AlliedModders - [CSGO] Server Crasher Exploit Patch [3/20/2020]

AlliedModders (https://forums.alliedmods.net/index.php)

- Unapproved Plugins (https://forums.alliedmods.net/forumdisplay.php?f=109)

- - [CSGO] Server Crasher Exploit Patch [3/20/2020] (https://forums.alliedmods.net/showthread.php?t=322222)

[CSGO] Server Crasher Exploit Patch [3/20/2020]

This plugin is no longer needed for csgo and should be uninstalled if currenlty installed to prevent server crashes.

This exploit has been patched in csgo with the recent update:

PHP Code:


		
			
Exe version 1.37.4.5 (csgo)

Exe build: 14:10:24 Mar 19 2020 (7803) (730)

This affects all source sdk2013 based games and csgo.
This patch is only for csgo linux and windows servers.
The sdk2013 based patchs will come at a later time.

Installation:
add "ExploitFix_3_20_2020.txt" to your servers "csgo\addons\sourcemod\gamedata\" directory.
add "ExploitFix_3_20_2020.smx" to your servers "csgo\addons\sourcemod\plugins\" directory.

*NOTE* This hasn't been extensively tested yet and may show unknown net messages in your server console when an attacker trys to exploit it.

Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]

I think for your own good it'd be better to send this to Valve via HackerOne; they'd definitely compensate.
Great release!

Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]

Valve's already aware of this, the hackerone report was marked as a duplicate from an ancient report that is greater than a year old. Sometimes it takes them a while to patch these, the RCE I submited 1.3 years ago still hasn't been resolved.

Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]

super useful. nice job!

Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]

Thanks for these. Just got my servers crashed today so I installed both. :P

Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]

Thanks a lot for a quick fix!

Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]

Really appreciate your work on this exploit + the previous one everyone else knows about. I think we recently spoke regarding these and the H1 RCE Exploit you submitted awhile back. Thanks Norway!

Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]

L 03/21/2020 - 12:15:43: [SM] Call stack trace:
L 03/21/2020 - 12:15:43: [SM] [0] LoadGameConfigFile
L 03/21/2020 - 12:15:43: [SM] [1] Line 16, /home/forums/content/files/2/4/6/0/2/9/180250.attach::OnPluginStart
L 03/21/2020 - 12:15:43: [SM] Unable to load plugin "ExploitFix_3_20_2020.smx": Error detected in plugin startup (see error logs)
L 03/21/2020 - 12:15:43: [SM] Error parsing gameconfig file "/home/server2731/service5565/csgo/csgo/addons/sourcemod/gamedata/LagExploitFix_3_7_2020.txt":
L 03/21/2020 - 12:15:43: [SM] Error 1 on line 0, col 0: Stream failed to open

compiled on last sm 1.10

PLEASE HELPE!

EDIT:
because of being too dumb i forgot to upload the gamedata file, issue solved

Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]

Thanks for this buddy.

Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]

You've been hard a work lately, keep doing Gaben's work

Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]

Quote:

Originally Posted by backwards (Post 2687724)

*NOTE* This hasn't been extensively tested yet and may show unknown net messages in your server console when an attacker trys to exploit it.

This?

Code:

Netchannel: unknown net message (76) from {hidden attacker ip for privacity rules}:27005.

unknown message

 Dumping messages for channel p0s1t1v3({hidden attacker ip for privacity rules}:27005) 0x0x182fc170

Header bits 96, flags == 161

0 messages

Raw

PKT  >>  k.................`..... 6b0c0000 890e0000 a1f2a785 e8ffffff 100060d2 9a9afaff   

PKT  >>  [email protected] ff1f00a2 88f87f68 80fb4fc0 40108008 d09098c6 00001051   

PKT  >>  ...@........ `@X....CA|. 03000040 02000000 00000000 20604058 ac01b104 43417c80   

PKT  >>  a}.                      617df8                                                  

Netchannel: unknown net message (76) from {hidden attacker ip for privacity rules}:27005.

unknown message

 Dumping messages for channel p0s1t1v3({hidden attacker ip for privacity rules}:27005) 0x0x182fc170

Header bits 96, flags == 161

0 messages

Raw

PKT  >>  k.................`..... 6b0c0000 890e0000 a1f2a785 e8ffffff 100060d2 9a9afaff   

PKT  >>  [email protected] ff1f00a2 88f87f68 80fb4fc0 40108008 d09098c6 00001051   

PKT  >>  ...@........ `@X....CA|. 03000040 02000000 00000000 20604058 ac01b104 43417c80   

PKT  >>  a}.                      617df8                                                  

Netchannel: unknown net message (76) from {hidden attacker ip for privacity rules}:27005.

unknown message

 Dumping messages for channel p0s1t1v3({hidden attacker ip for privacity rules}:27005) 0x0x182fc170

Header bits 96, flags == 161

0 messages

Raw

PKT  >>  l........Qm.......`..... 6c0c0000 890e0000 a1516d85 e8ffffff 100060d2 9a9afaff   

PKT  >>  [email protected] ff1f00a2 88f87f68 80fb4fc0 40108008 d090a8c6 00003051   

PKT  >>  ...@........ `@X....C... 03000040 02000000 00000000 20604058 ac01f917 43e97f80   

PKT  >>  9..                      398df8                                                  

Netchannel: unknown net message (76) from {hidden attacker ip for privacity rules}:27005.

unknown message

 Dumping messages for channel p0s1t1v3({hidden attacker ip for privacity rules}:27005) 0x0x182fc170

Header bits 96, flags == 161

0 messages

Raw

PKT  >>  m........l........`..... 6d0c0000 8b0e0000 a16c9f85 e8ffffff 100060d2 9a9afaff   

PKT  >>  [email protected] ff1f00a2 88f87f68 80fb4fc0 40108008 d090b8c6 00005051   

PKT  >>  ...@........ `@h....C... 03000040 02000000 00000000 20604068 ac01c105 43b18480   

PKT  >>  ...                      898ef8                                                  

Netchannel: unknown net message (76) from {hidden attacker ip for privacity rules}:27005.

unknown message

 Dumping messages for channel p0s1t1v3({hidden attacker ip for privacity rules}:27005) 0x0x182fc170

Header bits 104, flags == 177

0 messages

Raw

PKT  >>  o......... ........`.... 6f0c0000 8f0e0000 b1112084 01e8ffff ff100060 d29a9afa   

PKT  >>  [email protected] ffff1f00 a288f87f 6880fb4f d0401080 10d0a0c8 c6000070   

PKT  >>  Q...@.......... [email protected].. 51030000 40020000 00000000 00000020 684088ac 0151b70e   

PKT  >>  @...q..                  40190e81 71aef8                                         

Netchannel: unknown net message (76) from {hidden attacker ip for privacity rules}:27005.

unknown message

 Dumping messages for channel p0s1t1v3({hidden attacker ip for privacity rules}:27005) 0x0x182fc170

Header bits 96, flags == 161

0 messages

Raw

PKT  >>  p......... .......`..... 700c0000 8f0e0000 a18c2084 e8ffffff 100060d2 9a9afaff   

PKT  >>  [email protected] ff1f00a2 88f87f68 80fb4fc0 40108008 d090e8c6 0000b051   

PKT  >>  ...@........ `@...a.B... 03000040 02000000 00000000 20604088 ac01619e 42a90d81   

PKT  >>  y..                      79f4f8                                                  

Netchannel: unknown net message (76) from {hidden attacker ip for privacity rules}:27005.

unknown message

 Dumping messages for channel p0s1t1v3({hidden attacker ip for privacity rules}:27005) 0x0x182fc170

Header bits 96, flags == 161

0 messages

Raw

PKT  >>  l........Qm.......`..... 6c0c0000 890e0000 a1516d85 e8ffffff 100060d2 9a9afaff   

PKT  >>  [email protected] ff1f00a2 88f87f68 80fb4fc0 40108008 d090a8c6 00003051   

PKT  >>  ...@........ `@X....C... 03000040 02000000 00000000 20604058 ac01f917 43e97f80   

PKT  >>  9..                      398df8                                                  

Netchannel: unknown net message (76) from {hidden attacker ip for privacity rules}:27005.

unknown message

 Dumping messages for channel p0s1t1v3({hidden attacker ip for privacity rules}:27005) 0x0x182fc170

Header bits 96, flags == 161

0 messages

Raw

PKT  >>  m........l........`..... 6d0c0000 8b0e0000 a16c9f85 e8ffffff 100060d2 9a9afaff   

PKT  >>  [email protected] ff1f00a2 88f87f68 80fb4fc0 40108008 d090b8c6 00005051   

PKT  >>  ...@........ `@h....C... 03000040 02000000 00000000 20604068 ac01c105 43b18480   

PKT  >>  ...                      898ef8                                                  

Netchannel: unknown net message (76) from {hidden attacker ip for privacity rules}:27005.

unknown message

 Dumping messages for channel p0s1t1v3({hidden attacker ip for privacity rules}:27005) 0x0x182fc170

Header bits 104, flags == 177

0 messages

Raw

PKT  >>  o......... ........`.... 6f0c0000 8f0e0000 b1112084 01e8ffff ff100060 d29a9afa   

