IPB

Welcome Guest ( Log In | Register )

> Something strange happened in my Listen Server, I was running RCBots
Lyran
post Dec 22 2004, 04:43 AM
Post #1


Advanced Member
***

Group: Members
Posts: 60
Joined: 27-April 04
Member No.: 295
Hey hey me again guys tongue.gif

Well.

I ran a Listen Server in Ns_Lost, open to clients to join (sv_lan 0). WBots 0.94b for Aliens, and RCBots (the latest rcbot_mm.dll) for Marines.

Note: I'm also running AMX and Admin Mod. I'll give details regarding those and their settings later.

People eventually joined (three humans, two in Marines and one in Aliens).

We played nice, everything was cool, until I noticed something strange going on with (or against ?) RCBots. They started to chat using sentences that are not into the chat.ini file. What I mean is...they started to say things I never wrote for them to say. It was created live during the gameplay, new sentences (and long ones) appearing each minute or so, sometimes longer.

I noticed, but also ignored that for the gameplay purposes. But one of the guy in Marines eventually stopped talking. No biggy here. But at a point, he entered the Comm chair, and he wouldn't spawn buildings or items. We asked him, but he did not answer us.

Eventually I decided to kick him, with a warning (play seriously on my server). It worked, and he got kicked. Just a few minutes after that, he came back, and said "hey sorry guys". I replied "ok it's cool". Then, he entered the Comm chair again, and....again, never talked anymore. Then I started to suspect him to actually create and "apply" the custom RCBot chatting...because when he quit, the "custom sentences" stopped, and started again when he came back.

Here is the worst part... dry.gif

About 2 minutes after he came back and moved in the Comm chair my game froze. The screen froze. No more sounds, no more movements possible. Then I tried to go back to the Desktop, but it didn't work. I tried Ctrl+Alt+Del...didn't work. So I had to reset my PC and boot it.

So, the point I'm trying to bring here is...is it possible there is an "exploit" somewhere within RCBots files ? Exploit that could allow pretty much anyone (knowing what they're doing, that is) to "take control" of what's going on, or just "flood" or "overflow" servers and make them crash ? Because I highly suspect my server froze due to some sort of hacking or cracking.

You guys would surely ask for my AMX and Admin Mod settings, so, here they are...

amx\config\configs.ini
QUOTE
; Menu configuration file
; File location: $moddir/addons/amx/config/configs.ini
; To use with Commands Menu plugin

; NOTE: By default in all settings the access level is set to "u".
; However you can change that, to limit the access to some settings.

; Commands Menu:
; < description > < command > < flags > < access level >
; "a" - execute from server console
; "b" - execute from admin console
; "c" - execute on all clients
; "d" - back to menu when executed

"PUBLIC Settings" "servercfgfile server.cfg;exec server.cfg" "a" "u"
"Clanbase" "exec clanbase.cfg;servercfgfile \'\'" "a" "u"
"Clanbase Charges Only" "exec clanbase_co.cfg;servercfgfile \'\'" "a" "u"
"Official CAL Match" "exec cal.cfg;servercfgfile \'\'" "a" "u"
"ProvingGrounds Server Config" "exec leagues/pg.cfg;servercfgfile \'\'" "a" "u"
"OGL CS Server Config" "exec ogl.cfg;servercfgfile \'\'" "a" "u"
"OGL CS FF Server Config" "exec ogl_ff.cfg;servercfgfile \'\'" "a" "u"
"OGL CS Advanced Server Config" "exec ogl_adv.cfg;servercfgfile \'\'" "a" "u"


amx\config\plugins.ini
QUOTE
; AMX Mod plugins

;To disable any plugin, add a semi-colon ';' to the beginning of its line

;You can disable the Just-In-Time (JIT) compiler with the 'nojit' keyword:
;pluginname.amx nojit
;read the docs for more details)

;Note: you don't need to declare csstats.amx here (CSStats will load it)


