server.cfg's password and rcon vars still readable via exploits? - Developers

server.cfg's password and rcon vars still readable via exploits?

3 replies, posted
In This Thread

There was a time, you could read the rcon password of servers through the server.cfg is this behaviour fixed now?

It was fixed a while ago

https://i.imgur.com/r27fogr.jpg But you can't lua_run MsgN(GetConVar("rcon_password")) Maybe I'm not sure which method do you mean, but we've learned that via backdoors you can fuck up things (You can't set rcon_password)

I think there used to be some exploit with allow_download/allow_upload along with a some exploited binaries that let you get access to/overwrite rcon_password.

Sorry, you need to Log In to post a reply to this thread.