View Full Version : Help
Death
July 1st, 2008, 03:04 AM
Im sure a lot of you already know about the program released that can bring down Halo servers just by hitting enter...well I'd hate to see Halo die that way. Me and some friends decided to petition and give it to gearbox and/or bungie to see if they'd do anything about it. Please sign :lol: http://www.ipetitions.com/petition/halo1patch If it doesn't do anything, then well big deal. But if it does then you'll be one of the people that helped revive a game. Thx, have a nice day.
EDIT: It asks for a donation after you sign, you can close the window when it comes to that, the signature has already been recorded.
SnaFuBAR
July 1st, 2008, 04:40 AM
old hack is old, old game is old and unsupported. you'll get nothing.
StankBacon
July 1st, 2008, 06:12 AM
old hack is old
this is a new version, just came out.
old game is old and unsupported. you'll get nothing.
correct, this game is finished... as i said on gbx, this is the final nail in the coffin.
:(
Omega
July 1st, 2008, 10:26 AM
An official patch is unlikely.. sigh. I tried to fix this bug myself and found a workaround. It seems to be stable against attacks and keeps the server functional. I'm going to test it some more today and make the code a bit better (I still have exams tomorrow too :/ .. so I don't know if have enough time today).
Anyway we can fix this ourselves if needed (hopefully). But then game servers will need to accept this "3rd party patch" ..
StankBacon
July 1st, 2008, 11:52 AM
if its just modifying haloded.exe, all wed need to do is upload the new "fixed" exe onto the gameservers ftp.
Masterz1337
July 1st, 2008, 01:02 PM
So 1.07 servers can now be crashed?
Jelly
July 1st, 2008, 01:08 PM
Yes. I wish I understood Halo and Haloded so I understood the source of this.
InnerGoat
July 1st, 2008, 01:49 PM
So 1.07 servers can now be crashed?Yeah we should all move to ce 1.0 now
NullZero
July 1st, 2008, 02:55 PM
Apparently:
I wouldn't suggest doing this at all. Nuclearfallout has already began taking action by prosecuting the "children" who are as they put "interrupting our business" with lawsuits of $1000s and Legal Fees. The vulnerability makes the cpu 100% causing all other games hosted to crash. Which causes massive cash loss to them.
Freewebs has already disclosed the owners of a site that details how to do this, and two people are now facing jail time.
Furthermore, it has been released that the file also contains a very expertly embedded key logger and leecher. If you have this he probably now has all your information.
When this file is used it doesn't mask anything about you. It was not made to. It sends malformed packets that come from your connection that link you to the server that they are using to trace the people who are responsible for the attacks.
Lateksi
July 1st, 2008, 03:28 PM
I saw this same thread on the Bnet "Maw" forums. And they gave those exactly same answers.
Too bad :ยด(
InnerGoat
July 1st, 2008, 03:29 PM
:)
stankpot
July 1st, 2008, 03:42 PM
Yeah we should all move to ce 1.0 now
lmao
but as bacon said, final nail in the coffin
sup steam games
Kornman00
July 1st, 2008, 04:28 PM
Apparently:
:lol:, key logger, what morons. but then again, it would be only script kiddies using this shit, so I know they have them shaking in their high chairs over saying that.
also, you people jump the gun far too much
stankpot
July 1st, 2008, 04:35 PM
u havent seen all the regular pc people lol
NullZero
July 1st, 2008, 04:54 PM
:lol:, key logger, what morons. but then again, it would be only script kiddies using this shit, so I know they have them shaking in their high chairs over saying that.
also, you people jump the gun far too much
Is it actually possible to embed a key logger or leecher (what the hell is a leecher?) in a cmd script?
I quickly scanned the code and couldn't find anything like it. About the only thing the companies can do is find out your IP?
Omega
July 1st, 2008, 05:56 PM
http://www.megafileupload.com/en/file/317067/haloloop2fix-rar.html
I quickly made this. Hopefully it works properly. If it works, spread the file/word. If it doesn't, SHHHHHHHH!!
