An attacker can also send malicious, fragmented packets from a client to crash or compromise the servers. Denial-of-service flaws can be exploited to crash servers at regular intervals for large gaming communities.
#NEXUIZ CLASSIC SERVERS DOWNLOAD#
Download a new map from the server? Bam! An attacker might have maliciously “customized” the map.
#NEXUIZ CLASSIC SERVERS CODE#
If you joined that server, it “ would allow him to compromise the computers of any players that join his rogue server by exploiting one of the remote code execution vulnerabilities present in the game engine.” Other times, just querying that server would allow an attacker to exploit vulnerabilities. “There are four different issues affecting the Hydrogen Engine,” they wrote, before discussing flaws to exploit Breach.Īn attacker could setup a rogue server that shows up in the database of available game servers. The research paper states, “There are two vulnerabilities in CryEngine 3 due to improper handling of fragmented packets via CryEngine.” And Atomic Games Hydrogen Engine ironically runs games such as Breach. The presentation slides dived into zero-day vulnerabilities to exploit CryEngine 3, which runs games like Crysis (2 & 3). It also showed a code example that could exploit Nexuiz Classic that “uses DarkPlaces engine, a significantly modified Quake engine." “In Quake Wars, the function is called in a bad way on the client-side,” but “in Brink the function is called in a bad way on the server-side.” The Id Tech 4 game engine for Doom 4 could allow a server-side stack-based overflow. According to the research paper, Doom 3 is not affected by the same id Tech 4 engine issues that allow customized versions for Enemy Territory: Quake Wars and Brink. Id Tech 4, better known as the Doom 3 engine, runs games such as Quake 4, Prey 2, Doom 3 and Brink. In ReVuln’s Game Engines: A 0-Day’s Tale, the researchers wrote, “Monday Night Combat is based on Unreal Engine 3, and like other games supporting the Steam platform, this game supports some custom Steam related commands via Unreal Engine Control channel.” It also looked at Homefront, The Haunted: Hells Reach and Sanctum, all of which do not use the standard Unreal Engine 3 protocol before exploring attacks on them. Games that run on the Unreal Engine 3 include titles like Unreal Tournament 3, Gears of War, Tom Clancy's Rainbow Six Vegas and EndWar, Robert Ludlum's The Bourne Conspiracy, Mortal Kombat, Mass Effect, Lost Planet 3, BioShock Infinite, and various Batman Arkham titles.
“Any attacker can exploit them without any user interaction or additional requirements.” ReVuln even wrote cross-game zero-day exploits. “It’s a matter of how many other games share the same engine.” Some of ReVuln’s exploits go after the game servers and other go after game clients. ReVuln doesn’t report security holes to affected vendors instead the company “sells the newly discovered vulnerabilities to third-party companies and government agencies.” They warned that before you assume your game has no game engine, realize that every game, even PONG has a game engine. These vulnerabilities were not previously disclosed before the presentation at NoSuchCon, meaning there are no current patches for protection. The researchers found zero-day vulnerabilities to exploit game engines such as CryEngine 3, Unreal Engine 3, id Tech 4 and Hydrogen Engine. At NoSuchCon, they presented “Exploiting Game Engines For Fun & Profit”. “Thousands of potential attack vectors” in game engines, open the way to “millions of potential targets” aka players, explained ReVuln Security researchers Luigi Auriemma and Donato Ferrante.
Are you are gamer? If the answer is also “yes” to playing first-person shooters, then listen up.
0 kommentar(er)
