ThansalThe New ScumJoin Date: 2002-08-22Member: 1215Members, Constellation
edited August 2003
mmmm, and these are the type of people who get me banned from servers for being a l33+ haxz0rrr
just cuss I find it funny: <a href='http://www.csports.net' target='_blank'>www.csports.net</a> do a name search for that name and you will get some amusing stats <!--emo&:)--><img src='http://www.unknownworlds.com/forums/html/emoticons/smile.gif' border='0' style='vertical-align:middle' alt='smile.gif'><!--endemo--> (there fixed it hapy Ezekiel?? WELL ARE YOU?<!--emo&???--><img src='http://www.unknownworlds.com/forums/html/emoticons/confused.gif' border='0' style='vertical-align:middle' alt='confused.gif'><!--endemo-->? hehe <!--emo&:)--><img src='http://www.unknownworlds.com/forums/html/emoticons/smile.gif' border='0' style='vertical-align:middle' alt='smile.gif'><!--endemo--> ty for the heads up <!--emo&:p--><img src='http://www.unknownworlds.com/forums/html/emoticons/tounge.gif' border='0' style='vertical-align:middle' alt='tounge.gif'><!--endemo-->) (ok that just took like 3 edits, wow am I slow <!--emo&:p--><img src='http://www.unknownworlds.com/forums/html/emoticons/tounge.gif' border='0' style='vertical-align:middle' alt='tounge.gif'><!--endemo-->) aparently this guy really ranks up, he has played over 4989 hrs in the last month..... oh right, that only hapens when multiple people use the same name...
lol, almost as good as OMG AMUSIVE ADMINZZZ NVR GOO TO DEZZ SERVRZZZ TEH ADMNZZ B4ND MEEE 4 K!KNG THER ARSES!!!!111111oneoneelevengorge
th0r0nBorn again n00b Join Date: 2003-06-12Member: 17313Members
Reason number 4: You were using a warez copy of halflife, using keygens, but you accidently used a trojan that steals your CDKey and emails them off to a public list, warez_user_21032 inputs your CDKey, badda bing goodbye Wonid.
Btw anyone know if there's a way of decrypting WonIDS into CDKeys? I don't want to know what it's called or where to get it, just a strict yes or no answer (Just thought that if this is possible could be worth VALVe worrying about it)
Vri, I would say I am 99% certain the guy was either an admin or a friend of an admin.
However, the Won ID thing you described is sounds possible if your Won ID happened to change some how (but then all you would need to do is reinstal HL). But it is physically impossible for a client side hook or other cheat to either kick you or change your Won ID.
Either way, Vri, you are either very (<b>VERY</b>) confused, or you are phibbing.
I didnt read till all the messages, but im replying to the one regarding the supposed hacker
it seems very possible to me... and i hope my guess dun encourage real hackers though...
a good hacker may steal ur cdkey, thru the server connection? then kick u out with some kinda hack. then start a game with YOUR cdkey... and effectively u cant play. =P
Server could have been using an older version of HLDS where hackers could exploit a hole in the software,and kick you out via the hole
Trust me it happened once to me,some lamer was threatening the whole game and next thing we know he had the server shutdown completely,and the server admin was asleep,apparently his buddy called him and told him that the server crashed.So the guy digs up his log and finds a 'quit' command at the end :\
EDIT : As for decrypting WONIDs....could happen,sometimes I would get that error but its a flaw in WONs server auth code anyway
yeah, imo IT IS possible for a person to crash a client. I think it goes something like this:
(1). Uses a password cracking program (don't ask me on specifics, but I've seen it used in an Internet Cafe, and I've viewed the program itself ) on the server to determine it's admin pass. It basically goes through different number and letter combinations until it finds the correct one by sending packets to the server. (2). After getting the pass this new "admin" can launch a packet attack to your client using admin mod, again I don't know the specifics due to the fact that I'm not a hacker. I recall hearing about this potentionally destructive "session" a couple of months ago that could result in the clients HL crashing, then following that when the client attempts to either open HL or join a game, the screen would go blank. This was only repairable by reinstalling HL or potentionally your entire OS.
You'd think they'd fix these things, but hackers will always find a backdoor to satisfy their craving for annoyance/harassment. Just think of the lives of these people, their diet and social life, and you'll understand why hacking is so apparently popular, and why it never ceases to exist.
<!--QuoteBegin--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> </td></tr><tr><td id='QUOTE'><!--QuoteEBegin--> First of all, no cdkey generator has EVER been able create a key that will create a proper WONID that will auth with WON. Several cheats released to the public have been rumored to have trojans that will steal your cdkey from your registry and broadcast it to the creators.<!--QuoteEnd--></td></tr></table><span class='postcolor'><!--QuoteEEnd-->
My question is, would a firewall catch a program broadcasting a WONID? Could a program(without being directly controlled by an outside source IE: Trojan) use a mail program to e-mail the WONID(thus bypassing firewall protection)?
