http://i.imgur.com/W8C1Kxm.png

This doesn't sound very good.

Confirmed happening to us, and a lot of other communities.

Trying to find the source now.

"Element": Hook OnClientSettingsChanged and keep track of client var changes -- if they go over a certain threshold they're almost certainly trying to crash the server. Obviously make sure you decrement their changes otherwise you'll be kicking legitimate players if they happen to change these variables a lot. (Most cheats create a thread/thread pool and flood these changes so fast that it's impossible to be someone just spamming console)

Looks like its just command hammering. Something any kid can write...

Looks like its just command hammering. Something any kid can write...

Thanks! Added you on steam to figure out what this was, much appreciated.

Any idea what the threshold should be? Like how fast can a legitimate client fire OnClientSettingsChanged or how many times the exploit fires it?

So apparently...

The exploit runs @ 1ms.

And calls client side: setinfo x x

Where x is in a for loop

Sounds like the command executing client side is:

setinfo 1 1
setinfo 2 2
setinfo 3 3 ... ect

I'm not sure if this is how the aimware version works or not.

I wrote this up...

static int s_iClientSettingsChangedCount[MAXPLAYERS+1];

public void OnPluginStart()
{
CreateTimer(1.0, OnClientCountSettingsChanged, _, TIMER_REPEAT);
}

public OnClientConnected(int client)
{
s_iClientSettingsChangedCount[client] = 0;
}

public void OnClientSettingsChanged(int client)
{
if (IsFakeClient(client))
return;

s_iClientSettingsChangedCount[client]++;
}

public Action OnClientCountSettingsChanged(Handle timer, any data)
{
for (int client = 1; client < MaxClients; client++)
{
if (!IsClientInGame(client))
continue;

if (IsFakeClient(client))
continue;

PrintToConsole(client, "s_iClientSettingsChangedCount[%d] == %d", client, s_iClientSettingsChangedCount[client]);
s_iClientSettingsChangedCount[client] = 0;
}
}

This is my output in console...

s_iClientSettingsChangedCount[10] == 0
s_iClientSettingsChangedCount[10] == 0
] setinfo 2 2
s_iClientSettingsChangedCount[10] == 1
s_iClientSettingsChangedCount[10] == 0


Apon connecting to a server with this, i get 3 changes...

Just heard about this. One of my friend of friends server's just got crashed. Anyone got an ETA of a patch via sourcemod or valve?

Just to ask. For which game this exploit works? I run TF2 server and I don't want someone to crash the server :|

any new info to avoid this? only kids on server who let the lag begin .... -.-

any new info to avoid this? only kids on server who let the lag begin .... -.-https://forums.alliedmods.net/showthread.php?t=280583

https://forums.alliedmods.net/showthread.php?t=280583

awesome thanks! :up:

for the purpose of curiosity:

would smac_commands ban the people spamming ?

for the purpose of curiosity:

would smac_commands ban the people spamming ?

Ye

https://forums.alliedmods.net/showthread.php?p=2403969#post2403969

Crash reports posted in the above.

I do see a cvar being sent.

knowing valve it will be atleast a week until this patched, they usually do updates on tues/wed/thru

We really need someone to purchase aimware.

If it relates to a client convar change (which the crash report indicates) we could pick it up if someone actually used the exploit on a server logging the changes.

Hmm,

Checking the includes, Sourcemod doesn't have a hook for Client Convar changes.

Going back to the crash report, it appears that the server catches an error. Simply spamming an invalid convar might cause massive cpu loads with the errors being caught. This would also explain why the above code doesn't detect a client setting change during the attack.

https://crash.limetech.org/tg2f7pjpv4xx

I'm wanting to know if anyone can provide a signature for:

engine.so!KeyValues::SetString(char const*, char const*) + 0x24

i hope valve fix this fast. i know a hack who had the first server crasher ever in csgo and they needed a half year to fix this. crasher was released in june 2013 and the fix was done in january 2014 with auto untrusted bans.

Do the above fixes prevent the crashing? Otherwise I can take a look later today.

Alright if anyone still has this issue you can give this extension a try. It'll kick a player if they spam over 1000 cvar/setinfo changes.

Yesterday and today attacked my server. Lags took out of nowhere.

@God-Tony
I uploaded it to the server now.
Is it certainly works?
thanks

Alright if anyone still has this issue you can give this extension a try. It'll kick a player if they spam over 1000 cvar/setinfo changes.

Can confirm this does fix the aimware exploit, thanks a lot! :bacon!::bacon!::bacon!:

Alright if anyone still has this issue you can give this extension a try. It'll kick a player if they spam over 1000 cvar/setinfo changes.

Yeah works very well.

Tested with Aimware and Custom Raw using same method on Linux/latest SM stable.

Only other beneficial thing would be to log the kick with date, client STEAM ID and IP.
Probably not worth it though as Valve will fix this in a week.

Does this only effect CS:GO or does it happen on CS:S/TF2?

Alright if anyone still has this issue you can give this extension a try. It'll kick a player if they spam over 1000 cvar/setinfo changes.

Thanks for this. Will report back if the issue persists. Although, based on the two previous posts this looks like it did the trick.

:bacon!::bacon!::bacon!:

I too can confirm it works. Thanks for the extension GoD-Tony!

Player Jack&apos;s 10/10 Smurf left the game (Command spam.)

Could you make a config file to trigger a kick quicker? :3
Or heck, a log file that logs the steamid's ip, so we can ban them off?
Thanks

Or some forward that forwards the client id, so we can do all the rest with SM

can anyone confirm it's only in csgo? what about l4d2, css, tf2?

Darn this seems to kick me because I change my cl_clainid with my movement keys :'(

Darn this seems to kick me because I change my cl_clainid with my movement keys :'(

You arn't doing over 1000 key presses in a second.

You arn't doing over 1000 key presses in a second.

Well I'm not sure why it kicked me then, when I removed them from my binds it didn't kick me anymore. It might also be related that I have an auto-bhop plugin on. Not Sure

You arn't doing over 1000 key presses in a second.

GoD-Tony's extension doesn't kick for 1000 a second, it just counts to 1000 then kicks, which would probably kick most people setting the clanid cvar via movement keys. (which is fine by me, for the record)

This also kids the kids using the clantag spam shit. hahah amazing

GoD-Tony's extension doesn't kick for 1000 a second, it just counts to 1000 then kicks, which would probably kick most people setting the clanid cvar via movement keys. (which is fine by me, for the record)

More than 10 cvars / setinfos in a second is almost impossible for one to acheive in their client console.

Tony could you make the counters reset every second and have a cvar for the threshold?

The root issue isn't the number of changes, but people setting info vars that don't exist.

Since there is a finite number of legitimate userinfo convars, a better fix in the extension would be to inspect the CNETMsg_SetConVar message and count the cumulative number of convar names that aren't valid, kicking after any or a small amount.

I would assume just kick on any invalid request would be best.

I would assume just kick on any invalid request would be best.
Clients could unknowingly have crap in cfgs, possibly even ones just copied from CS:S. (I believe there are some info vars in CS:S that were removed in CS:GO).

Blocking all and kicking after X attempts seems like a good approach.

Darn this seems to kick me because I change my cl_clainid with my movement keys :'(

oh god those shitty WASD clantag changing binds
i can't even look at my server's console if i log everything when people use it

oh god those shitty WASD clantag changing binds
i can't even look at my server's console if i log everything when people use it

I hate that shit, so I modified a plugin to auto-kick people who have that crap enabled. Now it looks like I don't have to use it anymore :up:

someone should make a plugin who ban all these kids with the clanid shit. it generates useless spam/traffic in server log.

