[Tutorial] How to protect agsinst the SRCDS upload / download exploit

EDIT: nvm, valve released an update

This is only a temp fix till valve can update the engine, but it does the job.
What you need:

• SRCDS server
• engine.dll from \steamapps\<acc name>\garrysmod\bin (First GMod folder, not the usual one)

First shut down the server and make sure it all works. then go to .\orangebox\bin and backup engine.dll.

Replace the engine.dll file in .\orangebox\bin with the one from \steamapps\<acc name>\garrysmod\bin, overwriting the original.

Next open your server.cfg and make sure that “sv_allowupload” and “sv_allowdownload” are set to 0

Launch your server and try to exploit it yourself, if this worked then nothing will be written to the server and nothing will be downloadable.

Note: this breaks custom sprays.



Oops. Blog update.

Well, it’s been a while since my last post, so here is what’s happened.

HOLY SHIT IT’S CHRISTMAS!

My main pc carrys on as usual after the Win32.Virut infection a while back, i re-installed the few corrupted programs and all seems well.

Garry’s Mod is still as popular as ever, my server being almost full every day.

A new source dedicated server exploit is posted about by Garry himself.

[United|Hosts] DeathMatch [LotsaWeapons:PHX:FastDL] will stay online, and will be backed up every 3 hours in case the worst happens. A word of warning, ANY exploits against my server will mean a perm IP and SteamID ban. all IP’s and SteamID’s are logged.

/b/ is down again, nothing new there.

I wrote a script to check all Advanced Duplicator files for key items (the complete list is secret) and remove them. If your SteamID is one of those duping a banned item, you will be auto-banned.

The bouncy ball has been removed from my server because of continuous spamming.

How to survive Win32.Virut WITHOUT formatting

I recently got this very bad virus on my pc somehow. It’s a VERY bad one.

If you don’t know already, it infects all running EXE files and most of the EXE and HTML files on disk, and also connects to an IRC server to await commands. Even one infected file is enough to re-infect the whole system.

Most of the advice i got online was to nuke the HDD and reinstall windows. Remember, failure is always an option. Here’s how i did it without re-installing the OS or even booting from the windows CD.

You will need:
. Virus-free pc(s)
. Dr Web Cure-It
. Avast home
. Virus infected HDD(s)
. Windows CD of the same version installed, ISO image and an emulator work fine too.

Step one,
Remove the HDD from the infected PC and connect it via SATA or a USB-SATA adapter to a clean PC. eSATA and internal SATA are faster, USB works too but is slower.

Step two,
Run Dr Web on the whole drive from the other PC (this takes many hours, i have 138GB on C:\ and this took over 8 hrs), also note Dr Web sometimes does a BSOD on Windows 7.

(Dr Web can clean the files of the virus but leave the original file intact (most of the time))

Note: if you have multiple hard drives, run scans from multiple PC’s at the same time. i had 3 going for over 8 hours on 5 hard drives (2x per PC and one over USB on my laptop)

Step three,
After the Dr Web scan is complete, scan every drive again but with Avast.

Step four,
Replace HDDs, Power up, Hope.

If windows boots and all “seems” to work, run SFC /SCANNOW at a command prompt to verify all windows files. You will need your windows CD/mounted ISO at this point. If it keeps asking and doesn’t accept the CD and just keeps saying “Try Again” even if its there, then you may have to change these registry entries at:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup

Change SourcePath to the drive letter of the windows cd, example D:

And Installation Sources must contain the root drive of the windows cd, example D:

This is what i did and it seems to be COMPLETELY GONE. no iffy net connections, no mysterious CPU usage, all files scan clean on avast. Also clean on virustotal.com for a Dr.Web “cured” file that used to be infected.

Also note, some programs will probably be corrupted (Nero, AWIcons, DVDShrink, Nokia PC Suite are a few of the ones that got messed up) but these can easyly be re-downloaded again. MUCH better re-install 15 programs than reinstall the whole OS and over 100 programs.