<!--QuoteBegin--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> </td></tr><tr><td id='QUOTE'><!--QuoteEBegin-->You'd think they'd fix these things, but hackers will always find a backdoor to satisfy their craving for annoyance/harassment. Just think of the lives of these people, their diet and social life, and you'll understand why hacking is so apparently popular, and why it never ceases to exist.<!--QuoteEnd--></td></tr></table><span class='postcolor'><!--QuoteEEnd-->
[sarcasm] Sooooo being a black hat cracker means the person is a moraless, honorless, malicious, nerdy social reject, who also cheats/exploits any online game he plays?[/sarcasm]
<!--QuoteBegin--Magical_Mongoose+Aug 21 2003, 07:00 AM--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> (Magical_Mongoose @ Aug 21 2003, 07:00 AM)</td></tr><tr><td id='QUOTE'><!--QuoteEBegin--> (1). Uses a password cracking program (don't ask me on specifics, but I've seen it used in an Internet Cafe, and I've viewed the program itself ) on the server to determine it's admin pass. It basically goes through different number and letter combinations until it finds the correct one by sending packets to the server. <!--QuoteEnd--> </td></tr></table><span class='postcolor'> <!--QuoteEEnd--> HLDS will ban your IP after 3 incorrect rcon passwords. A brute force attack on HLDS just isn't feasible.
Would it by any chance say "Your NAtural Selection is out of date. Would oyu lick to check the Internet for updates?", and if you click OK, it searches for HL patches, and tells you that you have the latest patch, yet it's outdated?
Cause that's happening to me right now <!--emo&:p--><img src='http://www.unknownworlds.com/forums/html/emoticons/tounge.gif' border='0' style='vertical-align:middle' alt='tounge.gif'><!--endemo-->
I can't authenticate, then it tells me it's out of date.
If not, then I'm guessing your WON ID was just lagging and was still remaining on WON Net after you got kicked out.
Probably he hacked your computer after finding out ur ip from the "status" command in hl, got the won id from the registery, as its not encoded, and went on to play with ur wonid, and thus making ur own won id unplayable.
Kerio personal firewall is quite a good free one(I think it's one of those things that is free for non commerical use). You want:
1)Something that will ask whether X program that wants to connect to the internet should be allowed to always do so.
and
2)A firewall that checks the version of the .exe(like a checksum for example), so crackers can't just replace your cleared .exe with their own backdoor. If the file has changed, you'll be notified and asked whether it should be allowed.
Kerio does these both. Just make sure that you have all other ports blocked off. That way anything that wants to connect to the net will have to go through you first. This way things like Mozilla and HL can connect, but ANYTHING else will be stopped without clearence first.
<!--QuoteBegin--sej+Aug 22 2003, 10:43 AM--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> (sej @ Aug 22 2003, 10:43 AM)</td></tr><tr><td id='QUOTE'><!--QuoteEBegin--> Probably he hacked your computer after finding out ur ip from the "status" command in hl, got the won id from the registery, as its not encoded, and went on to play with ur wonid, and thus making ur own won id unplayable.
Get a firewall. <!--QuoteEnd--> </td></tr></table><span class='postcolor'> <!--QuoteEEnd--> Listen very carefully, all of you. I'll type this slowly and spaced out.
You cannot access another clients IP address in a Half-Life game or mod without some form of admin or rcon access to the server.
Try reading my other posts in this therad to learn a little bit about what clients CAN do, and things they CAN NOT do thanks to the HL coding.
What if they gained access to an admin acount, or fooled the server into making them an admin(that'd need an exploit of course), or cracked a database to create their own admin account(there would have to be one somewhere). All possibilities, just improbable.
simple solution, just play as normal and if some guy threatens you like this again, type status, and write down his wonid before you say no to his HA request again. then if it happens again just report it to valve
<!--QuoteBegin--Rat+Aug 20 2003, 08:18 PM--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> (Rat @ Aug 20 2003, 08:18 PM)</td></tr><tr><td id='QUOTE'><!--QuoteEBegin--> Second of all, there is no clientside command that can eject a specific person from the game. <!--QuoteEnd--> </td></tr></table><span class='postcolor'> <!--QuoteEEnd--> Weeeeeelll....
