ASP.NET HACK VIA BF2

[Kitty cat]

Hi I was wondering if I installed bf2/project reality and go onto a server to play a game, is it possible to hack my computer with asp.net via DOT NET Frameworks file which gets installed when I install the game? I wouldn't want to file a complaint against any clan as I wish to find out how I identify this happens with my windows event viewer. Can we enable more strict rules for servers so they cannot give access to admins who they don't know or are from another clan, as this is a security breach that has been used against me. I don't wish to pursue the same person doing this over and over again as their clan no longer exists do to cheating. I wish to seek out new rules and regulations. I also want people who play this game to be aware of this hack which is a dot net framework hack which gets installed when you install this game. It installs an asp.net onto your user accounts and takes control of your whole system.

[IWI-GALIL.556FA]

Damn, can you play without the asp.net file?

[Kitty cat]

Well let me tell you what I did. I reinstalled my whole system, got all my drivers updated, went to ge help online by support from a experts solved all my systems problems No crash's for 4 whole days. Then I installed bf2 project reality again, play on the hog server seeing some admins who where orginally banned from pr playing on hog as admins. Now my system crashed a couple hours later after i was done playing how convienent. This server hog is full of hackers thinking thier anonymous trust me when I say this, I have no computer skills and I already found you. Hows does a http://www.hogclangaming .exe files appear in my documents should we ban this whole clan or should the clan have strict rules as who can admin on the server as admins exploit security issues on thier systems who they deem neccesary. YOUR ALL FCUKIN SICK IN THE HEAD I KNOW WHO YOU ARE.

[Pvt.LHeureux]

I don't see how you could get hacked by just joining an online server? Nothing is downloaded when joining a server...?

[Professorson]

Doesn't a file get downloaded into your documents of things like the server banners ?

Lol

[Leut.dweed]

Well let me tell you what I did. I reinstalled my whole system, got all my drivers updated, went to ge help online by support from a experts solved all my systems problems No crash's for 4 whole days. Then I installed bf2 project reality again, play on the hog server seeing some admins who where orginally banned from pr playing on hog as admins. Now my system crashed a couple hours later after i was done playing how convienent. This server hog is full of hackers thinking thier anonymous trust me when I say this, I have no computer skills and I already found you. Hows does a http://www.hogclangaming .exe files appear in my documents should we ban this whole clan or should the clan have strict rules as who can admin on the server as admins exploit security issues on thier systems who they deem neccesary. YOUR ALL FCUKIN SICK IN THE HEAD I KNOW WHO YOU ARE.

Epic

If you join the other servers you will find a file of them too.you will find Cheaters/hackers on every server.
The good thing on pr is that cheating is not that imbalanced then in most other games.

[WeeD-KilleR]

He is right. There is a .com-file called "www.hogclangaming". I wonder how this happens.... Tho it contains no data. 0 bytes.

[Kitty cat]

is a god dam .net framework gets installed and then that enables hackers who have admin access to gain control of your system installing an asp.net in your user accounts , but they never used the asp.net on me that im aware of, it coudl have taking milliseconds.

[Kitty cat]

Yes thx you i have that same hog file also. Fuckin thing Hijack my browswer go to Malwarebytes : Malwarebytes Anti-Exploit and see if you got hijacked.

[Kitty cat]

ZeroVulnerabilityLabs and ExploitShield
are now part of the Malwarebytes
family and will be known as
Malwarebytes Anti-Exploit. go bing it or something.

[Kitty cat]

Ok so their was 4 admins on, I got all there names , they really fcuked up this time, im going full throttle once i get the experts to disect it like fckin krieger off archer comic. They well pay.

[WeeD-KilleR]

Mate I study IT security and can tell you it is not malware/trojan or anything like that. Hog probably runs a Linux server. And in Linux file-extension don't matter. They probablly created the banner named after their site. "www.hogclangaming.com". And windows (where extensions matter) decided to take the .com and make a MS-DOS file out of it called "www.hogclangaming".

The file itself is completly empty tho. There are 0 bytes in it, and there for there is no code that could be executed. Even in a hex-editor it's empty. Just take a look on the other servers, that also download files into your documents folder:

Even tho this may could be used to get code onto your PC, there is most likley no-way to get your PC to run it without you running the file.

[Kitty cat]

i never said it was the hog file although . is an .exe file why is it their if it serves no purpose. Since your an IT expert can you solve the .net framework exploit and tell me how they can access to my system everytime I join I install this game and join this server. Do you really realize how much they fcked my shit up and it all goes back to them. The .net framework install on my system as part of the bf2 game and can be exploited via private servers did you know that?

[BloodyDeed]

PRSpy2 uses sv.communitylogo, which is a server setting as a workaround to let server admins configure their website.
Because in BF2 this is meant to be a picture, BF2 downloads that file to cache it for future use.
It does the same with the sv.sponsorlogo as you can see in the screenshot above.

Because hog's website ends in .com your windows detects it as a ".com"-File as WeedKiller stated correctly.
No worries, there is no harm done.

Regarding your latest post, do you have any sources that support your hypothesis?
There are always exploits in big software packages like that, but if you keep your system up to date you shouldn't need to worry too much about them.
If they can access your system it's probably because of some trojan you got from surfing the internet, not installing PR.

[Kitty cat]

As i stated , admins of private server of bf2 can access the .net framework that bf2 installs and exploits it maybe even with a .cfx file as I read years ago or they dont even need that file im not an expert but i have ones looking at me. This is a fact.

[Kitty cat]

Also I only played on one server Hog, I don't want them to pay for what I think was another hacker which i well not call names because I dont have proof but he is always on when something happens. As you all know they just dont have that clan around anymore on project reality do they, do you know why that is?

[BloodyDeed]

I personally never heard of something like that.
While the possiblity of security issues always exists I doubt that this issue exists for years without a proper fix. It's .net and Microsoft we're talking about.

And as long as you can't provide any sources or examples there is unfortunately nothing we can do about it. Sorry.
Also I prefer if you wouldn't accuse people on this forum from doing harm to you without having proper evidence.

[WeeD-KilleR]

I checked the other files. The files that file is the index-html file when you visit their website. What I can't say is why BF2 decides to download that stuff. And please don't call me an expert.

But what I can say is that there is no malware stuff in any of these. Some contain some javascript, which isn't dangerous. Like I said, in linux file-extensions (like: .jpg, .png, .exe) don't matter and they are being ignored. In windows they matter. These files are called after the website-url. For example: "www.newcommunity.EU" And windows takes everything after the last dot and uses it as file-extensions. That's why the URL above is labled as .EU-file. And that's why the file from hog is called .COM. Because their domain is .COM. If there would be a .EXE domain the file also would be called .EXE.

Come down from your paranoia. I am playing on HOG nearly daily and can say that they are not trying to hack your PC. You need to have another security hole. (if you actually have one, and not just a shitty setup that causes the crashes).

[Kitty cat]

Hey I never asked anyone to seek out anything . I just want you to be aware of what they are doing. Destroying a gaming community, if they targeted me which i went through fckin hoops and trust me when I say this hoops! who knows who they targeted for what reason i dont care. I can state that it is a fact that this game has security issues, my browswer just doesn't get hijacked from anything, it is specifically this game that i would bleed for, that how much I love it. All I would ask for is that people like HOG who give any clan there server admin controls be aware of this hacker because its no fallacy this guy is good and sick in the fckin head. After playing this game my browser was hijacked several hacks installed god knows what but I can tell you the hacks access everything ! spell check , keyboard everything! its ridiculous this guy is no joke ! he is a computer expert guaranteed.

[Kitty cat]

Also you are very fckin welcome for me pointing this out to you, you should be lucky I love your game so much and the HOG server hugs to. I would never wanna see hog tookin down thats a big blow the the already small community which should be a fckin empire by now. I wonder why project reality doesnt have that many players in the community and that bugs me more then this fckin hacker who is a fckin NOBODY.