clc_VoiceData exploid

[arflyter]

@will_rock, Я закрыл эту ошибку Это ты такой тупой. шальной
--- Добавлено позже ---
@arflyter, Мой дорогой друг Эта ошибка устранена с помощью "SMAC ULTRA" Я могу предоставить это для вас.
Но правила форума не позволяют.
--- Добавлено позже ---

@Hossinkia, Так помогите мне как-то

 

[Hossinkia]

@arflyter, Форум не позволяет

 

[arflyter]

@arflyter, Форум не позволяет

не могу понять Как это форум не позволяет

 

[StormX]

не могу понять Как это форум не позволяет

Не позволяет ему сбросить тебе крякнутый Smac Ultr@ и ProcessCMDs 1.0.9
Вообще в этой теме есть правила для iptables которые фиксят данную проблему.
clc_VoiceData exploid
--- Добавлено позже ---
Если не получится сделать все автоматически делаем так:
1. В etc создаем папку iptables и бросаем туда файлы rules.v4 a(rules.v6) и говорим chmod +x /etc/iptables/rules.v4 и chmod +x /etc/iptables/rules.v6 да бы правила подхватывались при перезагрузке VDS.
2. Перезагружаем VDS
Для работы с vds используй winscp и putty.

Набросал по быстрому, поэтому за работоспособность не отвечаю. :biggrin:

 

[Hossinkia]

@REDWOOD,
Эта ошибка закрыта в Linux.
Сделай это для Windows

 

[arflyter]

Не позволяет ему сбросить тебе крякнутый Smac Ultr@ и ProcessCMDs 1.0.9
Вообще в этой теме есть правила для iptables которые фиксят данную проблему.
clc_VoiceData exploid
--- Добавлено позже ---
Если не получится сделать все автоматически делаем так:
1. В etc создаем папку iptables и бросаем туда файлы rules.v4 a(rules.v6) и говорим chmod +x /etc/iptables/rules.v4 и chmod +x /etc/iptables/rules.v6 да бы правила подхватывались при перезагрузке VDS.
2. Перезагружаем VDS
Для работы с vds используй winscp и putty.

Набросал по быстрому, поэтому за работоспособность не отвечаю. :biggrin:

root@SRV-GAME:~# iptables -A PREROUTING -p udp -m u32 --u32 "0x1a&0xffff=0xfeff" -j DROP
iptables: No chain/target/match by that name.
root@SRV-GAME:~#


apt-get install iptables-persistent
стоит правило подхватывается автоматом

Как исправить это
но в таблице RAW они есть
Screenshot

 

[damianmp]

I have a single question, How i can to catch the correct packet? --u32 "0x1a&0xffff=0xfeff" for example, because Ultr@hook has a some exploid but it is made differently.

pd: happy new year!

 

[Hossinkia]

@damianmp, Of course this is not correct.

pn: also

 

[damianmp]

This solution works for both chits? i examined ultr@hook's voice exploid packages and is a bit different i think. They send allways a concrete size and behavior ramdom.

Edit: i cant run any program in my notebook -_-

 

[Hossinkia]

@damianmp, if blocked sound are you kicked player?

+Added: Fixed!

 

[damianmp]

yeeeah this firewall rules block both chits, thx guys.
+rep By.Maxx.!

 

[Hossinkia]

@damianmp, Nice :)

 

[damianmp]

yeeeah this firewall rules block both chits, thx guys.
+rep By.Maxx.!

Sorry, my fault. Only mass disconect can be blocked but Ultr@hook cheat's not. they has a behavior broadly similar.
First the client spam this for 30 times approximately.

Спойлер

0000   -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --   ................
0010   -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --   ................
0020   -- -- 69 7d 69 88 00 44 b5 85 a5 07 00 00 45 02   ..i}i..Dµ.¥...E.
0030   00 00 00 01 0a 2f 00 00 00 00 00 00 00 00 00 00   ...../..........
0040   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0050   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0060   00 00 00 00 00 00                                 ......

0000   -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --   ................
0010   -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --   ................
0020   -- -- 69 7d 69 88 00 44 bf 85 9e 07 00 00 42 02   ..i}i..D¿.....B.
0030   00 00 00 01 0a 2f 00 00 00 00 00 00 00 00 00 00   ...../..........
0040   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0050   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0060   00 00 00 00 00 00                                 ......

And then the server response with this:

Спойлер

0000   -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --   ................
0010   -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --   ................
0020   -- -- 69 88 69 7d 00 99 83 4b 19 02 00 00 e5 02   ..i.i}........å.
0030   00 00 00 00 a3 fa 0d 00 40 23 ad e9 1b 00 40 01   ....£ú..@#.é..@.
0040   54 01 00 91 ad be 01 00 a4 56 60 51 19 f0 00 00   T....¾..¤V`Q.ð..
0050   00 1e 00 00 c0 03 00 00 78 00 00 00 0f 00 00 e0   ....À...x......à
0060   01 00 00 3c 00 00 80 07 00 00 f0 00 00 00 1e 00   ...<......ð.....
0070   00 c0 03 00 00 78 00 00 00 0f 00 00 e0 01 00 00   .À...x......à...
0080   3c 00 00 80 07 00 00 f0 00 00 00 1e 00 00 c0 03   <......ð......À.
0090   00 00 78 00 00 00 0f 00 00 e0 01 00 00 3c 00 00   ..x......à...<..
00a0   80 07 00 00 f0 00 00 00 1e 00 00 c0 03 00 00 78   ....ð......À...x
00b0   00 00 00 0f 00 00 e0 01 00 00 00                  ......à....

thx for all response guys! i will attach the file .pcap.
MEGA

 

[Rengers]

Give me one good reason to use Windows for a server, eSteamation has bug detecting REVemu 4th gen, harder to get 1k fps, firewall rules are hard to code there... ProcessCMDs can also fix this, but there is a glitch in cracked version,

Switch to Debian 8/Ubuntu 14.04/Ubuntu 16.04...
I have fix for this, for attacker cmdrate will fell
down to an level where it lags for him;

apt-get install iptables-persistent
Choose Y to save rules.v4, also for rules.v6

Open /etc/iptables/rules.v4
Copy this into a file
# Generated by iptables-save v1.4.21 on Wed Jun 27 08:15:27 2018
*filter
:INPUT ACCEPT [9732343:726476362]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [11954071:3240765871]
-A INPUT -p udp -m length --length 30:110 -m u32 --u32 "0x1a&0xffff=0x100" -j DROP
COMMIT
# Completed on Wed Jun 27 08:15:27 2018
# Generated by iptables-save v1.4.21 on Wed Jun 27 08:15:27 2018
*raw
:PREROUTING ACCEPT [9732416:726481760]
:OUTPUT ACCEPT [11954080:3240767059]
-A PREROUTING -p udp -m u32 --u32 "0x1a&0xffff=0xfeff" -j DROP
-A PREROUTING -p udp -m u32 --u32 "0x1a&0xffff=0xfeff" -j DROP
-A PREROUTING -p udp -m u32 --u32 "0x1a&0xffff=0xfeff" -j DROP
COMMIT
# Completed on Wed Jun 27 08:15:27 2018

Save it, restart your machine; after restart, type iptables-save, and try mass on your server... :)

regards

I do this exactly but did NOT work .i think there should be a exts or plugin files.iptables cant work alone.

 

[damianmp]

Hi there! i made a few rules for Ultra voice exploid. Is very weird because only work with this rates.

Спойлер

Спойлер

# Generated by iptables-save v1.4.21 on Fri Feb 15 20:22:41 2019
*mangle
:PREROUTING ACCEPT [690706341:58247511487]
:INPUT ACCEPT [690706341:58247511487]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [633737031:119475421509]
:POSTROUTING ACCEPT [633737228:119475473546]
COMMIT
# Completed on Fri Feb 15 20:22:41 2019
# Generated by iptables-save v1.4.21 on Fri Feb 15 20:22:41 2019
*raw
:PREROUTING ACCEPT [3150099:257663403]
:OUTPUT ACCEPT [2964870:542464638]
-A PREROUTING -p udp -m string --hex-string "|0a2f0000000000|" --algo kmp --to 65535 -j DROP
-A PREROUTING -p udp -m string --hex-string "|0a2f0000000000|" --algo kmp --to 65535 -j DROP
-A PREROUTING -p udp -m string --hex-string "|0a2f0000000000|" --algo kmp --to 65535 -j DROP
-A PREROUTING -p udp -m string --hex-string "|0a2f0000|" --algo kmp --to 65535 -j DROP
-A PREROUTING -p udp -m string --hex-string "|0a2f0000|" --algo kmp --to 65535 -j DROP
-A PREROUTING -p udp -m string --hex-string "|0a2f0000|" --algo kmp --to 65535 -j DROP
-A PREROUTING -p udp -m u32 --u32 "0x16&0xffff=0x44" -m length --length 88 -m string --hex-string "|0a2f00|" --algo kmp --to 65535 -j DROP
-A PREROUTING -p udp -m u32 --u32 "0x16&0xffff=0x44" -m length --length 88 -m string --hex-string "|0a2f00|" --algo kmp --to 65535 -j DROP
-A PREROUTING -p udp -m u32 --u32 "0x16&0xffff=0x44" -m length --length 88 -m string --hex-string "|0a2f00|" --algo kmp --to 65535 -j DROP
-A PREROUTING -p udp -m u32 --u32 "0x16&0xffff=0x45" -m length --length 89 -m string --hex-string "|0a2f00|" --algo kmp --to 65535 -j DROP
-A PREROUTING -p udp -m u32 --u32 "0x16&0xffff=0x45" -m length --length 89 -m string --hex-string "|0a2f00|" --algo kmp --to 65535 -j DROP
-A PREROUTING -p udp -m u32 --u32 "0x16&0xffff=0x45" -m length --length 89 -m string --hex-string "|0a2f00|" --algo kmp --to 65535 -j DROP
COMMIT
# Completed on Fri Feb 15 20:22:41 2019
# Generated by iptables-save v1.4.21 on Fri Feb 15 20:22:41 2019
*nat
:PREROUTING ACCEPT [1286711:65378177]
:INPUT ACCEPT [1283759:65207769]
:OUTPUT ACCEPT [367992:14030164]
:POSTROUTING ACCEPT [367992:14030164]
COMMIT
# Completed on Fri Feb 15 20:22:41 2019
# Generated by iptables-save v1.4.21 on Fri Feb 15 20:22:41 2019
*filter
:INPUT ACCEPT [23692:1955769]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [21281:3944012]
-A INPUT -p udp -m string --hex-string "|0a2f0000000000|" --algo kmp --to 65535 -j DROP
-A INPUT -p udp -m string --hex-string "|0a2f0000|" --algo kmp --to 65535 -j DROP
-A INPUT -p udp -m u32 --u32 "0x16&0xffff=0x44" -m length --length 88 -m string --hex-string "|0a2f00|" --algo kmp --to 65535 -j DROP
-A INPUT -p udp -m u32 --u32 "0x16&0xffff=0x45" -m length --length 89 -m string --hex-string "|0a2f00|" --algo kmp --to 65535 -j DROP
-A OUTPUT -p udp -m string --hex-string "|1e0000c0030000780000000f0000e00100003c000080070000f0000000|" --algo kmp --to 65535 -j DROP
COMMIT
# Completed on Fri Feb 15 20:22:41 2019

also with this rules i have a several drops of packets per day.
Note: i tested both scripts, this ones and the By.Maxx.'s rules together.

 

[Hossinkia]

@damianmp, "processcmd" It's better in all linux sv
If the server run in Windows? :)

im fixed cheat ultra hook in windows. blocked dll soon...

 

[Собирается]

@damianmp, "processcmd" It's better in all linux sv
If the server run in Windows? :)

im fixed cheat ultra hook in windows. blocked dll soon...

hai , any fix for ultrahook exploit , can u pm me @damianmp

 

[Hossinkia]

@Собирается, Nice

 

[Собирается]

Hi there! i made a few rules for Ultra voice exploid. Is very weird because only work with this rates.

