EIP-2026-103144

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-103144. PoCs published by Mark Zielinski.

AI-analyzed exploit summary This exploit bypasses Quake server authentication by spoofing a UDP packet from the idsoftware subnet (192.246.40.42) with the hardcoded password 'tms'. It crafts a raw IP packet with a forged source address to execute arbitrary rcon commands on vulnerable Quake servers.

Description

id Software Solaris Quake II 3.13/3.14 / QuakeWorld 2.0/2.1 / Quake 1.9/3.13/3.14 - Command Execution

Exploits (1)

exploitdb WORKING POC VERIFIED

by Mark Zielinski · cremotelinux

https://www.exploit-db.com/exploits/19079

View Code ZIP pw:eip

This exploit bypasses Quake server authentication by spoofing a UDP packet from the idsoftware subnet (192.246.40.42) with the hardcoded password 'tms'. It crafts a raw IP packet with a forged source address to execute arbitrary rcon commands on vulnerable Quake servers.

Classification

Working Poc 95%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: Quake 1, QuakeWorld, Quake 2 (all versions, including Linux and Solaris)

No auth needed

Prerequisites: Network access to the target Quake server · Ability to send raw IP packets (typically requires root/administrative privileges)

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1562.004 - Disable or Modify System Firewall

devstral-2 · analyzed Feb 16, 2026 Full analysis →

id Software Solaris Quake II 3.13/3.14 / QuakeWorld 2.0/2.1 / Quake 1.9/3.13/3.14 - Command Execution

Exploitation Summary

Description

Exploits (1)

Details