Author Topic: REAL condump of admin abuse, check logs to be sure  (Read 17679 times)

Offline console

  • Brobdingnagian Member
  • ***
  • Posts: 4518
  • "Man, this is the way to travel," said my attorney
    • View Profile
    • tastyspleen.net
  • Rated:
Re: REAL condump of admin abuse, check logs to be sure
« Reply #45 on: November 07, 2008, 02:06:58 PM »
Only someone falsely using his name/password could explain that, but then the IPA would tell the truth.

Unfortunately, the admin.log file provided by the old versions of jumpmod was utterly useless.  No IP information, hardly any commands even logged at all, the commands that were logged showed the player name but not the actual admin account name that was being used by the player, etc.  Just abjectly abysmally unhelpful for doing any kind of forensic detective work.

Thankfully, Lohmatiy has improved the admin.log in the recent jumpmod builds he's provided us.  As we discovered the other day, there are unfortunately still a number of admin commands that do not get logged at all.  But it's better than it used to be, and at least now, for the commands that are logged, we get, player name, admin account name, and IP.


Regards,

:dohdohdoh:
  • Insightful
    Informative
    Funny
    Nice Job / Good Work
    Rock On
    Flawless Logic
    Well-Reasoned Argument and/or Conclusion
    Demonstrates Exceptional Knowlege of the Game
    Appears Not to Comprehend Game Fundamentals
    Frag of the Week
    Frag Hall of Fame
    Jump of the Week
    Jump Hall of Fame
    Best Solution
    Wins The Internet
    Whoosh! You done missed the joke thar Cletus!
    Obvious Troll Is Obvious
    DO YOU EVEN LIFT?
    DEMO OR STFU
    Offtopic
    Flamebait
    Redundant
    Factually Challenged
    Preposterously Irrational Arguments
    Blindingly Obvious Logical Fallacies
    Absurd Misconstrual of Scientific Principles or Evidence
    Amazing Conspiracy Theory Bro
    Racist Ignoramus

Offline Kingsize

  • Full Member
  • ***
  • Posts: 227
    • View Profile
  • Rated:
Re: REAL condump of admin abuse, check logs to be sure
« Reply #46 on: November 08, 2008, 10:31:27 PM »
Only someone falsely using his name/password could explain that, but then the IPA would tell the truth.

Unfortunately, the admin.log file provided by the old versions of jumpmod was utterly useless.  No IP information, hardly any commands even logged at all, the commands that were logged showed the player name but not the actual admin account name that was being used by the player, etc.  Just abjectly abysmally unhelpful for doing any kind of forensic detective work.

Thankfully, Lohmatiy has improved the admin.log in the recent jumpmod builds he's provided us.  As we discovered the other day, there are unfortunately still a number of admin commands that do not get logged at all.  But it's better than it used to be, and at least now, for the commands that are logged, we get, player name, admin account name, and IP.


Regards,

:dohdohdoh:



You really trust him don't u?

Lohmatiy changed name to c00k!e
c00k!e: yo
c00k!e: I'm teh l33t c00k!e
c00k!e: k thx
c00k!e changed name to Lohmatiy
n00k!e: what lvl of admin r u?
Lohmatiy: ummm
n00k!e: which
n00k!e: 3 4 6 ?
Lohmatiy: :D
n00k!e: cose 1 would be too much for u ....
n00k!e: :>
Lohmatiy: :D
Kingsize: he shouldn't even be an admin
n00k!e: thats what im saying
Lohmatiy: well the server virtually runs my executable so... :p
n00k!e: :]
]na it's not yours
Kingsize: na it's not yours
accel entered the game
Lohmatiy: :)
Lohmatiy: you don't even know what I mean kingy
]u edited it and made some changes is all
Kingsize: u edited it and made some changes is all
Lohmatiy: I know the server's executable inside out since I was watching the source code in
details and I compiled it
]it's not your code
Kingsize: it's not your code
Lohmatiy: If I ever wanted, I would easily get the server down just by using one of the bugs
Lohmatiy: or get a 15 lvl access
]we all know that
Kingsize: we all know that
Lohmatiy: so what's the point of asking what lvl admin i am
Lohmatiy: lol
]u r a haxor
Kingsize: u r a haxor
Lohmatiy: 8)
Lohmatiy: Thats cool
]so u shouldn't be allowed anything
Kingsize: so u shouldn't be allowed anything
Lohmatiy: :)