Edit: Oh and use at your own risk.
kid908
July 1st, 2008, 06:05 PM
About the only thing the companies can do is find out your IP?
i believe they can also get all your infomation.(not sure)
@Omega how do we test it out? do we try to crash a server or what?
Omega
July 1st, 2008, 06:12 PM
how do we test it out? do we try to crash a server or what?
Just start a server on your own computer and attack IP 127.0.0.1 (= always ip of your own computer).
Fix should work, I just didn't have a lot of time to make and test it.
Cortexian
July 1st, 2008, 07:49 PM
Your patch does not work Omega. I've used PPF-O-MATIC before, so I know I did the patch right. I have my hands on the crash script as well, and I notice that if you change your server from the default port (2302) to something else (I used 2304), the script does not work.
Now, most of the script "instructions" don't tell you how to target a certain port, but anyone with any type of command line experience can figure out how...
yankeezfan
July 1st, 2008, 07:51 PM
this kidz dum
Syuusuke
July 1st, 2008, 08:26 PM
It only attacks haloded.exe right?
Not your selfmade server?
SnaFuBAR
July 1st, 2008, 08:35 PM
It only attacks haloded.exe right?
Not your selfmade server?
The vulnerability makes the cpu 100% causing all other games hosted to crash.
.
p0lar_bear
July 1st, 2008, 08:39 PM
It sends a bad packet to the server, which causes it to loop infinitely.
If it uses the code for haloded.exe v1.00.07, then it's going to fuck up.
Cortexian
July 1st, 2008, 09:03 PM
OK well, my dedicated server is version 1.07 (newest) even with this "patch" that Omega created, I was able to crash my server 3/3 times.
I double and tripe checked that I had followed his instructions to the letter.
t3h m00kz
July 1st, 2008, 10:23 PM
so THIS is what happened to CMT BanFree.
Heathen
July 1st, 2008, 10:29 PM
This sounds like it could be bad...
Also, whats with the phone avis >:[
Syuusuke
July 1st, 2008, 10:31 PM
.
Oh right. :foreheadbash:
Cortexian
July 1st, 2008, 11:29 PM
Also, whats with the phone avis >:[
Yea, seriously... Any progress on the fix though?
Omega
July 2nd, 2008, 02:04 AM
OK well, my dedicated server is version 1.07 (newest) even with this "patch" that Omega created, I was able to crash my server 3/3 times.
I double and tripe checked that I had followed his instructions to the letter.
Hmmm. Well I was able to test in on 2 computers and it seemed to work. Both winxp sp2. Are you using Vista or another OS?
Ah your profile says "Windows Vista Ultimate". Try running in compatibility mode with winxp? Because of Vista the value of a register probably changed somewhere, and it's not detecting the loop. The patch tries to be quite sure it's a real infinite loop instead of normal data ... maybe a bit too sure to work on Vista.. >_>
If that works, I'll have to update it so it works in general with vista too, instead of the "compatibility" trick.
edit: After some searching it seemed it worked for someone at gameservers.com :)
NullZero
July 2nd, 2008, 03:05 AM
Apparently, this fixes the haloloop2:
http://www.filedropper.com/halo2boomfixedexe
Omega
July 2nd, 2008, 03:13 AM
Apparently, this fixes the haloloop2:
http://www.filedropper.com/halo2boomfixedexe
They simply applied my patch to the haloded. But of course they didn't say that in the readme. :rolleyes:
Kornman00
July 2nd, 2008, 06:25 AM
Hmmm. Well I was able to test in on 2 computers and it seemed to work. Both winxp sp2. Are you using Vista or another OS?
