of doing this.

[aurikan]

fod_vile said:

not by a hacker just by someone proving a point

fod - i think he caught you in your own lie

[aurikan]

fod_vile said:

hey that's so cool :)
never once in all my years has anyone actually admitted to being unarmed in the wits department :) nice one

and imagine that - you still lost.

[Guest fod_vile]

Mantra said:

This whole post has turned into simply a place for a few select people to yell at eachother. There cannot be a reasonable solution that will cause one side to back down. So this whole think is gradually becoming totally futile. Maybe everyone so pissed off should calm down a little bit. I think that fixing doomserv would be a better way to spend time than posting here calling the other people names. And the rest of you should just kinda stop wasting your time here. Just my opinion. Ill probably get flamed now...

good point