Search
Latest topics
GUIDs have mainly become unsafe.
+2
G0DZ|LLA
Dunciboy
6 posters
Page 1 of 1
GUIDs have mainly become unsafe.
Heist recently got his cd key stolen by someone so I'm quoting this text from the iceops community forum:
here is another quote with some tips from the iceops community:
With this new information it might happen that in the future some admin functions will require you to login and manuadminmod might become more as a part to allow vip functions to be used. what it does give as benefit that command that are executed will not be visible for other other players. more information will be given after my exams when i have more time to think of ideas or solutions.Hi!
As most of you are aware, 3xP has been stealing CD-Keys for quite some time now. Due to that (and to the ammount of the keys that have been stolen, which is said to be about 8k) we were forced to remove GUID authorization in the new CoD4X update. Instead of that, we are forced to use the new authorization system, which consists of register-login-like system.
Admins can be registered with authSetAdmin command (and removed with authUnsetAdmin), default power required is 95. Rcon has 100 power (max), so just use that
The admin can then login with the authLogin command, it is worth noting that failing to type the $ at the start might result in the command with the login and password appearing in the chat. We recommend either binding it to a key or disabling console chat server-side and admins typing it in the console.
The passwords are stored in nvconfig, they are salted and hashed. That means, the main admin is not able to see them at all.
A password can be changed with authChangePassword command.
Each admin is assigned a unique UID (for identification) and power.
The files are available on github, they are still under testing. As soon as they are stable we will add the new build to auto updater.
Even though this may seem unnecessary and uncomfortable, this is the only safe admin authorization method available at the moment.
here is another quote with some tips from the iceops community:
Well what was for long theoretical possible to program is ongoing now for some month in reality. However I unfortunately heard just yesterday about this 1st time from NNJ.
There are now indeed servers out there which are reading and storing your CoD4 CD-Keys.
One server which is doing this we are aware of is:
91.121.21.210:28968 - 3xp' 24/7 Nuketown TDM/SD
There maybe even more out there we don't know it.
Well I recommend to stay away from any server with the IP: 91.121.21.210 or "3xP" inside the name.
Also it is recommend to stay away from any server you don't trust when the following 2 conditions are met:
#1 It downloads any content to your PC
#2 You have a valid and legally bought CD-KEY entered in CoD4.
You can enforce such a policy by entering into console \cl_allowdownload 0
Or if you don't like console go from Main-Menu to: Options -> Multiplayer Options -> Allow Downloading
You have to do this whenever you join an untrusted server as this can got reset by any server.
How can I detect a cdkey stealing server ?
You can detect it on this way (However when you have detected it, it is already too late):
Whenever you have not opened the cdkey-dialog by self before but after you have joined a server the cvars cdkey1 - cdkey5
are set you have joined a server which did at least read your CD-KEY. You can check this by opening console and type only into it "cdkey". "cdkey1" - "cdkey5" will show up here.
So be careful now until there is a fix available.
Looks like they are doing it since August 2013 so it had happened for quite a long time already. (See attachment)
Adding evidence...
Extract the modfolder and play the demo inside the modfolder. If you are done with demo cdkey1 - cdkey5 will be set. This demo got recorded on this 3xP server of course.
Playing this demo won't expose your CDKEY to anyone if you quit your game after you have played the demo.
Attached Files
- cdkey_stealer.png 245.63KB 16 downloads
- ^73xp_^5promod.zip 7.1MB 46 downloads
Re: GUIDs have mainly become unsafe.
Dunciboy wrote:what it does give as benefit that command that are executed will not be visible for other other players.
I have been waiting this for so long. No more noobs complaining about "What is !a?" "Don't !a me?!" and people spamming the server with "!pl" whenever another admin does so.
