Renegade Public Forums
C&C: Renegade --> Dying since 2003™, resurrected in 2024!
Home » Renegade Discussions » Mod Forum » SSAOW 1.4.2 feature suggestion
Re: SSAOW 1.4.2 feature suggestion [message #188284 is a reply to message #188262] Fri, 03 February 2006 06:08 Go to previous messageGo to previous message
=HT=T-Bird is currently offline  =HT=T-Bird
Messages: 712
Registered: June 2005
Karma:
Colonel
theplague wrote on Thu, 02 February 2006 23:06

=HT=T-Bird wrote on Thu, 02 February 2006 20:57


The privlege to use ReadProcessMemory () is often denied in server configurations because it can introduce a serious security hole (reading your auth password out of the bot's memory would be bad, wouldn't it?)


are we still talking about server side here? dosn't the people configgering the FDS already know their own passwords? or are you talking about remotly?



If someone was able to inject code remotely (buffer overrun/format string vulnerability ANYWHERE on the server) they could have your auth password if ReadProcessMemory () was allowed... Wow Shocked The Bomb

p.s. isn't the chat in Ren sent as cleartext (f2,f3,pages)?


HTT-Bird (IRC)
HTTBird (WOL)
Proud HazTeam Lieutenant.
BlackIntel Coder & Moderator.

If you have trouble running BIATCH on your FDS, have some questions about a BIATCH message or log entry, or think that BIATCH spit out a false positive, PLEASE contact the BlackIntel coding team and avoid wasting the time of others.
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: drop-offs?
Next Topic: where do i get fds
Goto Forum:
  


Current Time: Wed Dec 11 20:25:07 MST 2024

Total time taken to generate the page: 0.00795 seconds