[UPDATE:] After Sauerworld contacting the crapmopd maintainer, the exploit is fixed now. Still interested in what happend? Click read more.
The Crapmod masterserver can be tricked into executing arbitrary Cubescript code on your machine. Therefore it’s possible to steal configs, including authkeys, accounts/passwords and what ever you have in store.
FIX:
If you are still using the Crapmod masterserver, please revert this change by issuing: /mastername master.sauerbraten.org
Crapmod is a secondary masterserver, next to the good old master.sauerbraten.org. It has been around for quite some time now and is mainly used because it doesn’t put any restrictions on the servers it listed. Friends of popular non-sauerbraten native modes (like Hide and Seek) could therefore select those servers direclty from within the serverbrowser.
But Crapmod didn’t stop there, it also shipped a custom serverbrowser with it’s masterlist and it’s this feature which can be exploited.
This might be old news to some of you, but the recent incident on sunday, when the /dev/servers were shutdown with the help of a stolen, local authkey, screams for yet another warning.
The Sauerworld crew has notified the maintainer of crapmod about the exploit and it has been fixed immediately! So we are proud to announce:
Do use Crapmod again!
Let us know in the comments below if you ever used another mastersever, or what you think about the restrictions of servers on the masterlist?
And what do you think about collect-mode being included into sauer, instead of the very popular Hide and Seek?
Easy exploit, easy life.
Small penis, STILL small penis.
I do not use anti-virus software since I left Windows XP. Am I in danger?
nope
but efficxman is in danger
Are People actually still playing hide&seek?
Yes, we do :P
Pls inform me for the next sessions I would love to play some h&s again
In my opinion;
Servers should be restricted to 16 players max.
This once was a standard and maps actually played very smooth that way.
Having a modified gamespeed seriously sucks and makes the game really boring.
Hide and Seek is a corrupted mode which tend to end far too quickly.
A predecessor of Hide and Seek was assassin; where you had to kill red or neutral coloured opponents to win. This made you go look for your opponents as they change colour upon spawning (so the first moment someone is your teammate, after being killed, he can spawn as your opponent or assassin).
“Servers should be restricted to 16 players max.”
Finally we agree on something!
You are exclusively complaining about everything lol
That’s your opinion, like that was my opinion.
if you talk about ‘playing’ player count, then i could agree, but there are often >8 spectators when we do 4v4 games…. sooo naaaw, that ain’t gonna happen dude…
again a token of your ‘gameboyness’
It is the amount of players which are actually playing which was meant, if it wasn’t obvious enough.
Nice off topic shit..
do you even read?