small dump from wp,see it how you like.
  • Insightful
    Informative
    Funny
    Nice Job / Good Work
    Rock On
    Flawless Logic
    Well-Reasoned Argument and/or Conclusion
    Demonstrates Exceptional Knowlege of the Game
    Appears Not to Comprehend Game Fundamentals
    Frag of the Week
    Frag Hall of Fame
    Jump of the Week
    Jump Hall of Fame
    Best Solution
    Wins The Internet
    Whoosh! You done missed the joke thar Cletus!
    Obvious Troll Is Obvious
    DO YOU EVEN LIFT?
    DEMO OR STFU
    Offtopic
    Flamebait
    Redundant
    Factually Challenged
    Preposterously Irrational Arguments
    Blindingly Obvious Logical Fallacies
    Absurd Misconstrual of Scientific Principles or Evidence
    Amazing Conspiracy Theory Bro
    Racist Ignoramus

Offline Lohmatiy

  • Full Member
  • ***
  • Posts: 150
  • DI HALT / CLI HLT
    • View Profile
  • Rated:
Re: REAL condump of admin abuse, check logs to be sure
« Reply #47 on: November 09, 2008, 02:04:40 AM »
Yo kingy, that's the reason why I am trusted:

Lohmatiy: If I ever wanted, I would easily get the server down just by using one of the bugs
Lohmatiy: or get a 15 lvl access

Do I need to point out the word "wanted"? The ts and wp (and crikey and whatever runs 1.07 and higher) servers are still running and everything goes fine, what's your problem there? The possibility of that I could use my knowledge to do something harmful? Ohhhh waaaaait, we shouldn't trust you then, bcuz ya can get a knife and kill the konsolezz!! There's such a possibility! K thx.
  • Insightful
    Informative
    Funny
    Nice Job / Good Work
    Rock On
    Flawless Logic
    Well-Reasoned Argument and/or Conclusion
    Demonstrates Exceptional Knowlege of the Game
    Appears Not to Comprehend Game Fundamentals
    Frag of the Week
    Frag Hall of Fame
    Jump of the Week
    Jump Hall of Fame
    Best Solution
    Wins The Internet
    Whoosh! You done missed the joke thar Cletus!
    Obvious Troll Is Obvious
    DO YOU EVEN LIFT?
    DEMO OR STFU
    Offtopic
    Flamebait
    Redundant
    Factually Challenged
    Preposterously Irrational Arguments
    Blindingly Obvious Logical Fallacies
    Absurd Misconstrual of Scientific Principles or Evidence
    Amazing Conspiracy Theory Bro
    Racist Ignoramus
Dinanzi a me non fuor cose create se non etterne, e io etterno duro.

Offline console

  • Brobdingnagian Member
  • ***
  • Posts: 4518
  • "Man, this is the way to travel," said my attorney
    • View Profile
    • tastyspleen.net
  • Rated:
Re: REAL condump of admin abuse, check logs to be sure
« Reply #48 on: November 09, 2008, 02:58:52 AM »
Yo kingy, that's the reason why I am trusted:

Lohmatiy: If I ever wanted, I would easily get the server down just by using one of the bugs
Lohmatiy: or get a 15 lvl access

Do I need to point out the word "wanted"? The ts and wp (and crikey and whatever runs 1.07 and higher) servers are still running and everything goes fine, what's your problem there?

I would add that it would seem preferable to fix such bugs, once they are discovered.