HeX = 1, Win32.Virut = 0

:D

 

If you have any questions/problems just comment, i usually reply within the day.

MFSiNC’s Total WinXP WGA Crack Updated!

I have updated my MFSiNC’s Total WinXP WGA Crack! to version 3.1

See the page for more details.

Changelog: v3.1

• Added hosts file read-only check
• Added is IE installed check, made it use firefox if it’s there
• Added attempt to un read-only the hosts file if it’s read-only
• Cleaned up code

zServer.org

Just found this site. It’s AWESOME!

It hosts some great music, been downloading all day!

Goodbye MFSiNC.co.uk

My domain name is expiring in 27 days as of this post.

This means if you want to connect to my server you’ll have to use the DynDNS name of “gmod.game-host.org” instead of “gmod.mfsinc.co.uk”. This is permanent, i will not be renewing it.

Also this is probably the end of mfsinc.co.uk as no one will ever find gmod.game-host.org

I can’t embed scripts here, so check the countdown timer here

New pc update

My new pc is working fine so far, here are some random screenshots i took.

GMod at over 300FPS

Doing stuff with 0% CPU usage

New pc done!

My new pc is all done, now all thats needed is to copy over about 4TB of stuff from the old one. Also there are over 300 programs to reinstall :(

New pc parts

All parts for my new pc are here. Build starts Tuesday!

MiNGEBAG V2

Sorry i havn’t posted anything in the last few weeks, I’ve been really busy with my new pc.

I finaly orderd it! :D

<MiNGEBAGv2>

Arctic Silver 5 thermal grease

http://overclockers.co.uk/showproduct.php?prodid=AC-000-AC

£6.89

300GB WD VelociRaptor WD3000HLFS

http://overclockers.co.uk/showproduct.php?prodid=HD-238-WD

£170

Intel Core i7-950 3.06GHZ LGA1366 BX80601950

http://overclockers.co.uk/showproduct.php?prodid=CP-287-IN

£412

ASUS P6T Deluxe V2

(Difference between the boards:

P6T = One ethernet port

P6T Deluxe = Additional ethernet port + SAS controller + better looking heat sinks

P6T Deluxe V2 = Exactly same as the P6T Deluxe but without SAS controller.)

http://overclockers.co.uk/showproduct.php?prodid=MB-365-AS

£204

3gb Corsair Dominator DDR3 RAM

http://overclockers.co.uk/showproduct.php?prodid=MY-167-CS

£63.24

EVGA GeForce GTX 285 Superclocked 01G-P3-1181-AR

http://overclockers.co.uk/showproduct.php?prodid=GX-091-EA

£320

Corsair HX 1000W PSU

http://overclockers.co.uk/showproduct.php?prodid=CA-012-CS

£183

Creative Sound Blaster X-Fi Titanium Fatal1ty Pro

http://overclockers.co.uk/showproduct.php?prodid=SC-058-CL

£100

Antec 1200

http://overclockers.co.uk/showproduct.php?prodid=CA-102-AN

£140

=======

£1599

=======

Already got these the old pc:

2x LG DVD Burners

Zalman CNPS10x Extreme CPU cooler

Windows XP Home SP3 and legit license key

</MiNGEBAGv2>

A few Q+A’s:

• Why XP Home?

Well i like XP. Vista is shit, 7 is lots better, but XP still does everything i need it to.

• Why only 3GB RAM

A 32bit OS can only see upto 3.8GB of RAM, and i’m not going 64bit just yet.

• Why not a GTX295?

Source Engine. 95% of the games i play are Source Engine based, and Source is known for problems with multi-GPU cards. Much simpler to just buy the fastest single-GPU card i can get.

• Only a 300GB hard drive?!

Nope, that’s the Windows drive. I’m keeping all the drives from MiNGEBAG v1. Another vRaptor for games, and 3x 500GB WD Greenpower drives for data.

So that’s about it.