Glad the extension is working for the most part. If Valve doesn't fix it within the week then I'll throw out an update with the requested features (logging, valid cvar checks, etc).

Glad the extension is working for the most part. If Valve doesn't fix it within the week then I'll throw out an update with the requested features (logging, valid cvar checks, etc).

Da real mvp :bacon!::bacon!:

Clients could unknowingly have crap in cfgs, possibly even ones just copied from CS:S. (I believe there are some info vars in CS:S that were removed in CS:GO).

Blocking all and kicking after X attempts seems like a good approach.

Id agree with this, you know of the nospam by system I assume, why is this not a part of smac?
I've tried it with many a aimbot and cheat, kick is almost instant, seems to be no way around it.

no_tag_flood

no_tag_flood

thanks

An optional server stability update for CS:GO has been released. It is recommended for server operators to update servers with PatchVersion=1.35.2.9 to the latest build ServerVersion=310.

Community servers that need clients to upload changes to their userinfo entries during gameplay must set all allowed server-side userinfo setting keys when processing client connect.

If you choose to do the update, it wont hurt to keep this module at the same time until somebody can confirm valves patch fixes the issue.

That was quick.

Then again their servers were being crashed also.

Can anyone confirm if the aimware exploit is resolved by the patch?

By confirm, I mean you had someone join a server and run the exploit...

yes, the crash feature has been removed in aimware hack. not possible to crash or lagg server with aimware.

Gg. Valve 1. Aimware 0.

Gg. Valve 1. Aimware 0.

well played valve!

Alright if anyone still has this issue you can give this extension a try. It'll kick a player if they spam over 1000 cvar/setinfo changes.

Is there a CSS fix for this issue?

ive been getting reports from some community members that something like this is happening again..

... something to do with audio files, not sure what exactly.. its always tough when trying to assess 3rd hand reports

Yeah, a certain p2c added a "client lagger" which will crash servers. Been getting nailed all night.

Yup, lots and lots of crashes. 18 crashes in 6 hours
silly :oops:

Heres the end of my console from a accelerator dump

227457 2448.894239 SendNetMsg IPADDRESS:27005: stream[netchan_t::reliabledata] buffer overflow (maxsize = 262140)!
227458 2448.894573 Dropped modddiii25 from server: ERROR! Couldn't send snapshot.
227459 2448.895066 ERROR! SendData reliabe data too big (8749)


Here's what ingame console says during attack

common\null.wav 126, common\null.wav 127, common\null.wav
Error: Sound ~)player\land.wav failed to allocate a static channel and will not play
Error: Total static audio channels have been used: 96 32, common\null.wav 33, common\null.wav 34, common\null.wav 35, common\null.wav 36, common\null.wav 37, common\null.wav 38, common\null.wav 39, common\null.wav 40, common\null.wav 41, common\null.wav 42, common\null.wav 43, common\null.wav 44, common\null.wav 45, common\null.wav 46, common\null.wav 47, common\null.wav 48, common\null.wav 49, common\null.wav 50, common\null.wav 51, common\null.wav 52, common\null.wav 53, common\null.wav 54, common\null.wav 55, common\null.wav 56, common\null.wav 57, common\null.wav 58, common\null.wav 59, common\null.wav 60, common\null.wav 61, common\null.wav 62, common\null.wav 63, common\null.wav 64, common\null.wav 65, common\null.wav 66, common\null.wav 67, common\null.wav 68, common\null.wav 69, common\null.wav 70, common\null.wav 71, common\null.wav 72, common\null.wav 73, common\null.wav 74, common\null.wav 75, common\null.wav 76, common\null.wav 77, common\null.wav 78, common\null.wav 79, common\null.wav 80, common\null.wav 81, common\null.wav 82, common\null.wav 83, common\null.wav 84, common\null.wav 85, common\null.wav 86, common\null.wav 87, common\null.wav 88, common\null.wav 89, common\null.wav 90, common\null.wav 91, common\null.wav 92, common\null.wav 93, common\null.wav 94, common\null.wav 95, common\null.wav 96, common\null.wav 97, common\null.wav 98, common\null.wav 99, common\null.wav 100, common\null.wav 101, common\null.wav 102, common\null.wav 103, common\null.wav 104, common\null.wav 105, common\null.wav 106, common\null.wav 107, common\null.wav 108, common\null.wav 109, common\null.wav 110, common\null.wav 111, common\null.wav 112, common\null.wav 113, common\null.wav 114, common\null.wav 115, common\null.wav 116, common\null.wav 117, common\null.wav 118, common\null.wav 119, common\null.wav 120, common\null.wav 121, common\null.wav 122, common\null.wav 123, common\null.wav 124, common\null.wav 125, common\null.wav 126, common\null.wav 127, common\null.wav
Error: Sound ~player\footsteps\new\land_rubber_03.wav failed to allocate a static channel and will not play
Error: Total static audio channels have been used: 96 32, common\null.wav 33, common\null.wav 34, common\null.wav 35, common\null.wav 36, common\null.wav 37, common\null.wav 38, common\null.wav 39, common\null.wav 40, common\null.wav 41, common\null.wav 42, common\null.wav 43, common\null.wav 44, common\null.wav 45, common\null.wav 46, common\null.wav 47, common\null.wav 48, common\null.wav 49, common\null.wav 50, common\null.wav 51, common\null.wav 52, common\null.wav 53, common\null.wav 54, common\null.wav 55, common\null.wav 56, common\null.wav 57, common\null.wav 58, common\null.wav 59, common\null.wav 60, common\null.wav 61, common\null.wav 62, common\null.wav 63, common\null.wav 64, common\null.wav 65, common\null.wav 66, common\null.wav 67, common\null.wav 68, common\null.wav 69, common\null.wav 70, common\null.wav 71, common\null.wav 72, common\null.wav 73, common\null.wav 74, common\null.wav 75, common\null.wav 76, common\null.wav 77, common\null.wav 78, common\null.wav 79, common\null.wav 80, common\null.wav 81, common\null.wav 82, common\null.wav 83, common\null.wav 84, common\null.wav 85, common\null.wav 86, common\null.wav 87, common\null.wav 88, common\null.wav 89, common\null.wav 90, common\null.wav 91, common\null.wav 92, common\null.wav 93, common\null.wav 94, common\null.wav 95, common\null.wav 96, common\null.wav 97, common\null.wav 98, common\null.wav 99, common\null.wav 100, common\null.wav 101, common\null.wav 102, common\null.wav 103, common\null.wav 104, common\null.wav 105, common\null.wav 106, common\null.wav 107, common\null.wav 108, common\null.wav 109, common\null.wav 110, common\null.wav 111, common\null.wav 112, common\null.wav 113, common\null.wav 114, common\null.wav 115, common\null.wav 116, common\null.wav 117, common\null.wav 118, common\null.wav 119, common\null.wav 120, common\null.wav 121, common\null.wav 122, common\null.wav 123, common\null.wav 124, common\null.wav 125, common\null.wav 126, common\null.wav 127, common\null.wav
Error: Sound ~)player\land.wav failed to allocate a static channel and will not play

Ffs seriously? Wonder how long this is going to take to fix...

Yeah, a certain p2c added a "client lagger" which will crash servers. Been getting nailed all night.

any luck yet?

I am having problems too. Is there a working fix?

Same, some piece of shit did it on my server as well.
Some people really are worthless..

so.... we waiting for fix the problem. :?

btw.
This setinfofix (https://forums.alliedmods.net/showpost.php?p=2404189&postcount=22) is still required or the valve already repaired it?