;language.amx        ; language management
admin.amx          ; admin base (required for any admin-related)
;admin_mysql.amx    ; admin base - MySQL version (comment admin.amx)
;admincmd.amx        ; basic admin console commands
;adminhelp.amx      ; help command for admin console commands
;adminslots.amx      ; slot reservation
;menufront.amx      ; front-end for admin menus
;cmdmenu.amx        ; command menu (speech, settings)
;plmenu.amx          ; players menu (kick, ban, client cmds.)
;restmenu.amx        ; restrict weapons menu
;mapsmenu.amx        ; maps menu (vote, changelevel)
antiflood.amx      ; prevent clients from chat-flooding the server
;adminchat.amx      ; console chat commands
;adminvote.amx      ; vote commands
;nextmap.amx        ; displays next map in mapcycle
;timeleft.amx        ; displays time left on map
;mapchooser.amx      ; allows to vote for next map
;scrollmsg.amx      ; displays a scrolling message
;imessage.amx        ; displays information messages
;welcomemsg.amx    ; console motd @ client connection (Hard to see in Steam)
;statsx.amx          ; stats on death or round end (CSStats Module required!)
;stats_logging.amx  ; weapons stats logging (CSStats Module required!)
;telemenu.amx        ; teleport menu (Fun Module required!)
;miscstats.amx      ; bunch of events announcement for Counter-Strike
;pausecfg.amx        ; allows to pause and unpause some plugins
;statscfg.amx        ; allows to manage stats plugins via menu and commands
;mapconfig.amx      ; executes custom map configuration files
;psychosounds.amx    ; allows custom sounds

;Add custom plugins below


Ok, and finally I'll add the fact that there is no AMX Modules running.

Now, the Admin Mod basic settings...

adminmod\config\adminmod.cfg
QUOTE
// (Note: For CVARS that are set to either "on" or "off," 0=off and 1=on) //
echo Executing Admin Mod config file

// Used by the TFC plugin only. If enabled, an attempt to switch
// teams will be rejected if it would unbalance the teams
// (0=disabled, 1=enabled)
admin_balance_teams 0

// If you are using bots with admin mod you can set this to 1
// It will protect bots from receiving client commands which
// would crash your server.
// (0=disabled, 1=enabled)
admin_bot_protection 1

// This is the message displayed to everyone after connecting.
admin_connect_msg "Choose your destiny..."

// This controls the availability of weapon restriction in CS.
// (0=disabled, 1=enabled)
admin_cs_restrict 0

// This will produce debugging messages in your logs which can
// be used to troubleshoot problems. Not recommended for general use.
// (0=disabled, 1=enabled)
admin_debug 0

// Determines whether or not the fun commands are allowed by default.
// If not on by default, the admin can still turn it on when wanted.
// (0=disabled, 1=enabled)
admin_fun_mode 0

// Enable to get special effects with certain commands
// like teleport or slap.
// (0=disabled, 1=enabled)
admin_fx 0

// If enabled, people who are gagged (not allowed to "say") will be
// unable to change their name while gagged
// (0=disabled, 1=enabled)
admin_gag_name 0

// If enabled, people who are gagged will not be able to use
// the say_team command.
// (0=disabled, 1=enabled)
admin_gag_sayteam 0

// Makes the admin with the highest access level the only admin in power.
// Example: if multiple admins are present, only the one with the highest
// access level will have admin access.
// (0=disabled, 1=enabled)
admin_highlander 1

// If admin_ignore_immunity is enabled, ACCESS_IMMUNITY is
// ignored and does nothing.
// (0=disabled, 1=enabled)
admin_ignore_immunity 0


// This file specifies which script plugins get loaded. 
// It should be relative from the <mod> directory
admin_plugin_file "addons/adminmod/config/plugin.ini"

// The time (in seconds) during which an admin can reconnect after
// disconnecting without resetting his password in the setinfo line.
admin_reconnect_timeout 300

// Message displayed to users who try to execute commands that
// they don't have the appropriate access rights for.
admin_reject_msg  "You do not have access to this command."