G0DZ|LLA- Posts : 811
Reputation : 42
Registration date : 2013-09-30
Living place : COUNTRY OP
Re: GUIDs have mainly become unsafe.
well some functions are only possible with manuadminmod like !a but !pl won't be needed anymore you can use $ministatus now. after exams all the perms are gone be highly restricted on manuadminmod kicking, banning and temp banning will be done with this new system. all admins will get a login etc. This login also gives them an unique uid that they get assigned when they login. If i ban someone my uid will be inside the ban.
Heist to you i suggest you don't buy a new key since we are getting a new system you can use an illegal key code for all i care.
Heist to you i suggest you don't buy a new key since we are getting a new system you can use an illegal key code for all i care.
Re: GUIDs have mainly become unsafe.
Thanks for noting this up, I've been playing on their servers for the last few weeks and I really can't believe they're doing this. Shame on them.
vEEGAZ- Posts : 129
Reputation : 5
Registration date : 2013-06-23
Living place : Italy
Re: GUIDs have mainly become unsafe.
If 3xP' was a living person i would i kick them in the balls for doing this.
Sonic<3- Posts : 996
Reputation : 40
Registration date : 2014-04-26
Living place : 'Murica Fuck Yeah!!!
Re: GUIDs have mainly become unsafe.
Will do, Dunci, but can't you just unban my old key? They won't be able to do a lot of harm anyway. (Been looking on the internet for carcked keys, mostly guid spoofers, which I don't want to download)
Heist- Posts : 458
Reputation : 9
Registration date : 2013-06-03
Living place : Amsterdam
Re: GUIDs have mainly become unsafe.
I first need to think off things but yeah but you won't have any perms till i got the system ready.Heist wrote:Will do, Dunci, but can't you just unban my old key? They won't be able to do a lot of harm anyway. (Been looking on the internet for carcked keys, mostly guid spoofers, which I don't want to download)
Re: GUIDs have mainly become unsafe.
3xp' did that? thats just messed up....
Boss- Posts : 74
Reputation : 2
Registration date : 2013-06-28
Re: GUIDs have mainly become unsafe.
Heist wrote:Will do, Dunci, but can't you just unban my old key? They won't be able to do a lot of harm anyway. (Been looking on the internet for carcked keys, mostly guid spoofers, which I don't want to download)
Grab one from the key generators in the meantime. You can always buy a new key if you really want it, they're about 10 euro max.
G0DZ|LLA- Posts : 811
Reputation : 42
Registration date : 2013-09-30
Living place : COUNTRY OP
Re: GUIDs have mainly become unsafe.
Lol you would name your self 'UberHaxor' you damn kid.
Sonic<3- Posts : 996
Reputation : 40
Registration date : 2014-04-26
Living place : 'Murica Fuck Yeah!!!
Re: GUIDs have mainly become unsafe.
Great job, kid. Your mom must be very proud of you. I'll buy you a Happy Meal for this great achievement in your life.
G0DZ|LLA- Posts : 811
Reputation : 42
Registration date : 2013-09-30
Living place : COUNTRY OP
Sonic<3- Posts : 996
Reputation : 40
Registration date : 2014-04-26
Living place : 'Murica Fuck Yeah!!!
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum
Wed Mar 16, 2016 12:51 am by Dunciboy
» Got my driver license!
Sun Mar 06, 2016 6:47 pm by Heist
» When do I get my VIP?
Mon Jan 11, 2016 4:36 pm by Suroks
» Happy new year
Wed Jan 06, 2016 11:31 pm by Hade$ :3
» Admin clean up
Sun Dec 27, 2015 4:02 pm by Dunciboy
» Zombie server updated
Sun Dec 27, 2015 4:00 pm by Dunciboy
» Deathrun Map:mp_Deathrun_water
Sat Dec 26, 2015 9:12 pm by Ali Sajjad
» Searching active admins for zombie server
Sat Dec 19, 2015 11:13 pm by Suroks
» CS:GO Zombie Escape server ready for public
Fri Dec 18, 2015 11:28 pm by Dunciboy