I'll try to help.
However, do not know if this works.

Have no way to test.

https://github.com/IT-KiLLER/Exploit-FIX-2018-04-17

Updated.

They are using this apparently

https://hastebin.com/gufovomiju.cpp

I'll try to help.
However, do not know if this works.

Have no way to test.

https://github.com/IT-KiLLER/Exploit-FIX-2018-04-17

Updated.

This is banning regular players who are not doing the exploit

Can anyone check, if the plugin is fixing the problem?

//
btw.
This setinfofix (https://forums.alliedmods.net/showpost.php?p=2404189&postcount=22) is still required or the valve already repaired it?

This is banning regular players who are not doing the exploit

Does it stop the lag?
I've attached a version that doesn't ban.

Updated. Version 1.0.2
Test this version

https://github.com/IT-KiLLER/Exploit-FIX-2018-04-17/

Added: AddAmbientSoundHook

Removed: ban + logs

Updated. Version 1.0.2
Test this version

https://github.com/IT-KiLLER/Exploit-FIX-2018-04-17/

Added: AddAmbientSoundHook

Removed: ban + logs

Thank you for removing the ban, I am unsure if I've been targeted with this crash yet or not however I've placed this into my servers.

Thanks for your help towards the community. :bacon!:

Updated. Version 1.0.2
Test this version

https://github.com/IT-KiLLER/Exploit-FIX-2018-04-17/

Added: AddAmbientSoundHook

Removed: ban + logs

Performing testing with the actual crash, the actual null.wav audio file isn't detected by either AddNormalSoundHook or AddAmbientSoundHook.

I wrote both of the hooks to constantly output what sounds were hooking through them and the actual null.wav doesn't actually ever get detected by either hook.

Thank you for removing the ban, I am unsure if I've been targeted with this crash yet or not however I've placed this into my servers.

Thanks for your help towards the community. :bacon!:

Thanks for your comment!:)

Performing testing with the actual crash, the actual null.wav audio file isn't detected by either AddNormalSoundHook or AddAmbientSoundHook.

I wrote both of the hooks to constantly output what sounds were hooking through them and the actual null.wav doesn't actually ever get detected by either hook.

Thank you for testing! I've reported the exploit to Valve. Will try to find a solution tomorrow.

the recent exploit works by spamming signonstate messages, causing server to send player_connect_full event to all connected players - client then emits Music.StopMenuMusic which translates to common/null.wav

https://i.ibb.co/bBrcWxK/ida.png

to fix it you should only allow one NETMsg_SignonState with signonstate in the packet you receive being SIGNONSTATE_FULL, some detouring might be required here not sure if sourcemod allows intercepting of arbitrary netmessages

This should fix the exploit for now until valve has an official patch. Automatically kicks clients abusing it. Let me know if you find any issues.

This should fix the exploit for now until valve has an official patch. Automatically kicks clients abusing it. Let me know if you find any issues.


Thank you for this man!!

This should fix the exploit for now until valve has an official patch. Automatically kicks clients abusing it. Let me know if you find any issues.

It works! Updated syntax and it now utilizes sourcebans for those who use it.

Is this exploit only for CS:GO or can it be used on TF2 as well?

Thought I would release this modified version.

Logs to a file when it kicks or bans somebody.
Checks if the connect event was sent more than once instead of checking for more than 5 times, realistically nobody legit will send it more than once, I tested it myself and its impossible to false trigger.
Added in the soundhooks because why not.
Added a check for somebody sending the connect event too early (aka not ingame)
Added cvar "sm_nwfix_ban" (Default 1) to ban player (Will use SourceBans if it exists and is running otherwise will ban normally.)
General rewrite and syntax update.

Is this exploit only for CS:GO or can it be used on TF2 as well?

yes sir its only on csgo

Hmm interesting, I wonder if this is the cause of some recent lag spikes I've been noticing on my servers.

Hmm interesting, I wonder if this is the cause of some recent lag spikes I've been noticing on my servers.
Yea its just aimware kiddies having fun with servers.

It works! Updated syntax and it now utilizes sourcebans for those who use it.

Thought I would release this modified version.

Logs to a file when it kicks or bans somebody.
Checks if the connect event was sent more than once instead of checking for more than 5 times, realistically nobody legit will send it more than once, I tested it myself and its impossible to false trigger.
Added in the soundhooks because why not.
Added a check for somebody sending the connect event too early (aka not ingame)
Added cvar "sm_nwfix_ban" (Default 1) to ban player (Will use SourceBans if it exists and is running otherwise will ban normally.)
General rewrite and syntax update.

thanks sneaK and Coder .. really nice stuff :bacon!::bacon!:
Thx

Let's hope for the best, bacon to you all! :bacon!:

Thought I would release this modified version.

Logs to a file when it kicks or bans somebody.
Checks if the connect event was sent more than once instead of checking for more than 5 times, realistically nobody legit will send it more than once, I tested it myself and its impossible to false trigger.
Added in the soundhooks because why not.
Added a check for somebody sending the connect event too early (aka not ingame)
Added cvar "sm_nwfix_ban" (Default 1) to ban player (Will use SourceBans if it exists and is running otherwise will ban normally.)
General rewrite and syntax update.


error log installed SourceBans 1.6.3
L 04/18/2018 - 06:30:04: SourceMod error session started
L 04/18/2018 - 06:30:04: Info (map "awp_lego_2") (file "errors_20180418.log")
L 04/18/2018 - 06:30:04: [SM] Unable to load plugin "nullwavefix.smx": Native "SourceBans_BanPlayer" was not found
L 04/18/2018 - 06:33:13: Error log file session closed.

Thought I would release this modified version.

Logs to a file when it kicks or bans somebody.
Checks if the connect event was sent more than once instead of checking for more than 5 times, realistically nobody legit will send it more than once, I tested it myself and its impossible to false trigger.
Added in the soundhooks because why not.
Added a check for somebody sending the connect event too early (aka not ingame)
Added cvar "sm_nwfix_ban" (Default 1) to ban player (Will use SourceBans if it exists and is running otherwise will ban normally.)
General rewrite and syntax update.


Tested in my server.
That did't work. :C

Ups, my fail.

That fully worked.

error log installed SourceBans 1.6.3
Hello, I had the same problem. It's because You have Sourceban and not Sourceban++, you can fix it by changing the native in the sp and compiling again - let me know if u need the updated files and i can pm it to you

Change -> SourceBans_BanPlayer(0, client, 0, "Attempted server crash exploit");
to -> SBBanPlayer(0, client, 0, "Attempted server crash exploit");

Hello, I had the same problem. It's because You have Sourceban and not Sourceban++, you can fix it by changing the native in the sp and compiling again - let me know if u need the updated files and i can pm it to you

Change -> SourceBans_BanPlayer(0, client, 0, "Attempted server crash exploit");
to -> SBBanPlayer(0, client, 0, "Attempted server crash exploit");

Thanks, already fixed

Hello, I had the same problem. It's because You have Sourceban and not Sourceban++, you can fix it by changing the native in the sp and compiling again - let me know if u need the updated files and i can pm it to you

Change -> SourceBans_BanPlayer(0, client, 0, "Attempted server crash exploit");
to -> SBBanPlayer(0, client, 0, "Attempted server crash exploit");

Here is the Files that works for Sourceban, use xCoderx files if its for SourceBans++

Here is the Files that works for Sourceban, use xCoderx files if its for SourceBans++

#include <sourcebanspp>

and

SBPP_BanPlayer(0, client, 0, "Attempted server crash exploit");

Good Job, thank you guys :bacon!:

Can someone explain why return Plugin_Changed over return Plugin_Continue;

Acording to the wiki, when modifying event data or blocking the broadcast, use plugin_continue; ?

