You are an unregistered user, you can register here
Navigation

Information

Site

Donations
If you wish to make a donation you can by clicking the image below.


 
Go Back   The Unreal Admins Page > Forums > Unreal Admins > Unreal Tournament 2003/2004 > UT2003/4 Server - Linux Specific

Reply
Thread Tools Display Modes
  #1  
Unread 13th September, 2008, 05:49 PM
Disasterpiece Disasterpiece is offline
Forum Newcomer
 
Join Date: Jun 2007
Posts: 12
Default Servercrash through Serverexploit Abuse

Hi

Our Server crashes several times a day.
The log contains this satement:

Code:
New Player 6tech id=67f9c7b632dc5c58---
Open myLevel Sat Sep 13 18:00:48 2008 89.246.217.47:1179
Client netspeed is 10000
New Player Toxic@brokenMous id=66858410df00---
Close TcpipConnection 91.39.xxx.xxx:1291 Sat Sep 13 18:01:17 2008
Close TcpipConnection 91.17.xxx.xxx:52905 Sat Sep 13 18:01:17 2008
Close TcpipConnection 84.167.xxx.xxx:1069 Sat Sep 13 18:01:17 2008
Close TcpipConnection 84.135.xxx.xxx:3103 Sat Sep 13 18:01:17 2008
Close TcpipConnection 88.73.xxx.xxx:51629 Sat Sep 13 18:01:17 2008
Close TcpipConnection 217.227.xxx.xxx:1939 Sat Sep 13 18:01:17 2008
Close TcpipConnection 151.50.xxx.xxx:55870 Sat Sep 13 18:01:17 2008
Open myLevel Sat Sep 13 18:01:42 2008 78.92.xxx.xxx:2074
Assertion failed: VoiceIndex<VOICE_MAX_CHATTERS [File:UnChan.cpp] [Line: 1710]
Executing UObject::StaticShutdownAfterError
Assertion failed: VoiceIndex<VOICE_MAX_CHATTERS [File:UnChan.cpp] [Line: 1710]
When i google for this "Assertion failed: VoiceIndex<VOICE_MAX_CHATTERS", i found a few threads which speak of an exploit:

(Same error reported here:) http://www.xraygaming.com/forums/sho...?t=4293&page=2
(Bugtrack:) http://www.securityfocus.com/archive/1/495061

Quote:
======
2) Bug
======

The AA server can be terminated remotely through a specific single
spoofable UDP packet which leads to a failed assertion:

"Assertion failed: VoiceIndex<VOICE_MAX_CHATTERS"

Note: this bug is the same I found and disclosed in Unreal Tournament
2004 some days ago and which affects some other games too (ut2004null).
Is there any possible way, to avoid these people crashing my server?
It seems, that there are many players who can abuse this exploit...
Reply With Quote
  #2  
Unread 13th September, 2008, 07:52 PM
Wormbo's Avatar
Wormbo Wormbo is offline
out of order
 
Join Date: Sep 2003
Posts: 3,383
Default

That guy releases his "advisories" without giving affected game developers a head start. Send your praise to [email address].
__________________
Wormbo's UT/UT2004/UT3 mods | PlanetJailbreak | Unreal Wiki | Liandri Archives
Quote:
<@Mych|Lockdown> ...and the award for the most creative spelling of "Jailbreak" goes to ... "Gandis Jealbrake Server"
Reply With Quote
  #3  
Unread 13th September, 2008, 07:30 PM
Disasterpiece Disasterpiece is offline
Forum Newcomer
 
Join Date: Jun 2007
Posts: 12
Default

Uhm sry but i dont know what you mean.
Is this the one who creates this hacks? or can this help me in any way?
Reply With Quote
  #4  
Unread 14th September, 2008, 03:05 AM
Wormbo's Avatar
Wormbo Wormbo is offline
out of order
 
Join Date: Sep 2003
Posts: 3,383
Default

Yes, sort of. He created a proof-of-concept exploit and released it, along with his advisory, to the public.
__________________
Wormbo's UT/UT2004/UT3 mods | PlanetJailbreak | Unreal Wiki | Liandri Archives
Quote:
<@Mych|Lockdown> ...and the award for the most creative spelling of "Jailbreak" goes to ... "Gandis Jealbrake Server"
Reply With Quote
  #5  
Unread 14th September, 2008, 07:43 AM
Disasterpiece Disasterpiece is offline
Forum Newcomer
 
Join Date: Jun 2007
Posts: 12
Default

well then. just shutting down all servers and wait until something happens?

//e:

could anyone post the ip of this jerk or send it per pm to me so i can try to block his attacks?
seems to be the only way to me...