You can always convince the person to perform some dangerous activity on their own (click here for a rad screensaver!). We used to do this in CS:
beefhole: how do u cheat? Me: You have to type "connect to cheats" in the console beefhole has left the game beefhole joined the game beefhole: that didnt work Me: You probably have anti-cheat binding on. Type "unbind all" in the console before you activate cheats, or the server will kick you
Regarding the OP's problem, the only way I can think of to work that would be to hax0r the server somehow. This would, in turn, give you the ability to send packets to some other player directly. But that would require a working remote sploit for both the HL server and the client. Which would be a non-trivial bit of code hacking.
Is it possible for admin's to actually run programs on your computer?
Is it possible for admin's to delete/corrupt .WAD files?
Last question,, how does WON Authentication work? Would it be possible (not me obv) to bypass this? As far as I can tell, it doesnt seem a verty secure system
Bottom line is you can't do nothing without the wonid. You can't ban someone based on the name because names are not original. Multiple people can use and share the same name, people can change their names.
Next time you should get their wonid or not bother posting. Also, as mentioned above, this should be reported in high detail to Valve. You should give them the max amount of info possible.
To answer your original problem Vri, here are a few possible solutions should anything like this happen again in the future:
(BTW, since NS 2.0 does not have VAC support as of now, you can't have a global ban from VAC)
1) get the cheater's wonid if possible (or ip address) 2) try a multitude of different servers 3) see if anyone else is possibly using your cdkey 4) if all else fails, don't reformat, just go out to a game store and buy some cheap half life retail mod and get that CD key. My friend bought Gunslinger (or some geeky Western style Sci-Fi shooter based off of the Half Life Engine) Retail for about 2 bucks. I'd say a new cd key is worth 2 bucks.
Comments
just cuss I find it funny:
<a href='http://www.csports.net' target='_blank'>www.csports.net</a>
do a name search for that name and you will get some amusing stats <!--emo&:)--><img src='http://www.unknownworlds.com/forums/html/emoticons/smile.gif' border='0' style='vertical-align:middle' alt='smile.gif'><!--endemo--> (there fixed it hapy Ezekiel?? WELL ARE YOU?<!--emo&???--><img src='http://www.unknownworlds.com/forums/html/emoticons/confused.gif' border='0' style='vertical-align:middle' alt='confused.gif'><!--endemo-->? hehe <!--emo&:)--><img src='http://www.unknownworlds.com/forums/html/emoticons/smile.gif' border='0' style='vertical-align:middle' alt='smile.gif'><!--endemo--> ty for the heads up <!--emo&:p--><img src='http://www.unknownworlds.com/forums/html/emoticons/tounge.gif' border='0' style='vertical-align:middle' alt='tounge.gif'><!--endemo-->) (ok that just took like 3 edits, wow am I slow <!--emo&:p--><img src='http://www.unknownworlds.com/forums/html/emoticons/tounge.gif' border='0' style='vertical-align:middle' alt='tounge.gif'><!--endemo-->)
aparently this guy really ranks up, he has played over 4989 hrs in the last month..... oh right, that only hapens when multiple people use the same name...
lol, almost as good as OMG AMUSIVE ADMINZZZ NVR GOO TO DEZZ SERVRZZZ TEH ADMNZZ B4ND MEEE 4 K!KNG THER ARSES!!!!111111oneoneelevengorge
Btw anyone know if there's a way of decrypting WonIDS into CDKeys? I don't want to know what it's called or where to get it, just a strict yes or no answer (Just thought that if this is possible could be worth VALVe worrying about it)
However, the Won ID thing you described is sounds possible if your Won ID happened to change some how (but then all you would need to do is reinstal HL). But it is physically impossible for a client side hook or other cheat to either kick you or change your Won ID.
Either way, Vri, you are either very (<b>VERY</b>) confused, or you are phibbing.
it seems very possible to me... and i hope my guess dun encourage real hackers though...
a good hacker may steal ur cdkey, thru the server connection?
then kick u out with some kinda hack.
then start a game with YOUR cdkey...
and effectively u cant play. =P
hope my creativity is all nonsense.
Trust me it happened once to me,some lamer was threatening the whole game and next thing we know he had the server shutdown completely,and the server admin was asleep,apparently his buddy called him and told him that the server crashed.So the guy digs up his log and finds a 'quit' command at the end :\
EDIT : As for decrypting WONIDs....could happen,sometimes I would get that error but its a flaw in WONs server auth code anyway
(1). Uses a password cracking program (don't ask me on specifics, but I've seen it used in an Internet Cafe, and I've viewed the program itself ) on the server to determine it's admin pass. It basically goes through different number and letter combinations until it finds the correct one by sending packets to the server.
(2). After getting the pass this new "admin" can launch a packet attack to your client using admin mod, again I don't know the specifics due to the fact that I'm not a hacker. I recall hearing about this potentionally destructive "session" a couple of months ago that could result in the clients HL crashing, then following that when the client attempts to either open HL or join a game, the screen would go blank. This was only repairable by reinstalling HL or potentionally your entire OS.
You'd think they'd fix these things, but hackers will always find a backdoor to satisfy their craving for annoyance/harassment. Just think of the lives of these people, their diet and social life, and you'll understand why hacking is so apparently popular, and why it never ceases to exist.
First of all, no cdkey generator has EVER been able create a key that will create a proper WONID that will auth with WON. Several cheats released to the public have been rumored to have trojans that will steal your cdkey from your registry and broadcast it to the creators.<!--QuoteEnd--></td></tr></table><span class='postcolor'><!--QuoteEEnd-->
My question is, would a firewall catch a program broadcasting a WONID? Could a program(without being directly controlled by an outside source IE: Trojan) use a mail program to e-mail the WONID(thus bypassing firewall protection)?
<!--QuoteBegin--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> </td></tr><tr><td id='QUOTE'><!--QuoteEBegin-->You'd think they'd fix these things, but hackers will always find a backdoor to satisfy their craving for annoyance/harassment. Just think of the lives of these people, their diet and social life, and you'll understand why hacking is so apparently popular, and why it never ceases to exist.<!--QuoteEnd--></td></tr></table><span class='postcolor'><!--QuoteEEnd-->
[sarcasm]
Sooooo being a black hat cracker means the person is a moraless, honorless, malicious, nerdy social reject, who also cheats/exploits any online game he plays?[/sarcasm]
<a href='http://www.btinternet.com/~trueziggy/dolphin.bmp' target='_blank'>so Ill let flipper decide</a>
HLDS will ban your IP after 3 incorrect rcon passwords. A brute force attack on HLDS just isn't feasible.
dont be stupid.
Cause that's happening to me right now <!--emo&:p--><img src='http://www.unknownworlds.com/forums/html/emoticons/tounge.gif' border='0' style='vertical-align:middle' alt='tounge.gif'><!--endemo-->
I can't authenticate, then it tells me it's out of date.
If not, then I'm guessing your WON ID was just lagging and was still remaining on WON Net after you got kicked out.
Get a firewall.
1)Something that will ask whether X program that wants to connect to the internet should be allowed to always do so.
and
2)A firewall that checks the version of the .exe(like a checksum for example), so crackers can't just replace your cleared .exe with their own backdoor. If the file has changed, you'll be notified and asked whether it should be allowed.
Kerio does these both. Just make sure that you have all other ports blocked off. That way anything that wants to connect to the net will have to go through you first. This way things like Mozilla and HL can connect, but ANYTHING else will be stopped without clearence first.
Get a firewall. <!--QuoteEnd--> </td></tr></table><span class='postcolor'> <!--QuoteEEnd-->
Listen very carefully, all of you. I'll type this slowly and spaced out.
You cannot access another clients IP address in a Half-Life game or mod without some form of admin or rcon access to the server.
Try reading my other posts in this therad to learn a little bit about what clients CAN do, and things they CAN NOT do thanks to the HL coding.
Weeeeeelll....
You can always convince the person to perform some dangerous activity on their own (click here for a rad screensaver!). We used to do this in CS:
beefhole: how do u cheat?
Me: You have to type "connect to cheats" in the console
beefhole has left the game
beefhole joined the game
beefhole: that didnt work
Me: You probably have anti-cheat binding on. Type "unbind all" in the console before you activate cheats, or the server will kick you
Regarding the OP's problem, the only way I can think of to work that would be to hax0r the server somehow. This would, in turn, give you the ability to send packets to some other player directly. But that would require a working remote sploit for both the HL server and the client. Which would be a non-trivial bit of code hacking.
Is it possible for admin's to actually run programs on your computer?
Is it possible for admin's to delete/corrupt .WAD files?
Last question,, how does WON Authentication work? Would it be possible (not me obv) to bypass this? As far as I can tell, it doesnt seem a verty secure system
Next time you should get their wonid or not bother posting. Also, as mentioned above, this should be reported in high detail to Valve. You should give them the max amount of info possible.
(BTW, since NS 2.0 does not have VAC support as of now, you can't have a global ban from VAC)
1) get the cheater's wonid if possible (or ip address)
2) try a multitude of different servers
3) see if anyone else is possibly using your cdkey
4) if all else fails, don't reformat, just go out to a game store and buy some cheap half life retail mod and get that CD key. My friend bought Gunslinger (or some geeky Western style Sci-Fi shooter based off of the Half Life Engine) Retail for about 2 bucks. I'd say a new cd key is worth 2 bucks.
Good luck!