Can anyone confirm it in other games. I have been noticing that exploits in CSGO tend to go hand in hand with the l4d2 engine.

Can someone explain why return Plugin_Changed over return Plugin_Continue;

Acording to the wiki, when modifying event data or blocking the broadcast, use plugin_continue; ?

Can anyone confirm it in other games. I have been noticing that exploits in CSGO tend to go hand in hand with the l4d2 engine.

Just an oversight really, It will work exactly the same as Plugin_Continue though.
If the game does have the event "player_connect_full" then it will be compatible with that game, whether the exploit exists in that game or not is a different question but you might as well run it to be on the safe side as it wont cause you any side effects even if it is not applicable, Hope that clears things up for you.

Just an oversight really, It will work exactly the same as Plugin_Continue though.
If the game does have the event "player_connect_full" then it will be compatible with that game, whether the exploit exists in that game or not is a different question but you might as well run it to be on the safe side as it wont cause you any side effects even if it is not applicable, Hope that clears things up for you.

Alright, thanks!

seems that even this plugin didnt fix this issue (at least on my servers) *talking about that one from xcoderx.

Or am I the only one who still got these problems?

added the plugin two days ago cause some kid start lagging the server with this red /null.wav huge spam in console.

common\null.wav 126, common\null.wav 127, common\null.wav
Error: Sound ~)player\land.wav failed to allocate a static channel and will not play
Error: Total static audio channels have been used: 96 32, common\null.wav 33, common\null.wav 34,

i use this https://forums.alliedmods.net/showpost.php?p=2588234&postcount=79 and it works fine. the kid (lagger) will be auto banned instantly.

L 04/18/2018 - 18:44:16: Banned property of bgl<64><STEAM_1:1:197557944><> for sending more than one player_connect_full event (Confirmed crash attempt)
L 04/19/2018 - 22:59:51: Banned drums1c <410><STEAM_1:0:217985038><> for sending more than one player_connect_full event (Confirmed crash attempt)

http://s8.picofile.com/file/8324157276/Untitled.png

this fixed ???

http://s8.picofile.com/file/8324157276/Untitled.png

this fixed ???

I have the same problem :(

I have the same problem :(

i install plugin nullwavefix but no fix :(

https://forums.alliedmods.net/showpost.php?p=2588234&postcount=79

edite: i find this problem:

see video:
http://s8.picofile.com/file/8324164300/video_3_.mp4.html

this is cheat aimware !!
option for client lagger :|

srry for bad speak english

Support for sb++ and materialadmin.
In the presence of a bans MA if MA no, but there are SB, using SB bans, if not both, then bans are the default way SM.

Support for sb++ and materialadmin.
In the presence of a bans MA if MA no, but there are SB, using SB bans, if not both, then bans are the default way SM.

Thank you

hello guys

my server got crashed I think this kids use Aimware

please help me

this is what i get on console

hello guys

my server got crashed I think this kids use Aimware

please help me

this is what i get on console

hello,

this is kind attacks, say me private message i help you.

hello,

this is kind attacks, say me private message i help you.

Can u just send here how to fix the problem?

Can u just send here how to fix the problem?


hello;

this is not exploit it is udp packet attacks we have you more problem say me private i can help.

– Fixed an exploit that impacted game server performance.

– Fixed an exploit that impacted game server performance.

YUP!! I also sent them a person email to their personal dev :nono:

http://blog.counter-strike.net/index.php/2018/04/20344/

Fast patch, nice.

https://www.reddit.com/r/GlobalOffensive/comments/8etch3/server_crasher_is_not_patched/

Sooo we got new exploits, but private for now.

The new exploit involves sending voice data and the code for it was just released publicly, so there will probably be another wave of people abusing it. The code that was released sends ~900 blank VoiceData messages at the framerate of the user.

https://www.youtube.com/watch?v=uHpWF9iqEUo

Video shows the exploit and has the source of the exploit in the description as well as a plugin that apparently blocks it.

https://www.youtube.com/watch?v=uHpWF9iqEUo

Video shows the exploit and has the source of the exploit in the description as well as a plugin that apparently blocks it.

I've combined the plugin from the video's description with the previous plugin released in this thread.

Edit: Added ConVar for max voice packets per second before banning.

Lol can someone explain it to me, why do you use this:

public Action RepeatingTimer(Handle timer)
{
for(int i = 1;i <= MAXPLAYERS; i++)
g_Count[i] = 0;

return Plugin_Continue;
}

public void KillTheTimer()
{
if(g_hTimer != INVALID_HANDLE)
{
KillTimer(g_hTimer);
g_hTimer = INVALID_HANDLE;
}
}

public void OnMapStart()
{
KillTheTimer();
g_bCheck = false;
for(int i = 1;i <= 64; i++)
g_Count[i] = 0;
}

public void OnRoundStart(Event event, const char[] name, bool dontBroadcast)
{
KillTheTimer();
g_hTimer = CreateTimer(1.0, RepeatingTimer, _, TIMER_REPEAT);
g_bCheck = true;
}

public void OnRoundEnd(Event event, const char[] name, bool dontBroadcast)
{
KillTheTimer();
g_bCheck = false;
for(int i = 1;i <= 64; i++)
g_Count[i] = 0;
}


when you can simply do this:

public void OnMapStart()
{
CreateTimer(1.0, ResetCount, _, TIMER_REPEAT | TIMER_FLAG_NO_MAPCHANGE);
}

public Action ResetCount(Handle timer)
{
for(int i = 1;i <= MaxClients; i++)
g_Count[i] = 0;

return Plugin_Continue;
}


?????

Lol can someone explain it to me, why do you use this:

I only briefly read over the code when updating it to new syntax, wasn't thinking to much about the logic of the timer. Just assumed they had their reasons and wanted to get a compiled plugin for people to use released. I agree, it seems a little redundant. I've edited my last post with updated code, was planning on doing it anyway later today.

@butare @Domino_ the plugin on the video was updated with different logic.

@butare @Domino_ the plugin on the video was updated with different logic.

What do you mean? Plugin on the video still uses weird way of using timer lol

What do you mean?public Action ResetCount(Handle:timer)
{
for(int i = 1;i <= MAXPLAYERS; i++)
g_Count[i] = 0;

return Plugin_Continue;
}

public OnPluginStart()
{
g_hTimer = CreateTimer(1.0, ResetCount, _, TIMER_REPEAT);
}

public OnMapStart()
{
if(g_hTimer == INVALID_HANDLE)
{
g_hTimer = CreateTimer(1.0, ResetCount, _, TIMER_REPEAT);
}
}

public OnMapEnd()
{
if(g_hTimer != INVALID_HANDLE)
{
KillTimer(g_hTimer);
g_hTimer = INVALID_HANDLE;
}
}Not sure how this is weird. Plugin starts the timer OnPluginStart and OnMapStart (if not already started). Timer stops OnMapEnd. If it is weird please contribute your amazing timer code rather than cry about it.

public Action ResetCount(Handle:timer)
{
for(int i = 1;i <= MAXPLAYERS; i++)
g_Count[i] = 0;

return Plugin_Continue;
}

public OnPluginStart()
{
g_hTimer = CreateTimer(1.0, ResetCount, _, TIMER_REPEAT);
}

public OnMapStart()
{
if(g_hTimer == INVALID_HANDLE)
{
g_hTimer = CreateTimer(1.0, ResetCount, _, TIMER_REPEAT);
}
}

public OnMapEnd()
{
if(g_hTimer != INVALID_HANDLE)
{
KillTimer(g_hTimer);
g_hTimer = INVALID_HANDLE;
}
}Not sure how this is weird. Plugin starts the timer OnPluginStart and OnMapStart (if not already started). Timer stops OnMapEnd. If it is weird please contribute your amazing timer code rather than cry about it.