// How often, in seconds, the repeat_message should be shown on
// the screen during the game. Minimum value is 15 seconds.
// So, a value of 600 = 10 minutes between messages.
admin_repeat_freq 600

// Message that is show to everyone on the server every
// ten minutes by the message plugin.
admin_repeat_msg  "This server is using Admin Mod"

// The old verbosity.  Defines how commands are announced to the players
// clients in the form: "[ADMIN] <user> used command <command>"
// 0=all commands announced in chat with the admin name
// 1=all commands announced in chat, but without the admin name
// 2=most commands not announced at all (except "cheat" commands)
admin_quiet 0

// This file is used to store configuration data across maps
// and even across server restarts.
admin_vault_file  "addons/adminmod/config/vault.ini"


// If enabled, a hlds_ld-style map vote will automatically
// start five minutes before the end of a map.
// (0=disabled, 1=enabled)
admin_vote_autostart 0

// If set to on status (1), when a vote is in progress all
// players will see the votes of other players as they vote.
// (0=disable, 1=enabled)
admin_vote_echo 0

// Number of seconds that must elapse after start of the map,
// or the end of another vote, before another hlds_ld-style
// map vote can be called.
admin_vote_freq 600

// Controls how many times the current map can be
// extended for thirty minutes
admin_vote_maxextend 0

// Percent of players who have to vote for a map to get it
// to win a hlds_ld-style map vote.
admin_vote_ratio 60

// Ability to make clients execute commands
// (0=disabled, 1=enabled)
allow_client_exec 0

// When set to 0, and debug is enabled, Admin Mod passwords
// will not be logged in cleartext.
amv_log_passwords 0

// Private server option. If enabled, only users listed in
// users_file or ips_file are allowed to access the server.
amv_private_server 0

// The message displayed to users who do not get granted
// access to a private server
amv_prvt_kick_message ""

// The time during which an admin can reconnect to the server into
// a *different* slot than before without losing his admin access rights.
// Maximum is 90 seconds.
amv_reconnect_time 0

// Defines the max time length in seconds of voting process.
amv_vote_duration 30

// Default access rights for players not in the users.ini file.
// (See documentation for access levels and information)
default_access 0

// Whether to use encrypted passwords or not.
// 0: disabled
// 1: encrypt using Unix crypt() (Linux ONLY)
// 2: encrypt using MD5 hash
// 3: encrypt using MySQL PASSWORD() (MySQL ONLY)
encrypt_password 0

// If enabled, the scripting file functions have read
// access to files
// (0=disabled, 1=enabled)
file_access_read 0

// If enabled, the scripting file functions have write
// access to files
// (0=disabled, 1=enabled)
file_access_write 0

// Declares priority IPs that are allowed to take a
// reserved spot (if any are set up) without a password.
ips_file 0

// Ratio of players who must vote 'yes' to a kick for
// it to be successful.
kick_ratio 80

// Ratio of players who must vote 'yes' to a map change
// for it to be successful.
map_ratio 80

// List of maps people are allowed to vote for. "" to disable.
// Disable to enable all maps and use list from mapcycle.txt.
maps_file ""

// The file (relative to the <mod> dir) that
// reserved models are loaded from. "" to disable.
models_file ""

// The message shown to someone who gets kicked for
// trying to use a reserved model.
models_kick_msg "[ADMIN] That model is reserved on this server."

// The message shown to someone who gets kicked for
// trying to use a reserved nickname.
nicks_kick_msg "[ADMIN] That name is reserved on this server."

// Password_field...first password of the setinfo line
// If password_field is "_pw-AdminMod", the setinfo will be
// setinfo "_pw-AdminMod" "password-in-users.ini"
password_field _pw-home

// If pretty_say is enabled, centersay() fades in
// and out and does some other tricks.
// (0=disabled, 1=enabled)
pretty_say 1

// Controls how many (number) of the server's slots are reserved. 
// This is useful only if reserve_type, below, is either 0 or 2.
reserve_slots 0

// Custom message given to clients trying to connect who do not have
// a reserved slots, when no public slots are free
reserve_slots_msg "There are no reserved slots available on the server."

