RCON Hacked - Bot attack ?
#1

Well today is the firt day my server is hosted on fractal-hub and i've got my rcon hacked.
The rcon was the default one the gave me(a random one).

Logs:
Код:
[15:29:09] BAD RCON ATTEMPT BY: 92.96.44.43
[15:29:09] BAD RCON ATTEMPT BY: 92.96.44.43
[15:29:09] BAD RCON ATTEMPT BY: 92.96.44.43
[15:29:09] BAD RCON ATTEMPT BY: 92.96.44.43
[15:29:09] BAD RCON ATTEMPT BY: 92.96.44.43
[15:29:09] BAD RCON ATTEMPT BY: 92.96.44.43
[15:29:09] BAD RCON ATTEMPT BY: 92.96.44.43
[15:29:09] BAD RCON ATTEMPT BY: 92.96.44.43
[19:08:58] Incoming connection: 84.72.12.98:62533
[19:08:58] [join] Steazy has joined the server (0:84.72.12.98)
[19:10:30] [part] Steazy has left the server (0:1)
[19:34:05] Incoming connection: 84.72.12.98:57835
[19:34:06] [join] Steazy has joined the server (0:84.72.12.98)
[19:34:31] sscanf warning: Strings without a length are deprecated, please add a destination size.
[19:35:20] sscanf warning: Format specifier does not match parameter count.
[19:35:23] [chat] [Steazy]: d
[19:35:37] sscanf warning: Format specifier does not match parameter count.
[19:35:44] sscanf warning: Format specifier does not match parameter count.
[19:35:47] [chat] [Steazy]: d
[19:35:51] [chat] [Steazy]: ! lol
[19:35:56] [chat] [Steazy]: #lol
[19:36:02] sscanf warning: Strings without a length are deprecated, please add a destination size.
[19:36:32] [chat] [Steazy]: #lol
[19:36:33] [chat] [Steazy]: +lol
[19:39:13] sscanf warning: Strings without a length are deprecated, please add a destination size.
[19:39:15] sscanf warning: Strings without a length are deprecated, please add a destination size.
[19:41:14] sscanf warning: Format specifier does not match parameter count.
[19:41:16] sscanf warning: Format specifier does not match parameter count.
[19:41:19] sscanf warning: Format specifier does not match parameter count.
[19:41:22] sscanf warning: Format specifier does not match parameter count.
[19:41:33] [death] Steazy died 255
[19:42:19] Administrator Steazy has banned Steazy for bb(Date: 2014/6/5 at 19:42:19)
Normally when someone fails to login to the rcon , the player name is given on the console , but now , it only shows the IP . After that , a player steazy joined and made his self a level 5 admin . Then he banned his self.

What happend ?
Reply
#2

this isnt trust host
Reply
#3

Quote:
Originally Posted by Kinglee
Посмотреть сообщение
this isnt trust host
Well , im delighted now .
Anyone else?
EDIT: From some posts i've seen , its a flood attack . I can confirm its a flood attack since my server went offline .
Reply
#4

Add:
pawn Код:
rcon 0
in server.cfg to disable RCON remote control.

Quote:
Originally Posted by Johnson_Brooks
Посмотреть сообщение
The rcon was the default one the gave me(a random one).
As for in-game rcon attempts, you can often change your rcon password (just for security).

PS: You need to fix the sscanf warnings by the way.
Reply
#5

Quote:

Then he banned his self.

I am LOLING!
Reply
#6

Yea it's probably a RCON Flood attack, just disable RCON in your server.cfg by adding
rcon 0
Reply
#7

Quote:
Originally Posted by Kinglee
Посмотреть сообщение
this isnt trust host
That's a useful response...

Anyway for the time being you should just disable the RCON and it only shows the IP because you are able to access RCON without being in game. Another thing you should look into is having 2 RCON passwords, one of which is script side; this can help to prevent any future problems.
Reply
#8

Quote:
Originally Posted by NewerthRoleplay
Посмотреть сообщение
That's a useful response...

Anyway for the time being you should just disable the RCON and it only shows the IP because you are able to access RCON without being in game. Another thing you should look into is having 2 RCON passwords, one of which is script side; this can help to prevent any future problems.
How can i set 2 rcon passwords?
Between , it happend again 5 mins ago .
Same IP .... the server crashed .... i restarted it .
I think i have a solution .
2 rcon passwords as you said & ban the player upon rcon login (success or !success with result in a ban saying "Surprise motherfucker");.

Anyways how can i add a second password?
Btw if i set the rcon_password to 0 rcon_password 0 when i type /rcon login 0 , i can login normally like and 0 is the pass
Reply
#9

Quote:
Originally Posted by Johnson_Brooks
Посмотреть сообщение
How can i set 2 rcon passwords?
Between , it happend again 5 mins ago .
Same IP .... the server crashed .... i restarted it .
I think i have a solution .
2 rcon passwords as you said & ban the player upon rcon login (success or !success with result in a ban saying "Surprise motherfucker");.

Anyways how can i add a second password?
Btw if i set the rcon_password to 0 rcon_password 0 when i type /rcon login 0 , i can login normally like and 0 is the pass
Consider reading this post: https://sampforum.blast.hk/showthread.php?tid=499455
Reply
#10

Quote:
Originally Posted by Johnson_Brooks
Посмотреть сообщение
How can i set 2 rcon passwords?
Between , it happend again 5 mins ago .
Same IP .... the server crashed .... i restarted it .
I think i have a solution .
2 rcon passwords as you said & ban the player upon rcon login (success or !success with result in a ban saying "Surprise motherfucker");.

Anyways how can i add a second password?
Btw if i set the rcon_password to 0 rcon_password 0 when i type /rcon login 0 , i can login normally like and 0 is the pass
put rcon 0 in server.cfg
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)