CoDJumper.com

Well since few of you might know yesterday we had a hack attack on few jump servers... one of the hackers was my friend so i abused my friendship for him to give me the hack program... so when he sent it i figured out how the thing works... its similar to the quake3 games hack... you just download the server.cfg from the main folder... so all you guys which have a promod server or a jump server make sure in your server.cfg there isnt a rcon_password or just rename the server.cfg into something random... Peds already fixed on CJ1 you guys do on your servers!!! PS. in promod servers the config sometimes is in Mods/promodlive204/config.cfg


Dont bother PMing activision or infinity ward.. they are working on it since 2008 but still havent found a fix for it....

In summary, rename your server.cfg to something people won't guess, and then change the command line accordingly.

I didn't really think something like this was possible. Thanks a lot man

and what if i'm not able to modify the command line because my rent farm doesn't allow me to do that?

Is it possible to fix this putting in the main server.cfg a redirect to another cfg?

for exemple i'll rename server.cfg to random.cfg and i'll create another server.cfg and write in it exec random.cfg. Do you think that i can solve this problem?

Best to e-mail your server provider if you're unable to change the command line to allow for a different config name.

Well if you cant edit it... whats your servers IP?

Husker wrote:Well if you cant edit it... whats your servers IP?

are you saying that you'r going to change my command line?

And that's why smart people are admins!

KillerSam wrote:

MORGOTH wrote:

Husker wrote:Well if you cant edit it... whats your servers IP?

are you saying that you'r going to change my command line?

More that he was going to download your config and get your rcon password I think

he already has that because last night i found my server name changed...

but i said i can't edit the command line... not the server.cfg...

so i don't understand his post

there is pretty simple solution - you can have a rcon pw in the server.cfg but then connect to server and set it to a different rcon password - it won't be stored in the server.cfg and even if they download it the password won't work

Yep, although a bit of an effort for each time you want to restart the server.

I actually knew this was possible. My friend got the rcon's from the H2K servers etc but i wasn't going to post this because it's certain that people are going to try this now..

Hoogie wrote:I actually knew this was possible. My friend got the rcon's from the H2K servers etc but i wasn't going to post this because it's certain that people are going to try this now..

This has been known since early quake games, the tools became available in 2008. The majority of "hack sites" that provide tha aimbot style hacks are (as far as research found) unaware of the tool, many sites suggesting it being impossible.

To find the tools, you do need to know a little more information than what has been provided here.

Drofder2004 wrote:

Hoogie wrote:I actually knew this was possible. My friend got the rcon's from the H2K servers etc but i wasn't going to post this because it's certain that people are going to try this now..

This has been known since early quake games, the tools became available in 2008. The majority of "hack sites" that provide tha aimbot style hacks are (as far as research found) unaware of the tool, many sites suggesting it being impossible.

To find the tools, you do need to know a little more information than what has been provided here.

A friend sent me the tool.

Hoogie wrote:A friend sent me the tool.

I was able to find, locate and use the tools successfully within an hour of being notified of the 'hack'.

I suggest to those who are unable to edit their command lines due to server hosting issues get in touch with their server hosts and make them aware of the issue.

In the mean time, as suggested you will have to manually set your rcon_password after each server reboot as this will then make the config password pointless.