I already did that :/


public void OnMapStart()
{
CreateTimer(1.0, ResetCount, _, TIMER_REPEAT | TIMER_FLAG_NO_MAPCHANGE);
}

public Action ResetCount(Handle timer)
{
for(int i = 1;i <= MaxClients; i++)
g_Count[i] = 0;

return Plugin_Continue;
}


And I'm not crying lol, please read what I wrote before start hate me without any reason lol

Tested, and this does not stop the crash exploit.

http://blog.counter-strike.net/index.php/2018/04/20400/

should be fixed

Another one huh, that one wouldn't have been to hard to find.

http://s8.picofile.com/file/8325139550/Unqqqtitled.png

hi guys,
this is attack or bug ??
how to fix ?

CSGO server lagger exploit might have migrated to Team Fortress 2 (https://forums.alliedmods.net/showthread.php?t=307293)

http://blog.counter-strike.net/index.php/2018/04/20400/

should be fixed

no fixed. i have this problem:
https://forums.alliedmods.net/showpost.php?p=2590296&postcount=123

This needs patching on all other games. I assume it can't be done without dhooks?

Edit: updated script. tickrate limit caused too many false positives on l4d2
Edit 2: removing tickerate limit. The exploit sends 128 packets per sec, so setting 92 as limit.


#pragma semicolon 1
#include <sourcemod>
#include <sdktools>
#include <voiceannounce_ex>
#pragma newdecls required

#define PATH "logs/voicedata_crashfix.log"
#define PLUGIN_VERSION "1.0.2"

ConVar maxVoicePackets;
ConVar punishment;

int g_voicePacketCount[MAXPLAYERS+1];
int iPunishMent;
int iMaxVoicePackets;

public Plugin myinfo =
{
name = "Voice Data Crash Fix",
author = "Ember & V1sual",
description = "Punishes players who are overflowing voice data to crash the server",
version = PLUGIN_VERSION,
url = ""
};

public void OnPluginStart()
{
punishment = CreateConVar("sm_voicedatafix_punishment", "1", "Punishment. 1 = Kick, 2 = Perm ban", _, true, 1.0, true, 2.0);
maxVoicePackets = CreateConVar("sm_voicedatafix_count", "92", "How many packets per second max?", FCVAR_PROTECTED);

iPunishMent = punishment.IntValue;
iMaxVoicePackets = maxVoicePackets.IntValue;

punishment.AddChangeHook(OnConVarHook);
maxVoicePackets.AddChangeHook(OnConVarHook);
}

public void OnConVarHook(ConVar cvar, const char[] oldVal, const char[] newVal)
{
if (cvar == punishment)
{
iPunishMent = cvar.IntValue;
}
else if (cvar == maxVoicePackets)
{
iMaxVoicePackets = cvar.IntValue;
}
}

public void OnMapStart()
{
CreateTimer(1.0, ResetCount, _, TIMER_REPEAT|TIMER_FLAG_NO_MAPCHANGE);
}

public Action ResetCount(Handle timer)
{
for (int i = 1; i <= MaxClients; i++)
{
g_voicePacketCount[i] = 0;
}

return Plugin_Continue;
}

public void OnClientSpeakingEx(int client)
{
if (++g_voicePacketCount[client] > iMaxVoicePackets)
{
SetClientListeningFlags(client, VOICE_MUTED);

char id[64], ip[32];

GetClientAuthId(client, AuthId_Steam2, id, sizeof(id));
GetClientIP(client, ip, sizeof(ip));

LogToPluginFile("%N (ID: %s | IP: %s) was %s for trying to crash the server with voice data overflow. Total packets: %i",
client,
id,
ip,
punishment.IntValue == 1 ? "kicked" : "banned",
g_voicePacketCount[client]);

switch (iPunishMent)
{
case 1:
{
if (!IsClientInKickQueue(client))
{
KickClient(client, "Voice data overflow detected!");
}
}
case 2:
{
ServerCommand("sm_ban #%d 0 \"Voice data overflow detected!\"", GetClientUserId(client));
}
}
}
}

stock void LogToPluginFile(const char[] format, any:...)
{
char f_sBuffer[1024], f_sPath[1024];
VFormat(f_sBuffer, sizeof(f_sBuffer), format, 2);
BuildPath(Path_SM, f_sPath, sizeof(f_sPath), PATH);
LogToFile(f_sPath, "%s", f_sBuffer);
}

Mee too

Msg from 213.226.222.119:1641: CCLCMsg_VoiceData rejected by msg bind (89 bytes)
Msg from 213.226.222.119:1641: CCLCMsg_VoiceData rejected by msg bind (89 bytes)
Msg from 213.226.222.119:1641: CCLCMsg_VoiceData rejected by msg bind (154 bytes)
Msg from 213.226.222.119:1641: CCLCMsg_VoiceData rejected by msg bind (88 bytes)
Msg from 213.226.222.119:1641: CCLCMsg_VoiceData rejected by msg bind (154 bytes)
Msg from 213.226.222.119:1641: CCLCMsg_VoiceData rejected by msg bind (88 bytes)
Msg from 213.226.222.119:1641: CCLCMsg_VoiceData rejected by msg bind (88 bytes)
Msg from 213.226.222.119:1641: CCLCMsg_VoiceData rejected by msg bind (89 bytes)
Msg from 213.226.222.119:1641: CCLCMsg_VoiceData rejected by msg bind (155 bytes)
Msg from 213.226.222.119:1641: CCLCMsg_VoiceData rejected by msg bind (155 bytes)

Mee too

Msg from 213.226.222.119:1641: CCLCMsg_VoiceData rejected by msg bind (89 bytes)
Msg from 213.226.222.119:1641: CCLCMsg_VoiceData rejected by msg bind (89 bytes)
Msg from 213.226.222.119:1641: CCLCMsg_VoiceData rejected by msg bind (154 bytes)
Msg from 213.226.222.119:1641: CCLCMsg_VoiceData rejected by msg bind (88 bytes)
Msg from 213.226.222.119:1641: CCLCMsg_VoiceData rejected by msg bind (154 bytes)
Msg from 213.226.222.119:1641: CCLCMsg_VoiceData rejected by msg bind (88 bytes)
Msg from 213.226.222.119:1641: CCLCMsg_VoiceData rejected by msg bind (88 bytes)
Msg from 213.226.222.119:1641: CCLCMsg_VoiceData rejected by msg bind (89 bytes)
Msg from 213.226.222.119:1641: CCLCMsg_VoiceData rejected by msg bind (155 bytes)
Msg from 213.226.222.119:1641: CCLCMsg_VoiceData rejected by msg bind (155 bytes)

my server time out and disconnect all players
with this error :(

My servers still crashing with this exploid ...CCLCMsg_VoiceData ... valve not fix them...

My servers still crashing with this exploid ...CCLCMsg_VoiceData ... valve not fix them...

Did you update ur server? Can you type "version" in server console, and copy paste info here?