Ah your profile says "Windows Vista Ultimate". Try running in compatibility mode with winxp? Because of Vista the value of a register probably changed somewhere, and it's not detecting the loop. The patch tries to be quite sure it's a real infinite loop instead of normal data ... maybe a bit too sure to work on Vista.. >_>
If that works, I'll have to update it so it works in general with vista too, instead of the "compatibility" trick.
edit: After some searching it seemed it worked for someone at gameservers.com :)
I know they had to release a different haloce 1.07 build just for Vista. If the same had to go for the dedi exes, the addresses of the code you're trying to patch may be different.
Omega
July 2nd, 2008, 07:44 AM
Ahh I never knew about a haloce vista patch. Thanks for the info kornman.
And I just realised I forgot something though.. I only made a patch for the halopc server, not for haloce. Anyway, I have more time now, so I think I'm going to make a real patcher instead of ppf files. And better loop detection maybe, we'll see :)
NullZero
July 2nd, 2008, 11:22 AM
Does the patch work though?
StankBacon
July 2nd, 2008, 11:43 AM
not for CE.
Cortexian
July 2nd, 2008, 04:10 PM
Ah, my server is a CE server so this is probably why it won't work ;). My "server" is running Windows XP (until I can "get my hands on" a good version of Windows Server 2008) so that was not it either.
Limited
July 2nd, 2008, 04:11 PM
Which server allows aimbotters? Maybe we should get a lil revenge.
Also, seriously why'd you post this info here? Do you seriously think it will help letting everyone know theres a crasher?
Oh well, the damage is already done.
Cortexian
July 2nd, 2008, 04:30 PM
Which server allows aimbotters? Maybe we should get a lil revenge.
Also, seriously why'd you post this info here? Do you seriously think it will help letting everyone know theres a crasher?
Oh well, the damage is already done.
People were spamming their Xfires and spamming it in-game already, I don't think posting it here had much of a negative affect.
t3h m00kz
July 2nd, 2008, 07:45 PM
Which server allows aimbotters? Maybe we should get a lil revenge.
fuck you I miss banfree CMT :saddowns:
StankBacon
July 3rd, 2008, 05:13 PM
patch for both games by the guy that worked on halo pc.
details here.
http://www.bungie.net/Forums/posts.aspx?postID=22895922&viewreplies=true
w00t
Limited
July 3rd, 2008, 06:16 PM
Least someone who created the game still cares :) kickass, this also means the aimbots wont work :) Thanks for the update on the update bacon.
StankBacon
July 3rd, 2008, 06:35 PM
this also means the aimbots wont work :)
how do you figure?
-edit- hmm, just tested, CE exceptions as soon as you open the lamebot.
this will be fucking sweet when this gets made a required update.
Limited
July 3rd, 2008, 06:56 PM
how do you figure?
-edit- hmm, just tested, CE exceptions as soon as you open the lamebot.
this will be fucking sweet when this gets made a required update.
Well the offsets are different, it does mean all the other trainers wont work, like bitters dev mode and all that stuff.
Didnt realise it would exception though, even better :D
NullZero
July 3rd, 2008, 07:49 PM
FUCKING AWESOME!
Sorry, brain hype.
Apoc4lypse
July 3rd, 2008, 08:13 PM
wow thats awesome... they actually plan to make one last update. :)
Thought this was interesting...
Here's an interesting stat: There have been 96152 unique Halo PC users in online multiplayer in the past 30 days! (That's the number of unique, legit "yellow sticker" CD keys seen online). This game certainly lives on.
Syuusuke
July 3rd, 2008, 08:25 PM
Is that the same observance they made a few months ago?
Anyway, can someone link me to that haloboom for 1.07? I want to check if it works for Vista, assuming no one else has (and someone asked to check if it worked on Vista.) I can't seem to find it by googling.
Nevermind!
Yelo won't work with that new version, but some other programs do =)
jngrow
July 5th, 2008, 02:00 AM
HOLY SHIT WE NEED TO GET THAT 96k TO MOVE ON TO CE...
Man, it's funny to see support for this game outlast H2V.. at least a dev or two are still allowed to revisit this in their free time.. H2V was just like, mega shut down.
