New RCon exploit?

On most game servers, including TF2 servers, you have the possibility of executing commands remotely into the server’s console, called RCon (remote console). To be allowed to do that you have to specify the rcon password for the given server.

Of course it is extremely important that there are no vulnerabilities. The rcon protocol that is being used in TF2 has also been used in all of Valve’s previous games (including Half-Life, CS, CS:S) with only some small changes. So at this point one would expect that most, if not all, rcon exploits should be fixed.

But yesterday in the much anticipated match, ESL Nation’s Cup Finals between Sweden and Finland, there seemed to be a new rcon exploit. They experienced “random” crashes on both a finnish server and a server in UK. After checking the logs they found that someone tried to hack the servers. Also Multiplay’s pickup servers seemed to crash randomly yesterday.

Last month someone reported this exploit. Is that the exploit that’s back now?

2 Comments

kentt says: 15 September 2008 - 14:12

kill swedes.

waebi says: 15 September 2008 - 20:43

the one comment there said it looks like it’s SourceMod related, so maaany servs could be vulnerable…
sucks. Just leave us playing 🙁

Leave a comment


Warning: Undefined variable $user_ID in /var/www/krus.dk/gossip/wp-content/themes/librio/comments.php on line 37

You must be logged in to post a comment.