Protocol version 13634 [668/668]
Exe version 1.36.3.4 (csgo)
Exe build: 11:03:17 May 8 2018 (7082) (730)

same on all my servers

some console logs:

Msg from 84.47.87.167:27005: CCLCMsg_VoiceData rejected by msg bind (538 bytes)
Msg from 84.47.87.167:27005: CCLCMsg_VoiceData rejected by msg bind (538 bytes)
Msg from 85.207.247.232:8890: CCLCMsg_VoiceData rejected by msg bind (346 bytes)
Msg from 85.207.247.232:8890: CCLCMsg_VoiceData rejected by msg bind (88 bytes)
Client "❤Aka"PandaS❤/Денис" connected (212.80.64.22:27005).
**** WARNING: Watchdog timer exceeded, aborting!
Wrote minidump to: /hlserver/27563/csgo/addons/sourcemod/data/dumps/2c7ff6da-3f85-6e65-2ed3d89f-39cc9071.dmp

Msg from 109.202.68.114:27005: CCLCMsg_VoiceData rejected by msg bind (88 bytes)
Msg from 109.202.68.114:27005: CCLCMsg_VoiceData rejected by msg bind (538 bytes)
Dropped 1MP0SS1BŁ€ from server: Disconnect
Wrote minidump to: /hlserver/27654/csgo/addons/sourcemod/data/dumps/0e0e93e6-6dd7-9637-6c1407e5-071d073b.dmp

Msg from 95.105.244.216:27005: CCLCMsg_VoiceData rejected by msg bind (89 bytes)
Msg from 95.105.244.216:27005: CCLCMsg_VoiceData rejected by msg bind (89 bytes)
Msg from 95.105.244.216:27005: CCLCMsg_VoiceData rejected by msg bind (155 bytes)
Client "S.E_Samurai-" connected (79.141.244.248:5967).
213.175.52.62:27005:reconnect
213.175.52.62:27005:reconnect
Dropped The Kalvinator :D from server: Connection closing
Client "The Kalvinator :D" connected (213.175.52.62:27005).
Dropped RefLeX | Pvpro.com from server: Disconnect
PutClientInServer: no info_player_start on level
Dropped Mr.Orlicek from server: Mr.Orlicek timed out
Dropped ax895 pvpro.com from server: ax895 pvpro.com timed out
Wrote minidump to: /hlserver/27654/csgo/addons/sourcemod/data/dumps/5e1ea127-7820-d958-728f4ce5-66e914dd.dmp

Well yeah, ur server is updated, I thought that exploit was fixed.... uhh

Valve fixed only sound exploid (null.wav) but this voice exploit no ...

Valve fixed only sound exploid (null.wav) but this voice exploit no ...

yes. i have this problem !!!

Protocol version 13634 [668/668]
Exe version 1.36.3.4 (csgo)
Exe build: 11:03:17 May 8 2018 (7082) (730)

same on all my servers

some console logs:

Msg from 84.47.87.167:27005: CCLCMsg_VoiceData rejected by msg bind (538 bytes)
Msg from 84.47.87.167:27005: CCLCMsg_VoiceData rejected by msg bind (538 bytes)
Msg from 85.207.247.232:8890: CCLCMsg_VoiceData rejected by msg bind (346 bytes)
Msg from 85.207.247.232:8890: CCLCMsg_VoiceData rejected by msg bind (88 bytes)
Client "❤Aka"PandaS❤/Денис" connected (212.80.64.22:27005).
**** WARNING: Watchdog timer exceeded, aborting!
Wrote minidump to: /hlserver/27563/csgo/addons/sourcemod/data/dumps/2c7ff6da-3f85-6e65-2ed3d89f-39cc9071.dmp

Msg from 109.202.68.114:27005: CCLCMsg_VoiceData rejected by msg bind (88 bytes)
Msg from 109.202.68.114:27005: CCLCMsg_VoiceData rejected by msg bind (538 bytes)
Dropped 1MP0SS1BŁ€ from server: Disconnect
Wrote minidump to: /hlserver/27654/csgo/addons/sourcemod/data/dumps/0e0e93e6-6dd7-9637-6c1407e5-071d073b.dmp

Msg from 95.105.244.216:27005: CCLCMsg_VoiceData rejected by msg bind (89 bytes)
Msg from 95.105.244.216:27005: CCLCMsg_VoiceData rejected by msg bind (89 bytes)
Msg from 95.105.244.216:27005: CCLCMsg_VoiceData rejected by msg bind (155 bytes)
Client "S.E_Samurai-" connected (79.141.244.248:5967).
213.175.52.62:27005:reconnect
213.175.52.62:27005:reconnect
Dropped The Kalvinator :D from server: Connection closing
Client "The Kalvinator :D" connected (213.175.52.62:27005).
Dropped RefLeX | Pvpro.com from server: Disconnect
PutClientInServer: no info_player_start on level
Dropped Mr.Orlicek from server: Mr.Orlicek timed out
Dropped ax895 pvpro.com from server: ax895 pvpro.com timed out
Wrote minidump to: /hlserver/27654/csgo/addons/sourcemod/data/dumps/5e1ea127-7820-d958-728f4ce5-66e914dd.dmp


Interesting, the previous exploits for voice and signon state spam only lagged the servers but didn't actually cause them to have an unhanded exception. Do you have any crash dumps (preferably with accelerator link) ?

e.g.

https://crash.limetech.org/iontqjlyblsd
https://crash.limetech.org/exm5r5fmbelc
https://crash.limetech.org/k3mxqmp3fsbu
https://crash.limetech.org/kohem33id7f2
https://crash.limetech.org/jwtmfsd3vyv3

I get these on my servers but no crashes/lag. Seem to come from common players too

I get these on my servers but no crashes/lag. Seem to come from common players too

same here.

If it isn't fixed, try run the script I posted or the other 2 scripts for the same thing. You need dhooks + voicehook_ex + the plugin.
I've had 2 false positives so far on L4D2. (92 packets - 1 sec, 30 tickrate).

e.g.

https://crash.limetech.org/iontqjlyblsd
https://crash.limetech.org/exm5r5fmbelc
https://crash.limetech.org/k3mxqmp3fsbu
https://crash.limetech.org/kohem33id7f2
https://crash.limetech.org/jwtmfsd3vyv3

I have THE SAME crash log. Are u sure it's an exploit crash?

Protocol version 13634 [668/668]
Exe version 1.36.3.4 (csgo)
Exe build: 11:03:17 May 8 2018 (7082) (730)

same on all my servers

some console logs:

Msg from 84.47.87.167:27005: CCLCMsg_VoiceData rejected by msg bind (538 bytes)
Msg from 84.47.87.167:27005: CCLCMsg_VoiceData rejected by msg bind (538 bytes)
Msg from 85.207.247.232:8890: CCLCMsg_VoiceData rejected by msg bind (346 bytes)
Msg from 85.207.247.232:8890: CCLCMsg_VoiceData rejected by msg bind (88 bytes)
Client "❤Aka"PandaS❤/Денис" connected (212.80.64.22:27005).
**** WARNING: Watchdog timer exceeded, aborting!
Wrote minidump to: /hlserver/27563/csgo/addons/sourcemod/data/dumps/2c7ff6da-3f85-6e65-2ed3d89f-39cc9071.dmp

Msg from 109.202.68.114:27005: CCLCMsg_VoiceData rejected by msg bind (88 bytes)
Msg from 109.202.68.114:27005: CCLCMsg_VoiceData rejected by msg bind (538 bytes)
Dropped 1MP0SS1BŁ€ from server: Disconnect
Wrote minidump to: /hlserver/27654/csgo/addons/sourcemod/data/dumps/0e0e93e6-6dd7-9637-6c1407e5-071d073b.dmp

Msg from 95.105.244.216:27005: CCLCMsg_VoiceData rejected by msg bind (89 bytes)
Msg from 95.105.244.216:27005: CCLCMsg_VoiceData rejected by msg bind (89 bytes)
Msg from 95.105.244.216:27005: CCLCMsg_VoiceData rejected by msg bind (155 bytes)
Client "S.E_Samurai-" connected (79.141.244.248:5967).
213.175.52.62:27005:reconnect
213.175.52.62:27005:reconnect
Dropped The Kalvinator :D from server: Connection closing
Client "The Kalvinator :D" connected (213.175.52.62:27005).
Dropped RefLeX | Pvpro.com from server: Disconnect
PutClientInServer: no info_player_start on level
Dropped Mr.Orlicek from server: Mr.Orlicek timed out
Dropped ax895 pvpro.com from server: ax895 pvpro.com timed out
Wrote minidump to: /hlserver/27654/csgo/addons/sourcemod/data/dumps/5e1ea127-7820-d958-728f4ce5-66e914dd.dmp

New Update CSGO But This Problem Dont fixed :((

http://blog.counter-strike.net/index.php/2018/05/20417/

Yep Valve still ignoring this exploid ....