(Example: http://secur1ty.net/advisories/001-Multiple_Vulnerabilities_In_Quake_II_Server.txt )


:exqueezeme:
  • Insightful
    Informative
    Funny
    Nice Job / Good Work
    Rock On
    Flawless Logic
    Well-Reasoned Argument and/or Conclusion
    Demonstrates Exceptional Knowlege of the Game
    Appears Not to Comprehend Game Fundamentals
    Frag of the Week
    Frag Hall of Fame
    Jump of the Week
    Jump Hall of Fame
    Best Solution
    Wins The Internet
    Whoosh! You done missed the joke thar Cletus!
    Obvious Troll Is Obvious
    DO YOU EVEN LIFT?
    DEMO OR STFU
    Offtopic
    Flamebait
    Redundant
    Factually Challenged
    Preposterously Irrational Arguments
    Blindingly Obvious Logical Fallacies
    Absurd Misconstrual of Scientific Principles or Evidence
    Amazing Conspiracy Theory Bro
    Racist Ignoramus

Offline Lohmatiy

  • Full Member
  • ***
  • Posts: 150
  • DI HALT / CLI HLT
    • View Profile
  • Rated:
Re: REAL condump of admin abuse, check logs to be sure
« Reply #49 on: November 09, 2008, 03:23:12 AM »
I would also add that it would seem preferrable to fix them, hadn't it been for the architecture of Q2 itself: none of the bugs I'm aware of, are just malformed commands or whatever, all of them are actually multiple-step attacks (oh well, I will not desribe those anywhere).

 :exqueezeme:
  • Insightful
    Informative
    Funny
    Nice Job / Good Work
    Rock On
    Flawless Logic
    Well-Reasoned Argument and/or Conclusion
    Demonstrates Exceptional Knowlege of the Game
    Appears Not to Comprehend Game Fundamentals
    Frag of the Week
    Frag Hall of Fame
    Jump of the Week
    Jump Hall of Fame
    Best Solution
    Wins The Internet
    Whoosh! You done missed the joke thar Cletus!
    Obvious Troll Is Obvious
    DO YOU EVEN LIFT?
    DEMO OR STFU
    Offtopic
    Flamebait
    Redundant
    Factually Challenged
    Preposterously Irrational Arguments
    Blindingly Obvious Logical Fallacies
    Absurd Misconstrual of Scientific Principles or Evidence
    Amazing Conspiracy Theory Bro
    Racist Ignoramus
Dinanzi a me non fuor cose create se non etterne, e io etterno duro.

Offline ToxicMonkey^MZC

  • Sr. Member
  • ****
  • Posts: 496
  • Proud to be a SCRUB
    • View Profile
  • Rated:
Re: REAL condump of admin abuse, check logs to be sure
« Reply #50 on: November 09, 2008, 04:34:12 AM »
I only wish I had condumped the conversation with Lohmatiy when he first started coming to jump and was explaining his attitude towards hacking.  It went something along the lines of: "I love hacking.  I see it as a personal challenge between me and the admins."

Now he gets to see all of our IP's, knows about bugs (exploitations?) in the code and feels it necessary to show off using veiled threats "If I ever wanted, I would easily get the server down just by using one of the bugs, or get lvl 15 access."

Let's not forget him and santher (and who knows who else) were caught using a speed 'exploitation' (Not a hack! Like we'd know the difference!).  This incident is still shrouded in secrecy but him and santher seem to come out of it smelling of roses and get server admin privileges.  Us mere users can only wonder what the fuck that was all about.  Let's have a frank explanation about what actually happened there.

On the face of it, you've got to wonder how he isn't banned.  Fom personal experience I know he is a devious, conniving bastard (see my addition to the 'dick list' - nicely engineered that, Loh).

santher is a terrible admin, I have about 20 condumps of him abusing powers, but I know he only operates withing the boundaries of his admin.  Lohmatiy, on the other hand, who knows what he's capable of?  I honestly do not trust him and hate seeing him in the server.

Even n00k!e, arguably the best jumper ever, obviously has his doubts about Lohmatiy's integrity.  I've never seen n00k!e talk like that to anybody.

