Temple Guardian (v0.2 r1)

By ~[NT]~WabidWabbit
Date: 03-02-2004

Download

Readme

SUMMARY OF USE:

Not a mod per se but a fix for the ^^^ exploits in Chosen One's Jedi Academy mod. Temple Guardian is a small program that monitors a game server using RCON via UDP every few seconds (uses negligible bandwidth). It has a list of partial name matches that if it finds it can auto-kick or auto-ban with custom messages. You could use it to kick offensive names or keep a particular clan tag banned too if desired. It's main use is to auto-ban visitors using particular names that exploit a security flaw in JA Mod to gain admin rights.

INSTALLATION NOTES:

The ideal place for installation is on the same box as your JK2 server. However should your JK2 server be running under Linux or you not have adequate access, you can also run Temple Guardian remotely over the Internet.

To install, first unpack TempleGuardian.msi file from the supplied .zip file using a program such as WinZip. Then, double click on TempleGuardian.msi to install Temple Guardian to the directory of your choice. Once installed, navigate to that directory and be sure to edit the TempleGuardian.ini file found therein to specify your game server's address, port (required) and rcon password. You can use Notepad to edit the .ini file. Helpful comments are provided for you in the file.

For best use, you should allow name changes to occur unhindered in your academy.cfg. e.g. Not limit to one a minute etc. Although this will make your server open to name change flooding, which can temporarily lag a server, it will help circumvent an additional rare exploit. This is totally your option of course.

RELEASE NOTES:

=== V0.2 R1 ===

* Fixed bug causing TG to hang if additional blank status lines are occasionally returned from the server.

* Fixed bug causing TG to sometimes hang if server has active bots.

* Fixed bug causing TG to hang if server is shut down. TG now waits for server to become available before resuming operation.

* Added version number to status message.

=== V0.2 R0 ===

* Now ignores color codes ^0 through ^7 so you don't need to worry about then when specifying matches.

* Added additional error handling to connection and send command events to help prevent TG from crashing during ongoing lag situations.

* Now checks via secondary methods not just via an rcon status output, giving it the ability to capture exploiters using long normal names in front of their exploit names that would not usually show in rcon status. (Please note as a result, this tool is now only compatible with mods built upon the Vulcanus admin mod or Jedi Academy mod for JK2 and JA.)

=== V0.1 R0 ===

This was the first emergency release to help the JK2 community.

ADDITIONAL COMMENTS:

All versions to date (including v0.2 r1) are missing a lot of nice features such as a GUI for configuring the .ini file and I will code a better version in future. For now this is just a couple of days work to help plug the mess that all of the servers are in as a result in the flood of exploits that have come along recently. Most clans have been hit dozens of times a day with their own members being banned as a result.

My thoughts for the future include:

* Adding the ability to monitor multiple servers at once. (No charge for someone running one Guardian per PC but nominal charge for professional sites using software.)

* Adding the ability to use different .ini file so can run in a game farm. (No charge for someone running one Guardian per PC but nominal charge for professional sites using software.)

* Ability to automatically share exploit ban lists with a central repository. I have already prototyped some of this.

* Easy GUI for configuring .ini files as well as providing a real-time counter of kicks and bans.

* Additional log files so you can easily see events or pass exploiters IPs to the authorities without having to read an entire JK2 log. I could take this a little further and maintain an IP ban list solely for Temple Guardian. If so, the ban size will be for all intents and purposes unlimited. I could also provide perhaps a web tool for maintaining TG's ban list. Hmm.. I'm typing these notes up and still getting ideas. :>

* Ability to page via email, MSN Messenger or cellular phone (if SMTP is available.)

* Different RCON tabs so you can issue rcon commands provided via a helpful interface. e.g. Highlight name and click grant admin, revoke admin, etc. or highlight map and select game type to load.

* Ability to see who is playing real-time as well as review a name change history while on the server for any player via an IP address match.

Suggestions and bugs to support@jetstreamservers.com, subject "Temple Guardian" please. Thanks!



----- Original Message -----
From: Jetstream Servers CSR
To: submit@jk2files.com
Sent: Friday, February 13, 2004 4:50 AM
Subject: Re: JK2 Server Utility: "Temple Guardian" - Tool To Keep JK2 ^^^ Admin Exploiters Off Your Server


I know it's supposed to be once a week but already some hackers have found a way round my anti-hacker tool (what is JK2 coming to) so I've released a new version this evening that takes care of all known renaming hacks that have been submitted to me. Hope you give this urgent consideration given the emergency situation most clans are going through. We need to get the word out that there is a prevention for this flood of attacks.

You can download a copy of Temple Guardian v0.2 (Double Strength) here along with the release notes.:
http://www.pcgamemods.com/4262

----- Original Message -----
From: Jetstream Servers CSR
To: submit@jk2files.com
Sent: Wednesday, February 11, 2004 6:44 AM
Subject: JK2 Server Utility: "Temple Guardian" - Tool To Keep JK2 ^^^ Admin Exploiters Off Your Server


Hi.

This doesn't follow your normal protocol but I'm trying to help the JK2 community, which is badly suffering as most of the servers run Jedi Academy mod and there is an admin exploit where just changing your name to something in particular will get you full admin. Every clan I've spoken to this week (more than 10) has been hit many times per day with growing frequency. Typically a raider will come in, assume admin and ban the real admins, guests, whatever or deliberately use amlogin type rights to change game and map type in order to crash a server.

Chosen One (author of the Jedi Academy mod) was contacted but he's retired from the scene so my clan and others needed something fast, which is why I came up with TempleGuardian. (Called thus since I'm a member of NewTempleOfTheJedi.com.) This is the very first version and is just the basics that I knocked up today but it does protect those who run it from these name exploits. Clans are screaming for a fix and servers are being passworded or taken down so please take a look at this ASAP since it's so badly affecting the community.

The tool uses UDP and RCON to monitor the game server every 3 seconds and can either run on the same box as the server or a remote client. It auto bans people using the name exploit and can auto kick and auto ban others too based upon partial name matches. e.g. You want it to auto-kick someone with an offensive word in their name with a nice custom message or auto-ban people with ^^^ in their names with a different message, no problem. You can have very lengthy kick and ban lists for partial name matches. Of course this is something I've just knocked up given the emergency situation we have and it is missing a lot of nice features such as the ability to monitor multiple servers at once or a GUI to edit the config (currently uses a .ini file.) These will be added in a second release about a week from now.

As a side note, since it uses pure Quake engine commands, you could use this tool with other mods or perhaps even other Quake-based games to have an auto-ban and auto-kick list.

I hope you'll give this file urgent consideration under the circumstances.

Best wishes,
Neil Cresswell (neil@cresswell.net), author,
JetstreamServers.com.

[aka ~[NT]~WabidWabbit, http://NewTempleoftheJedi.com].