Yep Valve still ignoring this exploid ....
Honestly the crash dumps are all over the place and mostly unique. This seems more like a server plugin related issue and not someone using an exploit on your server.. That message for rejected is printed in all csgo servers now when players talk too much and probably is unrelated to the crash.

Honestly the crash dumps are all over the place and mostly unique. This seems more like a server plugin related issue and not someone using an exploit on your server.. That message for rejected is printed in all csgo servers now when players talk too much and probably is unrelated to the crash.

Yep. The same thing, someone speak so long: console message. No crash. That was fixed succesfully.

please help me. my servers very very lag for this log:

CCLCMsg_HltvReplay & CCLCMsg_VoiceData

http://s9.picofile.com/file/8327762218/Untitled.png

i update all plugins and ext. use last sm 1.8.

this problem from csgo or sm ??

thank you

As was stated earlier, this has nothing to do with your crash issue.

please help me. my servers very very lag for this log:

CCLCMsg_HltvReplay & CCLCMsg_VoiceData

http://s9.picofile.com/file/8327762218/Untitled.png

i update all plugins and ext. use last sm 1.8.

this problem from csgo or sm ??

thank you

To be fair these messages probably do happen when the server is lagging but aren't the source to the lag. The clients talking on mic will continue to send voice packets and your server wont be processing them while its lagging like this. Once enough packets build up and the server starts to respond and process the voice data, the buffer will be really large. The large buffer size will ultimately make the server reject them and spew this warning message.

:|

how to fix??

http://s8.picofile.com/file/8328118792/Untidddtled.png

You have to do some type of telemetry work on your server to find out what functions are taking a long time to return to normal processing. List all the mods you have running. You can try unloading clusters of mods for a period of time and slowly load 1 by 1 until the problem occurs again to narrow it down to the plugin causing the issue.

did someone find solution ?

OMG, I spent HOURS looking to see what was causing my servers to crash.
I noticed a SPAM of these logs
Msg from 166.170.53.161:22100: clc_VoiceData msg rejected (102 bytes)

Apparently, you guys are suffering from it too. I run TF2 btw.

Any fix for this exploit?

This needs patching on all other games. I assume it can't be done without dhooks?

Edit: updated script. tickrate limit caused too many false positives on l4d2
Edit 2: removing tickerate limit. The exploit sends 128 packets per sec, so setting 92 as limit.


#pragma semicolon 1
#include <sourcemod>
#include <sdktools>
#include <voiceannounce_ex>
#pragma newdecls required

#define PATH "logs/voicedata_crashfix.log"
#define PLUGIN_VERSION "1.0.2"

ConVar maxVoicePackets;
ConVar punishment;

int g_voicePacketCount[MAXPLAYERS+1];
int iPunishMent;
int iMaxVoicePackets;

public Plugin myinfo =
{
name = "Voice Data Crash Fix",
author = "Ember & V1sual",
description = "Punishes players who are overflowing voice data to crash the server",
version = PLUGIN_VERSION,
url = ""
};

public void OnPluginStart()
{
punishment = CreateConVar("sm_voicedatafix_punishment", "1", "Punishment. 1 = Kick, 2 = Perm ban", _, true, 1.0, true, 2.0);
maxVoicePackets = CreateConVar("sm_voicedatafix_count", "92", "How many packets per second max?", FCVAR_PROTECTED);

iPunishMent = punishment.IntValue;
iMaxVoicePackets = maxVoicePackets.IntValue;

punishment.AddChangeHook(OnConVarHook);
maxVoicePackets.AddChangeHook(OnConVarHook);
}

public void OnConVarHook(ConVar cvar, const char[] oldVal, const char[] newVal)
{
if (cvar == punishment)
{
iPunishMent = cvar.IntValue;
}
else if (cvar == maxVoicePackets)
{
iMaxVoicePackets = cvar.IntValue;
}
}

public void OnMapStart()
{
CreateTimer(1.0, ResetCount, _, TIMER_REPEAT|TIMER_FLAG_NO_MAPCHANGE);
}

public Action ResetCount(Handle timer)
{
for (int i = 1; i <= MaxClients; i++)
{
g_voicePacketCount[i] = 0;
}

return Plugin_Continue;
}

public void OnClientSpeakingEx(int client)
{
if (++g_voicePacketCount[client] > iMaxVoicePackets)
{
SetClientListeningFlags(client, VOICE_MUTED);

char id[64], ip[32];

GetClientAuthId(client, AuthId_Steam2, id, sizeof(id));
GetClientIP(client, ip, sizeof(ip));

LogToPluginFile("%N (ID: %s | IP: %s) was %s for trying to crash the server with voice data overflow. Total packets: %i",
client,
id,
ip,
punishment.IntValue == 1 ? "kicked" : "banned",
g_voicePacketCount[client]);

switch (iPunishMent)
{
case 1:
{
if (!IsClientInKickQueue(client))
{
KickClient(client, "Voice data overflow detected!");
}
}
case 2:
{
ServerCommand("sm_ban #%d 0 \"Voice data overflow detected!\"", GetClientUserId(client));
}
}
}
}

stock void LogToPluginFile(const char[] format, any:...)
{
char f_sBuffer[1024], f_sPath[1024];
VFormat(f_sBuffer, sizeof(f_sBuffer), format, 2);
BuildPath(Path_SM, f_sPath, sizeof(f_sPath), PATH);
LogToFile(f_sPath, "%s", f_sBuffer);
}


Anyone try this plugin to patch the Msg from clc_VoiceData msg rejected exploit?

Is this needed still? I got a false positive kick.

Disconnect: Attempted server crash exploit.
Disconnect: Attempted server crash exploit.

L 09/11/2018 - 11:25:19: Banned krEJZi<4><STEAM_*><> for sending more than one player_connect_full event (Confirmed crash attempt)

Thats me, and I know I didnt use any exploit on my own server.

Using:
03 "NullWave Crash Fix Old SourceBans" (0.2.1) by backwards, IT-KiLLER, SM9();

I believe you can safely remove these plugins.

null.wav exploit it's back guys, https://forums.alliedmods.net/showthread.php?t=311968, old nullwavefix.smx isn't working anymore.

null.wav exploit it's back guys, https://forums.alliedmods.net/showthread.php?t=311968, old nullwavefix.smx isn't working anymore.

It's not the same exploit, it's just a filename path they used. They could use any filename path and have the same affect.

How to fix this Msg from 83.25.111.19:27005: CCLCMsg_VoiceData rejected by msg bind (154 bytes)

Well I've been getting this error for a long time time, my servers are not crashing, but it is causing players to get a "voice error" and are being disconnected when they talk in-game. Random shit cant find a fix for it.

