Admin and SemiAdmin password stealingThere is a rumor out there of a special Gameserver stealing your Adminpassword and SemiAdminpassword(s) from your User.ini (if you have passwords located in there).
IF TOSTProtect uploads your .INI on TOST43 Servers, TOSTProtect removes the Passwords in the Logfiles.
It seems to be that there is currently a Mutator on one Gameserver which uploads the User.ini too, but
don't remove the Passwords!! So it is possible for the ServerAdmin to read your Passwords.
Solution for this Problem:
First of all:
- change all SemiAdminpasswords / Adminpasswords on your Gameserver
- remove in your User.ini [this file is located where the TacticalOps.exe is] lines like "key=salogin mySecretPassword" or "Key=Adminlogin mySecretPWtoo".
- remove a Password if you have a password after "key=salogout" / "key=adminlogout" (yes some people want to use a password to logout ....... there is no need of a Password for logging out!)
IF you want to safely use Keybinds for logging in to prevent that you type your password by accident with "say" command:
Replace the "key=salogin password" line with "key=quickconsole salogin" - without a password at the end.
NOW if you hit this key in-game, there will be written "salogin" where normally the say command appear. Now you need only to enter your password and can login fast and securely.
quickconsole is working for 'whisper', 'adminlogin', any anything else too.
We would appreciate if the community can acknowledge this news item and inform any friends/family whom may have been a victim of this scandal; where possible, notifying other TacticalOps game leagues, community forums/sites and clan HPs.
Thank you.
Contact:
Forum @ www.ESE-Protect.de
IRC QuakeNet #ESE
ESE-Team
0 
