When a screenshot is asked for, the server tells the client the file_id for the screenshot. Both will load the main system module that exports two functions designed to handle events for both sides.Ī feature exists in which users can request screenshots from game clients. PunkBuster’s client and server-side architectures work as modules. Read more of the latest security vulnerability news What Prizmant and Sandt found was an issue “practically” considered a remote code execution flaw. This inspired them to begin a “cool side project to take a look at the internals of Punkbuster and fundamentally understand how it works”. The duo, both avid Battlefield gamers, said in a Medium blog post that after replaying Battlefield 4, they found close to 1,000 active PunkBuster-protected servers. The path traversal vulnerability could be exploited by attackers – or, perhaps, disgruntled cheaters – to hijack servers and perform RCE attacks. On September 25, Palo Alto Networks senior security researcher Daniel Prizmant and computer science student Mauricio Sandt disclosed that the firm’s software harbored a severe security issue. The company has been active in this field for over 15 years and says that millions of players have been monitored, and “hundreds of thousands” of cheats have been caught – but over time, the popularity of the service waned. Researchers have disclosed a remote code execution (RCE) flaw impacting Battlefield and Medal of Honor servers that harnesses PunkBuster anti-cheat software.Įven Balance’s PunkBuster has been integrated into dozens of video game titles and numerous game engines to detect suspicious gamer activity. PunkBuster solution ended up punk’d by two reverse engineers who took an interest in the cheat-busting system
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |