REAL condump of admin abuse, check logs to be sure

[console]

Only someone falsely using his name/password could explain that, but then the IPA would tell the truth.

Unfortunately, the admin.log file provided by the old versions of jumpmod was utterly useless.  No IP information, hardly any commands even logged at all, the commands that were logged showed the player name but not the actual admin account name that was being used by the player, etc.  Just abjectly abysmally unhelpful for doing any kind of forensic detective work.

Thankfully, Lohmatiy has improved the admin.log in the recent jumpmod builds he's provided us.  As we discovered the other day, there are unfortunately still a number of admin commands that do not get logged at all.  But it's better than it used to be, and at least now, for the commands that are logged, we get, player name, admin account name, and IP.


Regards,

[Kingsize]

Only someone falsely using his name/password could explain that, but then the IPA would tell the truth.

Unfortunately, the admin.log file provided by the old versions of jumpmod was utterly useless.  No IP information, hardly any commands even logged at all, the commands that were logged showed the player name but not the actual admin account name that was being used by the player, etc.  Just abjectly abysmally unhelpful for doing any kind of forensic detective work.

Thankfully, Lohmatiy has improved the admin.log in the recent jumpmod builds he's provided us.  As we discovered the other day, there are unfortunately still a number of admin commands that do not get logged at all.  But it's better than it used to be, and at least now, for the commands that are logged, we get, player name, admin account name, and IP.


Regards,

You really trust him don't u?

Lohmatiy changed name to c00k!e
c00k!e: yo
c00k!e: I'm teh l33t c00k!e
c00k!e: k thx
c00k!e changed name to Lohmatiy
n00k!e: what lvl of admin r u?
Lohmatiy: ummm
n00k!e: which
n00k!e: 3 4 6 ?
Lohmatiy:
n00k!e: cose 1 would be too much for u ....
n00k!e: :>
Lohmatiy:
Kingsize: he shouldn't even be an admin
n00k!e: thats what im saying
Lohmatiy: well the server virtually runs my executable so... :p
n00k!e: :]
]na it's not yours
Kingsize: na it's not yours
accel entered the game
Lohmatiy:
Lohmatiy: you don't even know what I mean kingy
]u edited it and made some changes is all
Kingsize: u edited it and made some changes is all
Lohmatiy: I know the server's executable inside out since I was watching the source code in
details and I compiled it
]it's not your code
Kingsize: it's not your code
Lohmatiy: If I ever wanted, I would easily get the server down just by using one of the bugs
Lohmatiy: or get a 15 lvl access
]we all know that
Kingsize: we all know that
Lohmatiy: so what's the point of asking what lvl admin i am
Lohmatiy: lol
]u r a haxor
Kingsize: u r a haxor
Lohmatiy:
Lohmatiy: Thats cool
]so u shouldn't be allowed anything
Kingsize: so u shouldn't be allowed anything
Lohmatiy:


small dump from wp,see it how you like.

[Lohmatiy]

Yo kingy, that's the reason why I am trusted:

Lohmatiy: If I ever wanted, I would easily get the server down just by using one of the bugs
Lohmatiy: or get a 15 lvl access

Do I need to point out the word "wanted"? The ts and wp (and crikey and whatever runs 1.07 and higher) servers are still running and everything goes fine, what's your problem there? The possibility of that I could use my knowledge to do something harmful? Ohhhh waaaaait, we shouldn't trust you then, bcuz ya can get a knife and kill the konsolezz!! There's such a possibility! K thx.

[console]

Yo kingy, that's the reason why I am trusted:

Lohmatiy: If I ever wanted, I would easily get the server down just by using one of the bugs
Lohmatiy: or get a 15 lvl access

Do I need to point out the word "wanted"? The ts and wp (and crikey and whatever runs 1.07 and higher) servers are still running and everything goes fine, what's your problem there?

I would add that it would seem preferable to fix such bugs, once they are discovered.

(Example: http://secur1ty.net/advisories/001-Multiple_Vulnerabilities_In_Quake_II_Server.txt )

[Lohmatiy]

I would also add that it would seem preferrable to fix them, hadn't it been for the architecture of Q2 itself: none of the bugs I'm aware of, are just malformed commands or whatever, all of them are actually multiple-step attacks (oh well, I will not desribe those anywhere).

 

[ToxicMonkey^MZC]

I only wish I had condumped the conversation with Lohmatiy when he first started coming to jump and was explaining his attitude towards hacking.  It went something along the lines of: "I love hacking.  I see it as a personal challenge between me and the admins."

Now he gets to see all of our IP's, knows about bugs (exploitations?) in the code and feels it necessary to show off using veiled threats "If I ever wanted, I would easily get the server down just by using one of the bugs, or get lvl 15 access."

Let's not forget him and santher (and who knows who else) were caught using a speed 'exploitation' (Not a hack! Like we'd know the difference!).  This incident is still shrouded in secrecy but him and santher seem to come out of it smelling of roses and get server admin privileges.  Us mere users can only wonder what the fuck that was all about.  Let's have a frank explanation about what actually happened there.

On the face of it, you've got to wonder how he isn't banned.  Fom personal experience I know he is a devious, conniving bastard (see my addition to the 'dick list' - nicely engineered that, Loh).

santher is a terrible admin, I have about 20 condumps of him abusing powers, but I know he only operates withing the boundaries of his admin.  Lohmatiy, on the other hand, who knows what he's capable of?  I honestly do not trust him and hate seeing him in the server.

Even n00k!e, arguably the best jumper ever, obviously has his doubts about Lohmatiy's integrity.  I've never seen n00k!e talk like that to anybody.

[console]

I only wish I had condumped the conversation with Lohmatiy when he first started coming to jump and was explaining his attitude towards hacking.  It went something along the lines of: "I love hacking.  I see it as a personal challenge between me and the admins."

We have discussed this before.  Once again, I would refer you to the distinction between White Hat / Black Hat hackers.  White Hat hackers are valuable because it's important to discover lurking exploits in the code.  A Black Hat would use that discovery maliciously, while a White Hat would not use the exploit maliciously but would instead preferably inform whoever can fix the problem that the issue exists.

http://en.wikipedia.org/wiki/White_hat#White_Hat_Hacker

For example, when I added the invite! command the other day, WifiMan started looking for an exploit.  He found one pretty quick, too.  Then he let the admins know, and I immediately fixed it.

That is much preferable to having that exploit still lurking in the code, waiting to be discovered by someone of a darker purpose.

Now he gets to see all of our IP's

As far as I know, jumpmod admins don't have privileges to see IPs on our server.  (If I'm incorrect, someone please correct me.)


Regards,

quadz

[Lohmatiy]

As far as I know, jumpmod admins don't have privileges to see IPs on our server.  (If I'm incorrect, someone please correct me.)

ADMIN_IP_LEVEL

[console]

I would also add that it would seem preferrable to fix them, hadn't it been for the architecture of Q2 itself: none of the bugs I'm aware of, are just malformed commands or whatever, all of them are actually multiple-step attacks (oh well, I will not desribe those anywhere).

Not sure if you got my PM yet, but I would be interested to discuss such architectural issues privately.

If we are talking about fundamental problems with the Q2 architecture in terms of vulnerability to attacks, then it sounds like this may affect more mods than just jumpmod?

It is difficult for me to imagine vulnerabilities in Q2, whether architectural in nature or not, that simply cannot be fixed.

As such, my position would be: let's fix them.

...right?

For instance, why not get on an IRC channel with r1ch and jdolan, discuss the problems, and brainstorm on ways to fix them?


Regards,

quadz