Tends to happen more if a DB lags when sending / receiving information.

Basically a player talking in-game then DB lag then player disconnected then "Voice error" disconnect msg.


Msg from 197.101.94.33:27005: CCLCMsg_VoiceData rejected by msg bind (88 bytes)
Dropped ѕнoprιтe pacĸeт from server: Voice Error

Hello,

Does any plugin works for;

SendNetMsg stream[netchan_t::reliabledata] buffer overflow (maxsize = 4000)!

What I need to do for that?

Thank you.

hi all, help me analyse this log

Error parsing BotProfile.db - unknown attribute 'Rank'
Client "поскорее бы сдохнуть" connected (IP:27005).
PutClientInServer: no info_player_start on level
Dropped поскорее бы сдохнуть from server: Disconnect
-> Reservation cookie 0: reason reserved(yes), clients(no), reservationexpires(0.00)


Player was disconnected by itself?

IP rate limiting client 115.79.218.250:35411 at 98 hits (12 buckets, 66 global count).
Msg from 123.16.61.165:27005: CCLCMsg_VoiceData rejected by msg bind (89 bytes)
Msg from 123.16.61.165:27005: CCLCMsg_VoiceData rejected by msg bind (89 bytes)
Msg from 123.16.61.165:27005: CCLCMsg_VoiceData rejected by msg bind (155 bytes)
Msg from 123.16.61.165:27005: CCLCMsg_VoiceData rejected by msg bind (89 bytes)
Msg from 123.16.61.165:27005: CCLCMsg_VoiceData rejected by msg bind (89 bytes)

It's back ?
my servers being attacked?

IP rate limiting client 115.79.218.250:35411 at 98 hits (12 buckets, 66 global count).
Msg from 123.16.61.165:27005: CCLCMsg_VoiceData rejected by msg bind (89 bytes)
Msg from 123.16.61.165:27005: CCLCMsg_VoiceData rejected by msg bind (89 bytes)
Msg from 123.16.61.165:27005: CCLCMsg_VoiceData rejected by msg bind (155 bytes)
Msg from 123.16.61.165:27005: CCLCMsg_VoiceData rejected by msg bind (89 bytes)
Msg from 123.16.61.165:27005: CCLCMsg_VoiceData rejected by msg bind (89 bytes)

It's back ?
my servers being attacked?

Here

https://forums.alliedmods.net/showpost.php?p=2686176&postcount=1

Or

https://forums.alliedmods.net/showpost.php?p=2590840&postcount=126

Here

https://forums.alliedmods.net/showpost.php?p=2686176&postcount=1

Or

https://forums.alliedmods.net/showpost.php?p=2590840&postcount=126

so.....
we still need these fix? I though Valve fixed it already ?....

so.....
we still need these fix? I though Valve fixed it already ?....

Ignore whese messages. Messages comes then someone is talking. What's all.

So it seems this voice data exploit still exist and also affect Counter-strike:Source.

Some people call it "mass disconnect [CS:S v34]"

I've tried this method:
https://forums.alliedmods.net/showpost.php?p=2590840&postcount=126

and it actually works. It bans the flooder. The only problem is that it makes people lag in-game when someone starts to talk.

Anyone know if there's a way to get around this? or maybe using another plugin?

So it seems this voice data exploit still exist and also affect Counter-strike:Source.

Some people call it "mass disconnect [CS:S v34]"

I've tried this method:
https://forums.alliedmods.net/showpost.php?p=2590840&postcount=126

and it actually works. It bans the flooder. The only problem is that it makes people lag in-game when someone starts to talk.

Anyone know if there's a way to get around this? or maybe using another plugin?

Well I finally got it working. Seems it was related to the dhook version.

Well if anyone else runs into the same problem here's the links to the working files:

https://github.com/peace-maker/DHooks2/releases/download/v2.2.0-detours16/dhooks-2.2.0-detours16-sm110.zip

https://github.com/Franc1sco/VoiceAnnounceEX/archive/master.zip

EDIT:

Compiled version of the code from here(https://forums.alliedmods.net/showpost.php?p=2590840&postcount=126) included.

Well I finally got it working. Seems it was related to the dhook version.

Well if anyone else runs into the same problem here's the links to the working files:

https://github.com/peace-maker/DHooks2/releases/download/v2.2.0-detours16/dhooks-2.2.0-detours16-sm110.zip

https://github.com/Franc1sco/VoiceAnnounceEX/archive/master.zip

where's the source code?

where's the source code?

Ahhhh thought it was clear...
It's just a compiled version of the code included from the source code:
https://forums.alliedmods.net/showpost.php?p=2590840&postcount=126

..as mentioned in the post. All the sourcecode is there.

people are doing this on L4D/L4D2 servers come on valve really

I will suppose that this is a legit ban as this is the first person that got banned for that since i installed it (3 weeks).

I did plenty of tests my self (loud sounds / mic key pushed for minutes) and i could never got at more than max 64 packets by seconds on left 4 dead 2.


L 10/17/2022 - 20:36:01: [voicedataexploit.smx | 1.0.2] Player (ID: *** | IP: ***) banned for crash attempt with voice data overflow (Total packets: 93)
Map: c8m1_apartment | Origin: 2122 1186 24 | Angles: 6 80 0 | Weapon: weapon_shotgun_chrome | Team: 2 | Latency: 51ms
L 10/17/2022 - 20:36:01: [voicedataexploit.smx | 1.0.2] Player (ID: *** | IP: ***) banned for crash attempt with voice data overflow (Total packets: 94)
Map: c8m1_apartment | Origin: 2122 1186 24 | Angles: 6 80 0 | Weapon: weapon_shotgun_chrome | Team: 2 | Latency: 51ms
L 10/17/2022 - 20:36:01: [voicedataexploit.smx | 1.0.2] Player (ID: *** | IP: ***) banned for crash attempt with voice data overflow (Total packets: 95)
Map: c8m1_apartment | Origin: 2122 1186 24 | Angles: 6 80 0 | Weapon: weapon_shotgun_chrome | Team: 2 | Latency: 51ms
L 10/17/2022 - 20:36:01: [voicedataexploit.smx | 1.0.2] Player (ID: *** | IP: ***) banned for crash attempt with voice data overflow (Total packets: 96)
Map: c8m1_apartment | Origin: 2122 1186 24 | Angles: 6 80 0 | Weapon: weapon_shotgun_chrome | Team: 2 | Latency: 51ms
L 10/17/2022 - 20:36:01: [voicedataexploit.smx | 1.0.2] Player (ID: *** | IP: ***) banned for crash attempt with voice data overflow (Total packets: 97)
Map: c8m1_apartment | Origin: 2122 1186 24 | Angles: 6 80 0 | Weapon: weapon_shotgun_chrome | Team: 2 | Latency: 51ms
L 10/17/2022 - 20:36:01: [voicedataexploit.smx | 1.0.2] Player (ID: *** | IP: ***) banned for crash attempt with voice data overflow (Total packets: 98)
Map: c8m1_apartment | Origin: 2122 1186 24 | Angles: 6 80 0 | Weapon: weapon_shotgun_chrome | Team: 2 | Latency: 51ms


I watched the demo and the player activate voice when he got grabed by infected but we don't hear anything (it last one second), which tend to make it suspect this look like a rage crash attempt. The player seemed to run with very low cmd rate or fps but i don't think it matters. It shows nothing in server logs but it is not a surprise, most of these intentional server crash never appear.

Maybe it will be better to simply mute the player if his voice data overflow? It seems to trigger false positives sometimes, not sure why and how.