  • Insightful
    Informative
    Funny
    Nice Job / Good Work
    Rock On
    Flawless Logic
    Well-Reasoned Argument and/or Conclusion
    Demonstrates Exceptional Knowlege of the Game
    Appears Not to Comprehend Game Fundamentals
    Frag of the Week
    Frag Hall of Fame
    Jump of the Week
    Jump Hall of Fame
    Best Solution
    Wins The Internet
    Whoosh! You done missed the joke thar Cletus!
    Obvious Troll Is Obvious
    DO YOU EVEN LIFT?
    DEMO OR STFU
    Offtopic
    Flamebait
    Redundant
    Factually Challenged
    Preposterously Irrational Arguments
    Blindingly Obvious Logical Fallacies
    Absurd Misconstrual of Scientific Principles or Evidence
    Amazing Conspiracy Theory Bro
    Racist Ignoramus

Offline console

  • Brobdingnagian Member
  • ***
  • Posts: 4518
  • "Man, this is the way to travel," said my attorney
    • View Profile
    • tastyspleen.net
  • Rated:
Re: REAL condump of admin abuse, check logs to be sure
« Reply #51 on: November 09, 2008, 01:13:29 PM »
I only wish I had condumped the conversation with Lohmatiy when he first started coming to jump and was explaining his attitude towards hacking.  It went something along the lines of: "I love hacking.  I see it as a personal challenge between me and the admins."

We have discussed this before.  Once again, I would refer you to the distinction between White Hat / Black Hat hackers.  White Hat hackers are valuable because it's important to discover lurking exploits in the code.  A Black Hat would use that discovery maliciously, while a White Hat would not use the exploit maliciously but would instead preferably inform whoever can fix the problem that the issue exists.

http://en.wikipedia.org/wiki/White_hat#White_Hat_Hacker

For example, when I added the invite! command the other day, WifiMan started looking for an exploit.  He found one pretty quick, too.  Then he let the admins know, and I immediately fixed it.

That is much preferable to having that exploit still lurking in the code, waiting to be discovered by someone of a darker purpose.


Now he gets to see all of our IP's

As far as I know, jumpmod admins don't have privileges to see IPs on our server.  (If I'm incorrect, someone please correct me.)


Regards,

quadz

  • Insightful
    Informative
    Funny
    Nice Job / Good Work
    Rock On
    Flawless Logic
    Well-Reasoned Argument and/or Conclusion
    Demonstrates Exceptional Knowlege of the Game
    Appears Not to Comprehend Game Fundamentals
    Frag of the Week
    Frag Hall of Fame
    Jump of the Week
    Jump Hall of Fame
    Best Solution
    Wins The Internet
    Whoosh! You done missed the joke thar Cletus!
    Obvious Troll Is Obvious
    DO YOU EVEN LIFT?
    DEMO OR STFU
    Offtopic
    Flamebait
    Redundant
    Factually Challenged
    Preposterously Irrational Arguments
    Blindingly Obvious Logical Fallacies
    Absurd Misconstrual of Scientific Principles or Evidence
    Amazing Conspiracy Theory Bro
    Racist Ignoramus

Offline Lohmatiy

  • Full Member
  • ***
  • Posts: 150
  • DI HALT / CLI HLT
    • View Profile
  • Rated:
Re: REAL condump of admin abuse, check logs to be sure
« Reply #52 on: November 09, 2008, 01:29:45 PM »
As far as I know, jumpmod admins don't have privileges to see IPs on our server.  (If I'm incorrect, someone please correct me.)
ADMIN_IP_LEVEL
  • Insightful
    Informative
    Funny
    Nice Job / Good Work
    Rock On
    Flawless Logic
    Well-Reasoned Argument and/or Conclusion
    Demonstrates Exceptional Knowlege of the Game
    Appears Not to Comprehend Game Fundamentals
    Frag of the Week
    Frag Hall of Fame
    Jump of the Week
    Jump Hall of Fame
    Best Solution
    Wins The Internet
    Whoosh! You done missed the joke thar Cletus!
    Obvious Troll Is Obvious
    DO YOU EVEN LIFT?
    DEMO OR STFU
    Offtopic
    Flamebait
    Redundant
    Factually Challenged
    Preposterously Irrational Arguments
    Blindingly Obvious Logical Fallacies
    Absurd Misconstrual of Scientific Principles or Evidence
    Amazing Conspiracy Theory Bro
    Racist Ignoramus
Dinanzi a me non fuor cose create se non etterne, e io etterno duro.