Last edited by Disasterpiece : 14th September, 2008 at 07:49 AM.
Reply With Quote
  #6  
Unread 14th September, 2008, 08:48 AM
Shambler Shambler is offline
Holy Shit!!
 
Join Date: Jul 2004
Posts: 875
Default

Posted this fix on the UT2004 mailing list (Win32 only), though I guess there aren't many people still on that list:
http://download.beyondunreal.com/fil...xploit-fix.zip (thanks to Haarg at BU for uploading).

That's tested and works, feel free to pass the link on to other UT2004 admins, though please don't have it posted on news sites.
Reply With Quote
  #7  
Unread 14th September, 2008, 09:27 AM
}TCP{Carnage's Avatar
}TCP{Carnage }TCP{Carnage is offline
Rampage
 
Join Date: May 2006
Location: Nightbar Rooie Oortjes Kromme weele 3 Middelburg
Posts: 68
Default

hope the linux fix will be there shortly too .. quite annoying
__________________
Patience Is A Virtue
Anger Is A Gift

Unreal 1 - 16 slot 227f - }TCP{ Funhouse #5 [MonsterMash !!]-:: Go There ::-
Unreal 1 - 8 slot 227f - }TCP{ Funhouse #6 [TeamArenaMaster !!] -:: Go There ::-


UT2004 - 32 slot }TCP{ Funhouse !! [4 Teams Freon Madness] !! -:: Go There ::-
UT2004 - 12 slot }TCP{ Funhouse #1 [TAM / Freezetag] !! -:: Go There ::-
UT2004 - 2 slot }TCP{ Funhouse #3 [1vs1 or 2 vs 2] !! -:: Go There ::-
UT2004 - 12 slot }TCP{ Funhouse #4 [ONS/TAM/AM/Moso 12p] !! -:: Go There ::-

Open Source Beer
The }TCP{ Website
Reply With Quote
  #8  
Unread 14th September, 2008, 09:27 AM
Wormbo's Avatar
Wormbo Wormbo is offline
out of order
 
Join Date: Sep 2003
Posts: 3,383
Default

Quote:
Originally Posted by Wormbo View Post
That guy releases his "advisories" without giving affected game developers a head start. Send your praise to [email address].
I can only repeat myself here, he'll actually read your mails. Expect fun replies.
__________________
Wormbo's UT/UT2004/UT3 mods | PlanetJailbreak | Unreal Wiki | Liandri Archives
Quote:
<@Mych|Lockdown> ...and the award for the most creative spelling of "Jailbreak" goes to ... "Gandis Jealbrake Server"
Reply With Quote
  #9  
Unread 14th September, 2008, 12:04 PM
Disasterpiece Disasterpiece is offline
Forum Newcomer
 
Join Date: Jun 2007
Posts: 12
Default

well, i dont have time for writing senseless messages to some jerks who have nothing better to do than making trouble in the ut community

i'll try this fix. thx
Reply With Quote
  #10  
Unread 14th September, 2008, 02:14 PM
onkelx onkelx is offline
Forum Newcomer
 
Join Date: Feb 2007
Posts: 10
Default

Hi

Im very happy to see that someone tries to help the linux admins.
I just tested it, but it gives errors.

Here is the log.

Log: Log file open, Sun Sep 14 21:08:32 2008
Init: Name subsystem initialized
Init: Version: 3339 (128.29)
Init: Compiled: Nov 13 2004 05:57:06
Init: Command line: DM-Rankin?game=3SPNv3141.TeamArenaMaster?mutator=Zoun d54.Zound,UnrealGame.MutGameSpeed,TA100.MutTalking Icon?BalanceTeams=True?AdminName=xxxxxx?AdminPassw ord=xxxxxx?GameStats=true -nohomedir ini=UT2004.ini -log
Init: (This is Linux patch version 3339.0)
Init: Character set: Unicode
Init: Base directory: /home/core-servers/TAM/System/
Init: Ini:UT2004.ini UserIni:User.ini
Init: Build label: Build UT2004_Build_[2005-11-23_16.22]
Init: Object subsystem initialized
Log: Executing Class Engine.ServerCommandlet
Warning: Missing Class Class Editor.TransBuffer
Critical: Can't find 'intAMasterServerUplinkexecForceGameStateRefresh' in 'IpDrv.dll'
Exit: Executing UObject::StaticShutdownAfterError
Exit: Exiting.
Log: FileManager: Reading 0 GByte 12 MByte 530 KByte 935 Bytes from HD took 0.886656 seconds (0.017735 reading, 0.868922 seeking).
Log: FileManager: 0.000000 seconds spent with misc. duties
Uninitialized: Name subsystem shut down
Uninitialized: Log file closed, Sun Sep 14 21:08:34 2008

