Rcon Hacked from Server

Shakall

Junior Member
Joined
Dec 18, 2008
Likes
0
#1
Hello people.
I Have an cod2 server whit PAM Mode 2.03 but a problem.
Somebody hacking my Server over the rcon because they change the name of the server and all settings give he free.
I must change my rcon pass to make it better but after pair days its the same.
Is there an Exploit so that he can make it or how can i make it to stop him ?
Best Regards
Shakall
 

romeozor

Senior Member
Joined
Dec 12, 2006
Likes
0
Location
Hungary
#2
the mod's been out for ages and i haven't seen anything what you described. try changing mods (something different from pam) and see if it still happens.
 

hypepl

Junior Member
Joined
Jul 10, 2008
Likes
0
Location
Charlotte, NC
#4
PAM2.03 was updated to PAMD1.05 (latest).

I would be interested in knowing if the upgrade changes anything for you. I got a feeling someone might have access to the game control panel like TCADMIN rather then just the rcon.
 
Joined
Oct 11, 2009
Likes
0
#5
you dont have your server.cfg in the redirect for downloads do ya? i have found countless ones on google where people put the cfg in the redirect.
 

Shakall

Junior Member
Joined
Dec 18, 2008
Likes
0
#6
No i dont have it.
I have now changed to PAMD1.05 and for now its ok but i will say it to you all in pair Days.
Thanks for the help.
I hope this was it whit pam 2.03
 

Shakall

Junior Member
Joined
Dec 18, 2008
Likes
0
#7
The same Thing everytime.
I dont know what i must make because they change everytime my settings and name of my Server as they set a Password so that the people cant yoin intoit.
Please said me what can i do ?
Best Regards

P.S. I have a root access on the server also no TCAdmin or so.
 

Shakall

Junior Member
Joined
Dec 18, 2008
Likes
0
#8
I have look on my logs and find this :

Bad rcon from 91.150.120.135:28799:
status
Bad rcon from 91.150.120.135:28799:
dvarlist
Bad rcon from 91.150.120.135:28799:
fdir

I dont understant how he can make this commands because he dont have the rcon password.
 
Joined
Oct 11, 2009
Likes
0
#9
he isnt actually succeeding. he trys but thats why it says "bad rcon"

anyone can try to use rcon on any server. but that guy dont have the right rcon pw
 

theMechanic

Senior Member
Joined
Nov 2, 2003
Likes
0
#10
are you sure your the only one that has access to your FTP or gamepanel, or both?

try changing your passwords to those.
and make sure you only have game files loaded on there and nothing thats not supposed to be there.
 

Shakall

Junior Member
Joined
Dec 18, 2008
Likes
0
#11
I have only root access on that server.
NO FTP downloads and no WWW downloads are on.
There are only the standard maps and PB working not more.
I have changed my password many times and the password have only my cousine and me nobody else.
I have now put my password whit numbers and letters in it.
I hope now its better but how long :(
My friend have a COD4 Server and the same problem.
 
Joined
Oct 11, 2009
Likes
0
#12
Bad rcon from 91.150.120.135:28799:


bad rcon means he dont have the rcon passwords... unless there are tons of this in logs and he is trin to brute force it i wouldnt worry bout it
 

master0

Junior Member
Joined
Mar 4, 2010
Likes
0
#13
had the same problem but after some search i find out that if your server is allowing downloads by command sv_allowdownload 1 then they can download almost anything from server. so better turn it off and if you have some mods or maps just use redirect link. ;)

but now i am dealing with something new and i need some help. there are some console commands that a spectator is using with no rcon and can make server restart. i dont know if other commands can be executed but this is happening for real.

anyone have some info?

thanks
 

Shakall

Junior Member
Joined
Dec 18, 2008
Likes
0
#14
I have FOUND IT !
Rename your cfg file in whatelse.cfg
Put it in the start parameter and disable client console for the game.
That is it.
 
Top Bottom