// This controls how reserve slots work on the server. See documentation.
reserve_type 0

// If enabled, names are compared to those who have privileges
// with regular expressions.
// (0=disabled, 1=enabled)
use_regex 0

// The file in which you define your admins, their passwords
// and the access levels that they are assigned to.
users_file "addons/adminmod/config/users.ini"

// The minimum number of seconds allowed between votes
// called with the vote() (admin_vote functions) scripting function.
// If 0 or disabled, the vote() scripting function is disabled.
vote_freq 180

// Location of word filter file. "" to disable, or something
// like "wordlist.txt" if enabled
words_file ""


adminmod\config\plugin.ini
QUOTE
//
// In this file you list the scripts you want to
// load. Use the path relative to the MOD directory
// e.g. cstrike for Counter-Strike.
//
// Lines beginning with "//" or "#" are commented out.
// That means that these scripts will not be loaded.

addons/adminmod/scripts/plugin_antiflood.amx
addons/adminmod/scripts/plugin_base.amx
addons/adminmod/scripts/plugin_chat.amx
# addons/adminmod/scripts/plugin_cheat.amx
# addons/adminmod/scripts/plugin_CS.amx
# addons/adminmod/scripts/plugin_TFC.amx
# addons/adminmod/scripts/plugin_hldsld_mapvote.amx
addons/adminmod/scripts/plugin_message.amx
addons/adminmod/scripts/plugin_retribution.amx
addons/adminmod/scripts/plugin_fun.am


adminmod\config\users.ini
QUOTE
nickname:password:level


The "level" from the above users.ini is 131071. That level gives all the rights to all the commands available. As many of you already know of course.

Finally... laugh.gif the last points I must talk about...

The "chatting" in my RCBots setting is set at "1", and the chat % is set at "5", it's well enough for me. And chat_dont_learn is set at "1" as well.

The only file I never applied changes to, is the bot_users.ini file, where, it seems, some sort of Admin/Control over them is possible, am I wrong ?

Well, anyway...

So, with all the details here, I'd like to know if you guys think the cause of the "custom chat" can be determined ? blink.gif

Is there anyone who never experienced such a thing ?

I'd appreciate some help, facts or comments.

Peace guys ! smile.gif
User is offlineProfile CardPM
Go to the top of the page
+Quote Post

Posts in this topic
Lyran   Something strange happened in my Listen Server   Dec 22 2004, 04:43 AM
Lyran   Ok... Yep me again. I just learned a few things ...   Dec 22 2004, 05:56 AM
LordSkitch   The bots learn what humans say, Cheeseh incorporat...   Dec 22 2004, 10:44 AM
Lyran   Sup LordSkitch. Yeah it's true. Listen Server...   Dec 22 2004, 08:00 PM
anonym001   The sma Files are files written in the c-Like Lang...   Dec 22 2004, 08:16 PM
Sandman[SA]   HAHA, dedicated servers 101. Steam has it's o...   Dec 22 2004, 11:03 PM
Lyran   Strange how the main subject in my first post even...   Dec 22 2004, 11:34 PM
Lyran   Yet something else I don't understand... How ...   Dec 23 2004, 02:08 AM
Sandman[SA]   As for the strange crash on ns_lost, is it ns-b5 o...   Dec 23 2004, 02:53 AM
Lyran   :o Ok, a little update. SandmanSA, I'm usin...   Dec 23 2004, 04:21 AM
Gruuunt   Press any key to continue or no message at all, is...   Dec 23 2004, 07:37 AM
Sandman[SA]   I really couldn't answer why you crashed on ns...   Dec 23 2004, 08:12 PM
Lyran   Good question. Hum, well, how would I be able to...   Dec 24 2004, 02:33 AM
Sandman[SA]   latest ns2amx modual This comes with the include ...   Dec 24 2004, 04:33 AM
Lyran   Thanks SandmanSA :D Oh and, Happy Christmas to ...   Dec 25 2004, 07:44 PM

« Next Oldest · Beta Version · Next Newest »
 

Reply to this topicStart new topic
2 User(s) are reading this topic (2 Guests and 0 Anonymous Users)
0 Members:

 

Display Mode: Switch to: Standard · Switch to: Linear+ · Outline

Track this topic · Email this topic · Print this topic · Subscribe to this forum

- Lo-Fi Version Time is now: 15th August 2025 - 12:56 PM
Invision Power Board © 2025  IPS, Inc.