I hope this helps
Reply With Quote
  #11  
Unread 14th September, 2008, 02:14 PM
Donzi Donzi is offline
Killing Spree
 
Join Date: Feb 2003
Location: Germany.gif
Posts: 20
Default

Linux:
Code:
Log: Log file open, Sun Sep 14 21:09:31 2008
Init: Name subsystem initialized
Init: Version: 3339 (128.29)
Init: Compiled: Nov 13 2004 05:57:06
Init: Command line: DM-Rankin-FE?Game=3spnv3141.TeamArenaMaster?*cut* -nohomedir
Init: (This is Linux patch version 3339.0)
Init: Character set: Unicode
Init: Base directory: /*cut
Init: Ini:/*cut*  UserIni:User.ini
Init: Build label:  Build UT2004_Build_[2005-11-23_16.22]
Init: Object subsystem initialized
Log: Executing Class Engine.ServerCommandlet
Warning: Missing Class Class Editor.TransBuffer
Critical: Can't find 'intAMasterServerUplinkexecForceGameStateRefresh' in 'IpDrv.dll'
Exit: Executing UObject::StaticShutdownAfterError
Exit: Exiting.
Log: FileManager: Reading 0 GByte 12 MByte 579 KByte 204 Bytes from HD took 0.187045 seconds (0.059468 reading, 0.127577 seeking).
Log: FileManager: 0.000000 seconds spent with misc. duties
Uninitialized: Name subsystem shut down
Uninitialized: Log file closed, Sun Sep 14 21:09:32 2008
__________________
http://www.UTzone.de
Reply With Quote
  #12  
Unread 14th September, 2008, 02:33 PM
jackycola jackycola is offline
Forum Newcomer
 
Join Date: Nov 2005
Posts: 6
Default

I used the win32 patch on linux server -> didnt help.

then i added the linux-bin, that you posted here, now the server is up stable since 20:53 with no error o_O


thanks a lot
__________________
Coke-Paradise Studios
Reply With Quote
  #13  
Unread 14th September, 2008, 02:38 PM
frisp's Avatar
frisp frisp is offline
Godlike
 
Join Date: Mar 2004
Location: Penicuik, Scotland
Posts: 384
Default

jackycola, do you still have the link. I'll give it a whirl here too.

Thanks in advance
__________________
Thanks

[_]frisp

Reply With Quote
  #14  
Unread 14th September, 2008, 02:39 PM
AnthraX's Avatar
AnthraX AnthraX is offline
Administrator
 
Join Date: Jun 2004
Location: Ghent (Belgium)
Posts: 1,380
Default

sorry, the link I posted above was based on the v3339 version of ucc-bin. v3369 coming up.
Reply With Quote
  #15  
Unread 14th September, 2008, 02:41 PM
frisp's Avatar
frisp frisp is offline
Godlike
 
Join Date: Mar 2004
Location: Penicuik, Scotland
Posts: 384
Default

Cheers Anthrax
__________________
Thanks

[_]frisp

Reply With Quote
  #16  
Unread 14th September, 2008, 02:46 PM
AnthraX's Avatar
AnthraX AnthraX is offline
Administrator
 
Join Date: Jun 2004
Location: Ghent (Belgium)
Posts: 1,380
Default

Ok, second try:

http://utgl.unrealadmin.org/UT2004/V...xploit-fix.zip
Reply With Quote
  #17  
Unread 14th September, 2008, 02:52 PM
frisp's Avatar
frisp frisp is offline
Godlike
 
Join Date: Mar 2004
Location: Penicuik, Scotland
Posts: 384
Default

Cheers, uploading now
__________________
Thanks

[_]frisp

Reply With Quote
  #18  
Unread 14th September, 2008, 02:54 PM
Donzi Donzi is offline
Killing Spree
 
Join Date: Feb 2003
Location: Germany.gif
Posts: 20
Default

server runs, waiting for hacking ^^
__________________
http://www.UTzone.de
Reply With Quote
  #19  
Unread 14th September, 2008, 03:15 PM
onkelx onkelx is offline
Forum Newcomer
 
Join Date: Feb 2007
Posts: 10
Default

It works

Thanks for sorting this man
Reply With Quote
  #20  
Unread 14th September, 2008, 03:17 PM
frisp's Avatar
frisp frisp is offline
Godlike
 
Join Date: Mar 2004
Location: Penicuik, Scotland
Posts: 384
Default

Right, all servers patched. Holding steady so far. Good job Anthrax & my thanks
__________________
Thanks

[_]frisp

Reply With Quote
Reply


Currently Active Users Viewing This Thread: 2 (0 members and 2 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT +1. The time now is 10:46 AM.


 

All pages are copyright The Unreal Admins Page.
You may not copy any pages without our express permission.