Dude don't mess with my fraggin counterstrike. :-) Tested on latest version with all patches and it doesn't work. But if I remember correctly the patch was on the server side so mileage may vary. On Thu, 28 Nov 2002, Patrick Webster wrote: > Date: Thu, 28 Nov 2002 11:12:24 +1100 > From: Patrick Webster <webster_pat_private> > To: "SF-Vuln-Dev (E-mail)" <vuln-devat_private> > Subject: CounterStrike (HalfLife?) Server possible DoS attack. > > Hi Guys, > > Could someone who actually has CounterStrike on their PC look into this for > me and see if it still exists? > Last I remember, it was possible to crash a CS server and thus disconnect > all users by requesting "say nextmap" multiple times. > To reproduce this attack, you simply bind any key to ask the server to > display the next map - I recall it as 'say nextmap'. > So, for example; > > F6 = 'say nextmap; say nextmap; say nextmap; say nextmap; say nextmap; say > nextmap; say nextmap; say nextmap; say nextmap; say nextmap; say nextmap' > > Connect to a server, and rapidly press F6 until you are disconnected. Try > and reconnect - the service should have crashed. > > Thanks, > > Patrick Webster, > Systems Administrator > > DeMorgan Information Security Services > > Freecall: 1800 DE MO RG (33 66 74) > Tel: +61299290377 > Fax: +61299290917 > Mob: +61403421390 > > Address: Level 2, 41 McLaren St > North Sydney, NSW, 2060, Australia > > Visit us at: www.demorgan.com.au -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- "I don't intend to offend, I offend with my intent" hellNbakat_private http://www.nmrc.org/~hellnbak -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
This archive was generated by hypermail 2b30 : Sat Nov 30 2002 - 12:17:50 PST