Heathen
July 5th, 2008, 09:14 AM
Really? They dropped h2v? So they knew it was a flop also?
Also, bitters dev no longer works? That kinda sucks.
NullZero
July 5th, 2008, 10:08 AM
I, Luigi Auriemma, usually don't reply in forums on which people talk about my research in fact the only time I did it was when I posted the links to my haloboom and haloloop patches for 1.04 in the Gearbox forum (yes I'm the author of these patches which move all the servers on which you play with your 1.04 versions, surprised?).
But in the last week I have had the occasion to read so much stupid comments, idiocies and other wrong and absurd things about me and my research that was impossible to ignore them.
I will go in order and this post will be long, so would be useful if you want to link it EVERYWHERE there is a direct or indirect discussion about my stuff.
First would be useful to stop to define "exploit" my research, the fact that not all the people have the technically skills and the background to understand something (and security is not something easy to understand) doesn't mean that they must offend the others.
These codes with these strange names are just open source GPLed proof-of-concepts which in full disclosure are required for demonstrating a vulnerability or an idea about a possible problem and are usually used by the other people in my same field (security/bugs researching) for confirming and consequently indexing the vulnerabilities and naturally by the same admins or the people who use one of the vulnerable products to test if and how much critical is the problem.
Just FYI I have found hundreds of vulnerabilities in any game and non-game software (Apache, MySQL, Emule, Utorrent and so on), everything is documented on my websites and the hundreds of mirrors and security websites everywhere in the world.
Like anything in the world (for example the knives you use to cut your food) also my research can be used in malicious way and naturally I can't control this. That's why in my field is important to be neutral and thinking only to my research moreover if there is the experience that help to understand what is good and what isn't.
Now, about "halofp" probably if instead of wasting your time in useless comments you had a bit of brain you had the occasion to search on Internet and see that:
- the fake players is a type of bug (not really a security vulnerability but a design bug) which has been found and researched by me since the 2003 and is highly documented with informations about what causes this problem and how to solve it
- the so called "halofp" exists from the 15th April 2005
Yes the far 2005, but probably nobody of you heard about me just because Bungie has never credited me in its patches they released for the vulnerabilities I found in the past and which were reported to them BEFORE the releasing of my public advisories.
But why I have spent time to contact the developers and waiting months before the releasing of informations about a security vulnerability found by me without being credited if some idiots think that I want to "ruin" their community?
And moreover why I need to ruin a game that I don't have?
I have played Halo only on Xbox with a friend of mine many years ago and was very funny, probably the best FPS I have played on this console.
The strange thing is that was enough to search on Internet something about the person who found these security vulnerabilities to know the answers to these questions but as usual the lazy people prefer to insult the work of the others instead of spending one minute on Internet and using their brain.
Anway I can do nothing except writing this post which probably these same people will never read.
Now, why all these old research has becoming so (in)"famous" only now?
The fact is that seems that someone had the ehmmm "great" idea to spread the words about the malicious usage of my research with links to my primary website... the only good things I see in this is that at least he credited me (credited for something showed as bad is not a nice thing) and naturally that the "haloloop2" bug has been fixed in less than a week.
I have talked about primary website since all my research is decentralized on some official mirrors and hundreds of security websites located in any part of the world (packetstorm and its mirrors for example), and I'm in the security scene by over 6 years ever on the same websites (feel free to check on http://www.archive.org/web/web.php) just to show you the genuinity of my research and my experience in this field.
I have read about people talking about shutting down my website (what of them???) but, trust me, nobody can be so stupid to try something similar first for the reason I have explained before, then because it's only a personal page written in a technical way (for people in my same field) and last because I don't want that all the Halo community must pay for the actions of some stupid individuals (moreover because I personally know some Halo admins and players which are very very good people) and although I can promise that I will never react to such actions I must also alert you that exist other critical vulnerabilities not yet disclosed which have been found by me in Halo.