Offline console

  • Brobdingnagian Member
  • ***
  • Posts: 4518
  • "Man, this is the way to travel," said my attorney
    • View Profile
    • tastyspleen.net
  • Rated:
Re: REAL condump of admin abuse, check logs to be sure
« Reply #53 on: November 09, 2008, 05:42:32 PM »
I would also add that it would seem preferrable to fix them, hadn't it been for the architecture of Q2 itself: none of the bugs I'm aware of, are just malformed commands or whatever, all of them are actually multiple-step attacks (oh well, I will not desribe those anywhere).

Not sure if you got my PM yet, but I would be interested to discuss such architectural issues privately.

If we are talking about fundamental problems with the Q2 architecture in terms of vulnerability to attacks, then it sounds like this may affect more mods than just jumpmod?

It is difficult for me to imagine vulnerabilities in Q2, whether architectural in nature or not, that simply cannot be fixed.

As such, my position would be: let's fix them.

...right?

For instance, why not get on an IRC channel with r1ch and jdolan, discuss the problems, and brainstorm on ways to fix them?


Regards,

quadz
  • Insightful
    Informative
    Funny
    Nice Job / Good Work
    Rock On
    Flawless Logic
    Well-Reasoned Argument and/or Conclusion
    Demonstrates Exceptional Knowlege of the Game
    Appears Not to Comprehend Game Fundamentals
    Frag of the Week
    Frag Hall of Fame
    Jump of the Week
    Jump Hall of Fame
    Best Solution
    Wins The Internet
    Whoosh! You done missed the joke thar Cletus!
    Obvious Troll Is Obvious
    DO YOU EVEN LIFT?
    DEMO OR STFU
    Offtopic
    Flamebait
    Redundant
    Factually Challenged
    Preposterously Irrational Arguments
    Blindingly Obvious Logical Fallacies
    Absurd Misconstrual of Scientific Principles or Evidence
    Amazing Conspiracy Theory Bro
    Racist Ignoramus

 

El Box de Shoutamente

Last 10 Shouts:

Costigan_Q2

November 11, 2024, 06:41:06 AM
"Stay cozy folks.

Everything is gonna be fine."

There'll be no excuses for having TDS after January 20th, there'll be no excuses AT ALL!!!
 

|iR|Focalor

November 06, 2024, 03:28:50 AM
 

RailWolf

November 05, 2024, 03:13:44 PM
Nice :)

Tom Servo

November 04, 2024, 05:05:24 PM
The Joe Rogan Experience episode 223 that dropped a couple hours ago with Musk, they're talking about Quake lol.

Costigan_Q2

November 04, 2024, 03:37:55 PM
Stay cozy folks.

Everything is gonna be fine.
 

|iR|Focalor

October 31, 2024, 08:56:37 PM

Costigan_Q2

October 17, 2024, 06:31:53 PM
Not activated your account yet?

Activate it now! join in the fun!

Tom Servo

October 11, 2024, 03:35:36 PM
HAHAHAHAHAHA
 

|iR|Focalor

October 10, 2024, 12:19:41 PM
I don't worship the devil. Jesus is Lord, friend. He died for your sins. He will forgive you if you just ask.
 

rikwad

October 09, 2024, 07:57:21 PM
Sorry, I couldn't resist my inner asshole.

Show 50 latest
Welcome, Guest. Please login or register.
November 22, 2024, 10:49:41 PM

Login with username, password and session length