LucasForums

LucasForums (http://www.lucasforums.com/index.php)
-   Dedicated Server (http://www.lucasforums.com/forumdisplay.php?f=334)
-   -   how to protect against jamsgbof.cfg (http://www.lucasforums.com/showthread.php?t=153334)

jedi-Guard 10-05-2005 07:14 AM

how to protect against jamsgbof.cfg
 
Hello again.
How can i protect my server against that Jamsgbof.cfg

http://www.securiteam.com/securitynews/5AP051FFGY.html

i tested an unofficial patch that was suppose to protect against udp buffer overflow, you can find that file here

http://jediknight2.filefront.com/fil..._Servers;41652

other ways ?

Jemrada 10-05-2005 10:46 AM

Hello, I am new with JO and running a dedicated JO on my computer.

WHat is this jamsgbof.cfg? Is it a means for crashing a server? I have been having trouble with players crashing me latley and I have recently changed to the DCmod 1.1 Can't seem to find Dcmod 1.2 that I heard about for JO.

jedi-Guard 10-05-2005 07:18 PM

this jamsgbof.cfg is the file that is responsible for crashing the server, its normal clients that can crash the server without admin permissions.
One way to protect vs that is to log his ip and ban him, but cant help if you are not connected to the server.
I need help with that too.

Kurgan 10-07-2005 07:39 PM

You can remote admin servers through ASE, JA Tracker web panel and other programs.

jedi-Guard 11-23-2005 10:45 AM

Hrmmm i made a small progress but i have been a bad jedi too.
Couple of day ago, i was wonder if there is a way to protect the server against ---> jamsgbof.cfg.
My server is being attacked by idiots ( sorry my language ) too many times now, so i downloaded the file my self and started an investigation.
Which server is protected vs jamsgbof.cfg.
Out of 20 to 50 JA servers with mods and none mods only 1 server did crash ( sorry again that i did crash servers ).
I made a copy and added more text in the jamsgbof.cfg still nothing, i tried the last time with the original, but nop. Then i tried it on my server with the original jamsgbof.cfg, well my server went to sleep very fast.
I actually found the owner of that server, i asked the owner if i could get a copy of this Server.cfg, I did, nothing special in it just pure mess in it, i suspect hes still learning about his JA+ mod server.
I Ask the owner of that stable server alot about his server and hardware configurations, he seems to understand what ram is and couple of other things, but not on professionel level. ( didnt get far with that )
Then i tried to compare his server.cfg and my server.cfg i used his on my server.cfg and i did the exec jamsgbof.cfg, what happen ? bad news my server crashed, didnt help.
I tried with Unofficial JAWinded.exe and with Official jamp.exe ---> Bad news again, didnt work.
I suspect its a hardware protection vs that buffer overflow, i simply need help to solv this problem, since there wont be a new patch on its way.

I NEED IDEAS AND MORE TO SOLV THIS AND I STILL GOT MORE IDEAS TO TEST MY SELF, PLEASE ADD HERE SO WE CAN SOLV IT AND FIX IT.

Thank you all for reading and supporting. :)

razorace 12-14-2005 02:46 PM

mmm, that's interesting. Slider won't be happy to hear that his fix doesn't work.

jedi-Guard 12-18-2005 07:04 PM

slider ? who is slider ?

razorace 12-18-2005 11:31 PM

The JA+ author. He's the one that tried to do the patched exec.

jedi-Guard 12-20-2005 09:16 AM

Well how i understand the unofficial exec file is that it should be protected against large udp flow.
I dont know if thats the same as the jamsgbof.cfg file.

is it ?
cu all again

razorace 12-20-2005 03:44 PM

mmm, I assumed it was, as I wasn't aware of two seperate buffer overflow issues that affected JKA. *shrug*

jedi-Guard 12-20-2005 05:56 PM

Well if the large udp flow is the same as jamsgbof.cfg, then which one are you talking about it ?.
Is there another one that i dont know ? ( of course there is LOL )
cu for now again

jedi-Guard 07-04-2006 02:55 AM

I have found a way to protect a "None mod server" against the Jamsgbof.cfg. I just need to explain it the right way, then ill add it.
Have a nice day all

Kurgan 07-05-2006 12:26 AM

Sounds good! We could use the help...

jedi-Guard 07-05-2006 11:20 AM

Ill try to explain my self as good as possible.
It might be hard to find the file to fix it, but i found it in year 2004 when i stopped playing Jedi Academy and now am back, and i want to help, and i cant find the file on the wwws anymore, BUT people call me smart and intelligent because i burned that 10 kb file on a 650 mb cd and made double copies of that cd. One thing i didnt was to write the instruction, but that was the last thing i was thinking of, cause i was thinking of "YES I FOUND A SOLUTION TO ONE OF MY BIGGEST PROBLEMS" lol :P.
The reason i delay this message was because i had to find out how i did it, and now i know it.
So couple of dollars wont hurt if i got to post this message, but since this forum is free, ill add it here and now.
READY ALL TO HEAR HOW ITS DONE ? ( Not a smart move there and people calls me smart and intelligent ).
Of course everyone is ready, especially those none mod server, kind of like me.

