Tremulous Forum

General => General Discussion => Topic started by: BeerBastard on February 27, 2007, 06:17:31 am

Title: Rcon command without Rcon. Interesting.
Post by: BeerBastard on February 27, 2007, 06:17:31 am

Ok we had a griefer come into the game.  And set us past stage 3, meaning nothing can be built, no one can evolve and it says you have no eggs. I set us back after kicking the known griefer.

I thought the only way to do this is with rcon g_humanstage and g_alienstage
Which require you to know rcon password.  

How do you do this without rcon? We just changed our rcon password, and it happened again.  If its a bug, is there a fix? It happened again when the griefer came back the 2nd time.

Title: Rcon command without Rcon. Interesting.
Post by: dodo1122 on February 27, 2007, 09:25:49 am

maybe he hax00r'd to the machine running your server and just looked in server.cfg? :P



dodo

Title: Rcon command without Rcon. Interesting.
Post by: DoorKnob on February 27, 2007, 11:47:11 am

i've also had this happen, he would come in, change all the server setttings thrn i'd kick him, but before i know that he was doing it, i was going crazy cause i'm the only with rcon, but he told me it was him and told me he uses leeches to hax my server.... Perm ban :P

Title: Rcon command without Rcon. Interesting.
Post by: Odin on February 27, 2007, 03:47:57 pm

Maybe he knew the password?

Title: Rcon command without Rcon. Interesting.
Post by: Caveman on February 27, 2007, 04:05:40 pm

Most server I've seen this happening on do offer maps via a webserver and link their /base in order to save some time in setting up, not realizing that they give read-access to their confs...

Title: Rcon command without Rcon. Interesting.
Post by: vcxzet on February 27, 2007, 04:20:55 pm

type
/class level4
/name blah

Title: Rcon command without Rcon. Interesting.
Post by: DASPRiD on February 27, 2007, 04:54:15 pm

Quote from: "Caveman"

Most server I've seen this happening on do offer maps via a webserver and link their /base in order to save some time in setting up, not realizing that they give read-access to their confs...

I did nearly the same. It's quite simple:

Code: [Select]


#Tremulous map download
<VirtualHost>
  ServerName tremulous.servers.dasprids.de
  DocumentRoot /srv/www/tremulous/

  AliasMatch ^/(.*)\.pk3$ /usr/local/games/tremulous/$1.pk3

  <directory>
    Allow from all
  </directory>

  <directory>
    Allow from all

    Options +Indexes
  </directory>
</VirtualHost>


-edit-
Gnaa, damn forum, here's the right paste:
http://pastebin.us/15387

Title: Rcon command without Rcon. Interesting.
Post by: BeerBastard on February 27, 2007, 07:32:04 pm

We used the mg mappack so we linked that from our forums, We didnt link our server base folder.

Title: Rcon command without Rcon. Interesting.
Post by: beerbitch on February 27, 2007, 07:45:31 pm

Quote from: "DoorKnob"

i've also had this happen, he would come in, change all the server setttings thrn i'd kick him, but before i know that he was doing it, i was going crazy cause i'm the only with rcon, but he told me it was him and told me he uses leeches to hax my server.... Perm ban :P

What do you mean by "leeches" ?? You mean the naruto downloaders that got the gnaa fake fansub ? Maybe they were trojaned, but I don't see how a denial of service attack on a q3 based engine server gives them rcon........


I want to know how somebody without rcon password, and without access to the files on the server can bump aliens to s4.