Спойлер

[/ SPOILER]

Спойлер

# Generated by iptables-save v1.4.21 on Fri Feb 15 20:22:41 2019
* missing
:PREROUTING ACCEPT [690706341:58247511487]
:INPUT ACCEPT [690706341:58247511487]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [633737031:119475421509]
:POSTROUTING ACCEPT [633737228:119475473546]
COMMIT
# Completed on Fri Feb 15 20:22:41 2019
# Generated by iptables-save v1.4.21 on Fri Feb 15 20:22:41 2019
*raw
:PREROUTING ACCEPT [3150099:257663403]
:OUTPUT ACCEPT [2964870:542464638]
-A PREROUTING -p udp -m string --hex-string "|0a2f0000000000|" --algo kmp --to 65535 -j DROP
-A PREROUTING -p udp -m string --hex-string "|0a2f0000000000|" --algo kmp --to 65535 -j DROP
-A PREROUTING -p udp -m string --hex-string "|0a2f0000000000|" --algo kmp --to 65535 -j DROP
-A PREROUTING -p udp -m string --hex-string "|0a2f0000|" --algo kmp --to 65535 -j DROP
-A PREROUTING -p udp -m string --hex-string "|0a2f0000|" --algo kmp --to 65535 -j DROP
-A PREROUTING -p udp -m string --hex-string "|0a2f0000|" --algo kmp --to 65535 -j DROP
-A PREROUTING -p udp -m u32 --u32 "0x16&0xffff=0x44" -m length --length 88 -m string --hex-string "|0a2f00|" --algo kmp --to 65535 -j DROP
-A PREROUTING -p udp -m u32 --u32 "0x16&0xffff=0x44" -m length --length 88 -m string --hex-string "|0a2f00|" --algo kmp --to 65535 -j DROP
-A PREROUTING -p udp -m u32 --u32 "0x16&0xffff=0x44" -m length --length 88 -m string --hex-string "|0a2f00|" --algo kmp --to 65535 -j DROP
-A PREROUTING -p udp -m u32 --u32 "0x16&0xffff=0x45" -m length --length 89 -m string --hex-string "|0a2f00|" --algo kmp --to 65535 -j DROP
-A PREROUTING -p udp -m u32 --u32 "0x16&0xffff=0x45" -m length --length 89 -m string --hex-string "|0a2f00|" --algo kmp --to 65535 -j DROP
-A PREROUTING -p udp -m u32 --u32 "0x16&0xffff=0x45" -m length --length 89 -m string --hex-string "|0a2f00|" --algo kmp --to 65535 -j DROP
COMMIT
# Completed on Fri Feb 15 20:22:41 2019
# Generated by iptables-save v1.4.21 on Fri Feb 15 20:22:41 2019
*nat
:PREROUTING ACCEPT [1286711:65378177]
:INPUT ACCEPT [1283759:65207769]
:OUTPUT ACCEPT [367992:14030164]
:POSTROUTING ACCEPT [367992:14030164]
COMMIT
# Completed on Fri Feb 15 20:22:41 2019
# Generated by iptables-save v1.4.21 on Fri Feb 15 20:22:41 2019
*filter
:INPUT ACCEPT [23692:1955769]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [21281:3944012]
-A INPUT -p udp -m string --hex-string "|0a2f0000000000|" --algo kmp --to 65535 -j DROP
-A INPUT -p udp -m string --hex-string "|0a2f0000|" --algo kmp --to 65535 -j DROP
-A INPUT -p udp -m u32 --u32 "0x16&0xffff=0x44" -m length --length 88 -m string --hex-string "|0a2f00|" --algo kmp --to 65535 -j DROP
-A INPUT -p udp -m u32 --u32 "0x16&0xffff=0x45" -m length --length 89 -m string --hex-string "|0a2f00|" --algo kmp --to 65535 -j DROP
-A OUTPUT -p udp -m string --hex-string "|1e0000c0030000780000000f0000e00100003c000080070000f0000000|" --algo kmp --to 65535 -j DROP
COMMIT
# Completed on Fri Feb 15 20:22:41 2019

also with this rules i have a several drops of packets per day.
Note: i tested both scripts, this ones and the By.Maxx.'s rules together.

Спойлер

not working , still players getting kicked ? any suggestion ?

 

[Rengers]

i understand this codes
Open /etc/iptables/rules.v4 (where is it ? )

please say more tnx and help me more please


Open /etc/iptables/rules.v4
Copy this into a file
# Generated by iptables-save v1.4.21 on Wed Jun 27 08:15:27 2018
*filter
:INPUT ACCEPT [9732343:726476362]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [11954071:3240765871]

thats linux iptables codes.