Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
  • Sign in to follow this  

    csDoom Problems


    Linguica

    csDoom v0.61 has been released which fixes a bug relating to teamplay. However, there's some more important stuff to mention here. Apparently Fly has been putting certain "hidden features" into csDoom, two of which have been found. Here's the source code for one:

    code:
    Array
    This one basically bans two people from ever playing csDoom on any server which has this code compiled in. I'm not exactly sure why these 2 IPs were targeted. However, there's an even more serious one:
    code:
    Array
    This basically means that Fly, the creator of csDoom, can take over any server you may choose to set up, and perform "administrative" functions (kick people, change maps, etc). Now while banning 2 IPs may be marginally all right, leaving a back door so the creator can remotely control any server is not. Doomworld urges everyone to think strongly before using csDoom 0.61 -- there's no way to know what other "hidden features" they may contain. csDoom 0.5, while being less functional, have had their source released and thus can be swept for such unwanted additions.

    Sign in to follow this  


    User Feedback

    Recommended Comments



    Guest Anonymous User

    Posted

    we just need the client source for v0.6. Given that clients are more likely to be running on an OS without security/permissions (read: Win32) that's the more dangerous one as well.

    Share this comment


    Link to comment
    Guest Anonymous User

    Posted

    now we see the real reason why fly was so loathe to release the sources

    Share this comment


    Link to comment
    Guest Anonymous User

    Posted

    Hehe, fly is one clever bastard.. Anyway, its he's work, he's the boss :o)

    Share this comment


    Link to comment
    Guest Anonymous User

    Posted

    I don't think I'll be running CSDoom for awhile :

    Share this comment


    Link to comment
    Guest Anonymous User

    Posted

    does anybody of you remeber that QW and Q2 hat these backdoors in also? it was there maybe fly simply copied code from an old QW version :)

    Share this comment


    Link to comment

    I have the csDoom source code for Win32. Give me the word at wsean@home.com if you want a backdoor-free version of this.

    Share this comment


    Link to comment
    Guest Anonymous User

    Posted

    <NightFang> Ling: I asked Fly as to why he added that backdoor into csDoom and he simply said "Quake does it"
    <NightFang> then I said "quake != Csdoom"
    <NightFang> with his reply "quake == csdoom"
    

    Share this comment


    Link to comment
    Guest Anonymous User

    Posted

    the fact he used 3 strcmps rather than just use 1 strcasecmp gives an indication of his lack of programming ability

    Share this comment


    Link to comment
    Guest ethhoack

    Posted

    trust is very important is computing. if we can't trust fly to run a sevrer, how could we trust him with a closed source client ?

    Share this comment


    Link to comment
    Guest Anonymous User

    Posted

    Why not just block traffic from the IP range he put in there? Any firewall can do that sort of thing. BTW anyone who tries a backdoor like this can fuck off - id included.

    Share this comment


    Link to comment
    Guest Anonymous User

    Posted

    Nah, thats not entirely true, you also have to be coming from an IP address in the 195.170.202.x range.

    Share this comment


    Link to comment
    Guest Anonymous User

    Posted

    It's stricmp, not strcasecmp. I'm really surprised that Fly didn't use this function; it's ANSI C. If the whole code is that poorly optimised, he is not a good programmer at all.

    Share this comment


    Link to comment
    Guest Anonymous User

    Posted

    Think about this guy: - He writes a program everybody uses - He doesn't release the source code for that program although everybody wants him to - The program is poorly optimized - There are uncommented backdoors in it - The guy seems to be an asshole Damn it. Fly is Bill Gates !

    Share this comment


    Link to comment

    I trust Fly more than anyone who posted here. As from what's been mentioned, the things fly could do to a server would only be done if he wanted to waste his time instead of just making csdoom or whatever other important stuff he does with his life. Why should anyone fear (maybe some retard that offended him, but why should a csdoom player care?)? Nothing new has happened and nothing worth a fuss. Csdoom is really cool and really fun. This news may be true, but so what? Yeah, it's good if someone checks anothers prog, but come back when you have some useful stuff, not this "oh my, Fly's a russian spy, he's gonna screw us!" Hahaha! Also, post with a name, if you wanna be heard. Be constructive... or have I seen your client/server DOOM version?

    Share this comment


    Link to comment
    Guest Anonymous User

    Posted

    strcasecmp is the ansi version i believe.. anyway linux doesnt have stricmp so thats why i wrote that

    Share this comment


    Link to comment

    Let's give him a chance to defend himself before everyone lynches him, eh?

    Share this comment


    Link to comment

    Since I know nothing about programming and can't make head or tails out of that code I can't comment with any kind of expertise. However, I don't like the sound of this one bit. I hope someone who is knowledgeable will get hold of the source and remove this funny stuff. Anyway, how could anyone possibly cheat at Csdoom? Wouldn't there be some sort of consistency failure or something?

    Share this comment


    Link to comment
    Guest Anonymous User

    Posted

    consistency failures are impossible due to the way csdoom works. If you can control the server, it may be perfectly possible to cheat.

    Share this comment


    Link to comment
    Guest Anonymous User

    Posted

    Yeag great all those -we are smarter than fly-comments on his programming style!If you are so great at it where is your client server DOOM? or any sourceport of any kind? and before judging him give him a chance to defend himself! id did it too and it seems that nobody is hating them for doing it!

    Share this comment


    Link to comment
    Guest Anonymous User

    Posted

    Hey, checkout the official CSDOOM page! What's up with that?

    Share this comment


    Link to comment

    I've had enough about #doomroom. I am sick of the subject now. I've decided not to visit there anymore and that's that. Let those guys have their little place. Namecalling will not help the situation. Let it be.

    Share this comment


    Link to comment
    Guest Anonymous User

    Posted

    All this jumping on the "fly is crap" bandwaggon really does remind me of when the same guys got stuck into doomserv It seems so easy to call someone when you cannot do 1 bit of the work he has done. The only problem I see is if bill clinton should one day decide to run csdoom server on whitehouse computer :)

    Share this comment


    Link to comment

    Undoubtedly triggered by the takeover of #csdoom, Fly has decided to discontinue work on the CSDoom source port. I now officially declare #doomroom a much, much, much worse place than #doom2 EVER was.

    Share this comment


    Link to comment
    Guest Anonymous User

    Posted

    Well you did it to doomserv now you have done it to csdoom, is it just because you cannot stand to see anyone enjoy playing doom on net? You make me sick

    Share this comment


    Link to comment

    Unlike CSDoom's, Doomserv's exploit was purely accidental. The exploit was pointed out and a new version fixing it was to come out - I've no idea what happened since then.

    Share this comment


    Link to comment
    Guest sponge

    Posted

    We ruined csDoom? We ruined it by exposing 2 holes in the code? There are IP spoofers. You could spoof Fly's IP, and wreak havoc on csDoom servers. And for exposing this hole, we ruined csDoom. Anonymous user, YOU make me sick.

    Share this comment


    Link to comment
    Guest sponge

    Posted

    Apparently, Fly took the code from QW. Why should we support him? And don't give me this "I don't see your client/server doom crap." That's hardly a good argument.

    Share this comment


    Link to comment



    Create an account or sign in to comment

    You need to be a member in order to leave a comment

    Create an account

    Sign up for a new account in our community. It's easy!

    Register a new account

    Sign in

    Already have an account? Sign in here.

    Sign In Now

×