[HOW-TO] Bypass Ch3HP´s flood protection

  • Hey guys,


    i don´t like this guys attitude by attacking other servers and then selling his cheap protection to them.

    So i had a quick look at it :)


    My assumption:

    Its pretty simple the client is sending a GET request on client start to a webserver (its also the gameserver).

    The script gets the request IP and whitelists it in the packet filter.


    To bypass this just get the webserver ip with e.g. wireshark at client start.

    Now you can do a simple GET request to that address and your ip is whitelisted.


    --> This creates a even more critical attack surface. If the webserver is not reachable anymore no player can log in

    --> If you have a botnet/proxies you can whitelist their ips with a GET request and do your stuff again (if you do not have much power :) )


    Everything was tested on a server who bought the "protection"

    Bitte melden Sie sich an, um diesen Link zu sehen.

    Bitte melden Sie sich an, um diesen Link zu sehen.

    Einmal editiert, zuletzt von .colossus. ()

  • Dieses Thema enthält 15 weitere Beiträge, die nur für registrierte Benutzer sichtbar sind, bitte registrieren Sie sich oder melden Sie sich an um diese lesen zu können.