I repeat, I have NEVER and NEVER will abuse of my stuff since I do only research but I'm human like any of you...
I hope my message is clear and anyone has understood it clearly and, consequently, wants to spread the word.
About the new vulnerabilities I was talking: some minutes after the releasing of the new 615 hotfix I have found a new loop vulnerability and I have quickly contacted Roger Wolfson about it and he has the new proof-of-concept in his hands (NOBODY else has informations about this bug).
Unfortunately he is now travelling and he will be able to put the hands on a new possible fix only after one month.
Naturally I will wait the releasing of the hotfix for releasing these informations, so don't ask about details.
If something is not clear feel free to contact me or you can continue the discussion here or on the thread on my forum opened just for the discussion about the Halo loop vulnerability:
http://aluigi.freeforums.org/haloloop-again-t404.html
I would also be happy to comment technically the vulnerabilities (moreover halofp which is very interesting, for example why someone without a valid cdkey can fill a Halo server?) and how to protect yourself and consequently taking actions versus who is exploiting them, but it's all up to you so let me know if you are interested and I will continue my discussions here.
And remember that knowledge and true informations are the only things in which you must trust and which can help since the disinformations which some ignorants (admins, attackers and players) are doing causes only worst effects.
/messageistooshort
Ki11a_FTW
July 5th, 2008, 11:06 AM
Wow. I am very happy to see there going to make one last required update for Halo and Halo CE ;-)
Apoc4lypse
July 6th, 2008, 04:34 PM
lol...
3 years ago when I found the so called haloloop and haloboom bugs I exchanged AT LEAST (so this is the minimal amount) 20 mails with my contact there and the conclusion was that after one or two months that the bug was reported and I really annoyed them with my mails about updates I released the advisory before the releasing of the 1.07 patch which luckily happened later (without receiving thanx in the changelog or from the community).
But it's useless to talk about these things since the end-users are the only which can change something, I can do something with my advisories (the classification and pubblication of the bugs as security vulnerabilities is a big step) but naturally it's up to the users contacting the developers and saying "come on, patch it!"
When the publisher sees hundreds of paid consumers angry for the lack of support of their products be sure that something usually changes.This uh.. aluigi or what ever hes called sounds wierd... kind of scares me.
He discloses information about vulnerabilities because people refuse to fix them.
If it ain't broke, don't fix it, and certainly don't show people how to break it XD
At the same time my "bullshit" sensors are kind of going off, mostly because of his terrible grammar and word usage, he might be foreign though. Sounds like crazy talk.
I can understand doing that research to better something, but to actually release information on how to break something simply because you want someone to do something about it is just plain retarded. Let them patch it when the problem actually occurs, don't cause problems just so they can be fixed you moron.
Idgi... to me it sounds like bull though, or a cover-up.
E: Yea.. I hate this guy... just checked his main page... he calls his little experiments "proof-of-concepts" basically small applications that can take advantage of bugs and vulnerabilities in applications... he has quite a few XD and there probably riddled with god knows what and malicious software...
All I see is a page with downloads for bug-hacks and malicious software... bunch of bull what he said about research imo tbh.
SnaFuBAR
July 6th, 2008, 05:48 PM
exactly what i was thinking
p0lar_bear
July 6th, 2008, 10:44 PM
I can understand doing that research to better something, but to actually release information on how to break something simply because you want someone to do something about it is just plain retarded.Ever heard the saying "the squeaky wheel gets the grease?" If I've learned one thing about anything in life, is that nobody will ever do anything unless someone makes a problem of it. If Luigi went to the developers of the programs saying what was wrong, chances are he would either get ignored or they'd just be like "yeah ok nobody else will find this so go away."
Think about it. If this guy truly was doing it just to be a dick, would he actually release technical information on the vulnerabilities? Hell, would he even release the applications?
Powered by vBulletin® Version 4.2.5 Copyright © 2024 vBulletin Solutions Inc. All rights reserved.