HERE IT IS
The way to Protect your none mode server against buffer overflow, is to use a different way to patch the small hole that your server has.
You need to open assets3.pk3 and inside there is a file called jampgamex86.dll.
jampgamex86.dll is the bad file and you need to patch that file.
The patch file is alittle bit special, you need a call of duty message fix file which is only 10 kb large, thats the one you need to execute and select the jampgamex86.dll file to close the bug hole.
Then you move the file back into assets3.pk3 file and its fixed.
You can also replace the Jampgamex.86.dll with JA+ owns fix jampgamex86.dll, but thats not recommended.
If you have JA+ mods, then i have heard that you need to install it the right way for that fix works on the server. I honestly dont care about mode servers, cause i dont like mods.
There is one thing that might stop fixing that buffer overflow problem. That call of duty file cant befound on the web. It might be there, but i cant find it.
If someone else want to make it avalible public, then i can send the file to you, cause i have on cds.
You can also find me on my Powerduel Server, i might can help from there too. Just look for "Jedi-Guard"
Servername = Jedi-Academy-Server
Have a nice day all

jedi-Guard 07-05-2006 11:21 AM

Sorry for mistakes or other things i might have forgotten or something else.

Have a nice day all. :)

jedi-Guard 07-11-2006 05:57 PM

MORE GREAT NEWS.
I actually finally found the page i learned to fix the buffer overflow.

http://aluigi.altervista.org/patches/jamsgfix.txt <---- this one.
The explanation is alot better there, then what i have added.

This is the patch file that is needed, right now, its working.

http://aluigi.org/patches/codmsgfix.zip <---- works now for me, hope it works for you too.

I beleave this case is closed now. :)

Falco17 04-06-2007 09:47 AM

DCMoD 1.2
 
http://dcmod.jsjmapdesign.com/downloads/

there is their main site it has the DCMoD 1.1 and 1.2 and some server stuff

darkecho05 05-07-2007 12:01 PM

I'm using 1.0 and i have downloaded ipatch, runned it and extracted jampgamex86.dll to the desktops, and mounted the jampgamex86.dll with ipatch, it only says "the data files is oncomplete or corrupted" what am i doing wrong? i really need help

jedi-Guard 05-07-2007 01:00 PM

Maybe you need to patch the game with Jedi Academy Patch 1.01 before you try to patch jampgamex86.dll

darkecho05 05-07-2007 05:01 PM

I've seen other servers that can take the hit on 1.0, there must be a way

jedi-Guard 05-08-2007 09:08 AM

There are no lucasarts or ravensoft patch for the codmsgfix.
The link might be too old and removed.
I do have the small file to patch the jampgamex86.dll, but i would recommend you keep looking out there and type this filename codmsgfix.zip and press search.
May the force be with us all.

darkecho05 05-08-2007 10:44 AM

Alright..
For all you who need codmsgfix, here it is

http://www.iwnation.com/Forums/index...e=post&id=3205

jedi-Guard 05-08-2007 11:41 AM

did you put it back to its original pk3 file ?

darkecho05 05-08-2007 12:21 PM

Ok Jedi-Guard, thanks anyway.. i got it, adding new info


- download the codmsgfix

- open the following file contained in your Jedi Academy folder with a
ZIP program (like Winzip for example): (OR WINRAR WORKS FINE TO)
GameData\base\assets3.pk3

note that the number of the assets file can change if you have other
versions of the game, in any case get the file with the higher
number available.

- extract the file jampgamex86.dll

- launch codmsgfix.exe and patch the jampgamex86.dll.


- select the dll file you have just extracted, you will receive a
success message

- create a zip file containing only the patched jampgamex86.dll file.
the name of the zip must be assets4.pk3 (note the number 4 while the
other zip was 3) and must be placed in the same folder where is
located assets3.pk3.


IF IN 1.0 YOU HAVE ONLY ASSETS 2 AS HIGHEST, THEREFORE TYPE "assets.pk3" INSTEAD OF 4!!

- your server is patched and will no longer crash (or worst since this
is a buffer-overflow bug).

-------------------------
More news, I've found out that when you patch jammpgamex86.dll you can only play on patched servers, other servers will put up an error message therefore you can't enter. But I'm playing in 1.0, maybe in 1.01 they are all protected.

jedi-Guard 05-08-2007 02:32 PM

Dont add on asset4.pk3, didnt work for me, add it same place you got it from.

darkecho05 05-09-2007 08:59 AM

Quote:

Originally Posted by jedi-Guard
Dont add on asset4.pk3, didnt work for me, add it same place you got it from.

The difference between you and me is, you play in 1.01 and i 1.0 therefore it's not the same, I've already tried that Guard, but thanks anyway.. seems my server will never be protected against those who exploits these glitches therefore I'll never be able to host again.

jedi-Guard 05-09-2007 10:16 AM

I dont think you can use this fix on version 1.0, so yes i there is a difference.
Its gonna be hard to protect your server without the patch
May the force be with you anyway.

ensiform 05-10-2007 07:39 PM

What are you still using 1.0 for?

You won't find any help available for 1.0 because it was discontinued when the patch came out since MP was broken.

Upgrade or don't come askin' since most of us are using the patch. :rolleyes:

darkecho05 05-11-2007 06:48 AM

Saw that you wrote in this thread, thought it was some useful info, but no. Don't write in any thread if you ain't got something good to say.

Kurgan 10-07-2010 10:06 PM

Not to continue an old fight here, but I can see why people would continue to use JK2 1.02 rather than the updates, because the gameplay actually changed. But why would you use JKA 1.0 instead of 1.01? I mean, unless all your friends are using warez copies or something. :P

Granted, you wanted help, but I'm just saying. I don't see anything you're missing by using the old version here other than having only a few of the game servers show up in the browser (a bug in the first release).


All times are GMT -4. The time now is 01:44 PM.

Powered by vBulletin®
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
LFNetwork, LLC ©2002-2011 - All rights reserved.