Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
node-rcon is a simple library for connecting to RCON servers in node.js. It implements the protocol used by Valve's Source and GoldSrc engines, as well as many other game servers.
It was originally created to connect to Minecraft's RCON server.
npm:
$ npm install rcon
See examples/basic.js
for a simple example, or
examples/stdio.js
for a complete command line client.
Some games use TCP and some use UDP for their RCON implementation. To tell node-rcon which protocol to use, pass it an options object like so:
var options = {
tcp: false, // false for UDP, true for TCP (default true)
challenge: false // true to use the challenge protocol (default true)
};
client = new Rcon(host, port, password, options);
Here's a non-exhaustive list of which games use which options:
Game | Protocol | Challenge |
---|---|---|
Any Source game | TCP | N/A |
Minecraft | TCP | N/A |
Any GoldSrc game | UDP | Yes |
Call of Duty | UDP | No |
Source games include CS:S, CS:GO, TF2, etc. GoldSrc games include CS 1.6, TFC, Ricochet (lol), etc.
If there's a game you know uses a certain protocol, feel free to submit a pull request.
Please submit a bug report for any game you try that doesn't work!
Note that some servers may close the connection if it is idle for a long period of time. If your application may leave the connection idle for a long time, you can either create a new Rcon instance (and connection) each time you need it, or you can send a ping command periodically to keep the connection alive.
The connection emits the following events:
This is sent in response to an authentication request that was successful.
The connection was closed from any reason
There was a response returned to a command/message sent to the server
There was a message from the server that was not a response to a command or an auth failiure.
There was an error, usually an authentication failure.
FAQs
A generic RCON client for Node.js
We found that rcon demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.