elfprince13 wrote:
DShiznit wrote:
I can tell that's BS because neither fps/server/scripts/allowHSmod.cs or fps/server/scripts/settings.cs exist, so that line, if it existed could do precisely d!ck.

What's the earliest TBM release you have (pre-1.6)? Everyone acknowledges that any exploits that existed were removed in subsequent versions after the sh!tstorm.


Except that no version of any mod that I know of adds any files to the fps directory, which it would need to do in order for those files to exist.
It doesn't matter if they pre-existed if the exploit command created them Wink
That's true, but then doing anything to them would have no effect on the game since it's the exploit script that created them in the first place.
DShiznit wrote:
That's true, but then doing anything to them would have no effect on the game since it's the exploit script that created them in the first place.


I don't think you get how that works. If I can write arbitrary code to a file on your client and get your client to execute it, I can make your game do anything I want it to. I have no idea what it was used for while it existed, but the truth is that it is an exploit, and has the potential to be used quite maliciously.
Well there's the thing, the client needs to execute it, and as far as I know the exploit couldn't cause the client to execute the code. What this looks like to me is a proof-of-concept for a remote-override exploit that was never developed past that point. A bit devious, sure, but nothing really harmful.
DShiznit wrote:
Well there's the thing, the client needs to execute it, and as far as I know the exploit couldn't cause the client to execute the code. What this looks like to me is a proof-of-concept for a remote-override exploit that was never developed past that point. A bit devious, sure, but nothing really harmful.

Quote:

There are 5 modes:

0 - Open file for output
1 - Write line to file
2 - close file
3 - execute file
4 - Open file for append


And I agree, I don't think this was ever intended to do anything really harmful, or - given Torque's relatively well-sandboxed nature - done anything really harmful. But it would have given anyone who connected to a TBM server the ability to execute arbitrary code on the server.
So all it basically was/is was an Eval mod?
Jimmg wrote:
So all it basically was/is was an Eval mod?


If by "eval mod" you mean a modification designed to evaluate a possible exploit, then yes, I believe so. But I also find it odd that an experienced coder would actually name something like this "servercmdexploit".
  
Register to Join the Conversation
Have your own thoughts to add to this or any other topic? Want to ask a question, offer a suggestion, share your own programs and projects, upload a file to the file archives, get help with calculator and computer programming, or simply chat with like-minded coders and tech and calculator enthusiasts via the site-wide AJAX SAX widget? Registration for a free Cemetech account only takes a minute.

» Go to Registration page
Page 2 of 2
» All times are UTC - 5 Hours
 
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

 

Advertisement