PKT  >>  [email protected] ffff1f00 a288f87f 6880fb4f d0401080 10d0a0c8 c6000070   

PKT  >>  Q...@.......... [email protected].. 51030000 40020000 00000000 00000020 684088ac 0151b70e   

PKT  >>  @...q..                  40190e81 71aef8                                         

Netchannel: unknown net message (76) from {hidden attacker ip for privacity rules}:27005.

unknown message

 Dumping messages for channel p0s1t1v3({hidden attacker ip for privacity rules}:27005) 0x0x182fc170

Header bits 96, flags == 161

0 messages

Raw

PKT  >>  p......... .......`..... 700c0000 8f0e0000 a18c2084 e8ffffff 100060d2 9a9afaff   

PKT  >>  [email protected] ff1f00a2 88f87f68 80fb4fc0 40108008 d090e8c6 0000b051   

PKT  >>  ...@........ `@...a.B... 03000040 02000000 00000000 20604088 ac01619e 42a90d81   

PKT  >>  y..                      79f4f8  



Netchannel: failed reading message 8 from {hidden attacker ip for privacity rules}:27005.

Netchannel: failed reading message 8 from {hidden attacker ip for privacity rules}:27005.

Netchannel: failed reading message 8 from {hidden attacker ip for privacity rules}:27005.

Netchannel: failed reading message 8 from {hidden attacker ip for privacity rules}:27005.

Netchannel: failed reading message 8 from {hidden attacker ip for privacity rules}:27005.

Netchannel: failed reading message 8 from {hidden attacker ip for privacity rules}:27005.

Netchannel: failed reading message 8 from {hidden attacker ip for privacity rules}:27005.

Netchannel: failed reading message 8 from {hidden attacker ip for privacity rules}:27005.

Netchannel: failed reading message 8 from {hidden attacker ip for privacity rules}:27005.

Netchannel: failed reading message 8 from {hidden attacker ip for privacity rules}:27005.

One of the server where i help started to crash but when I did load your plugin then the crashes stopped. Thanks for the exploit patch, you are a life server saver :up:

After that he tried to lag the server with "rcon bad password" attacks with different ips but if you dont have sv_rcon_banpenalty to 0 then it dont produce lag. (so you should set it to a value > than 0).

Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]

exactly how to run exploit?

Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]

Quote:

Originally Posted by amx22 (Post 2687892)

exactly how to run exploit?

:lol::lol: No.

Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]

Quote:

Originally Posted by Silvers (Post 2687897)

:lol::lol: No.

no?

Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]

Fun side effect: Most cheats use crappy network breaking code(e.g. "fakelag") that triggers this message.
It's a good idea to log these and ban users that generate these messages en masse(4-10 at once), rather than patching the exploit. At least until an actual patch is pushed into the binaries.

Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]

Quote:

Originally Posted by Spirit532 (Post 2687905)

yup,a mass ban will come soon let those who use this program say goodbye to their accounts:twisted:
gaben is coming

Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]

A question, the logs that I posted here say the attacker, right? Or can be produced in another player? because i have the same logs for someone that usually play in the server but not sure if he really attacked.

Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]

Quote:

Originally Posted by Franc1sco (Post 2687912)

I've seen it happen to regulars before, but when someone is cheating it creates a lot more messages, and often. With regulars it happens very rarely, and the message groups are tiny, so probably just lag.

Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]

L 03/22/2020 - 14:44:25: [SM] Exception reported: Unnamed Signature Incorrect (2).
L 03/22/2020 - 14:44:25: [SM] Blaming: ExploitFix_3_20_2020.smx
L 03/22/2020 - 14:44:25: [SM] Call stack trace:
L 03/22/2020 - 14:44:25: [SM] [0] SetFailState
L 03/22/2020 - 14:44:25: [SM] [1] Line 44, /home/forums/content/files/2/4/6/0/2/9/180250.attach::OnPluginStart
[SM] Plugin ExploitFix_3_20_2020.smx failed to load: Error detected in plugin startup (see error logs)

Has somebody this error too?

Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]

Quote:

Originally Posted by NickFox007 (Post 2687991)

May be Valve Patched :grrr:

Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]

Quote:

Originally Posted by Spirit532 (Post 2687913)

Ok I banned to the player because it was appearing in the logs a lot (and only him) so I was attacking with this exploit. :facepalm:

Quote:

Originally Posted by NickFox007 (Post 2687991)

You uploaded the gamedata and your game is CS:GO? Linux or Windows?

Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]

Quote:

Originally Posted by Franc1sco (Post 2688030)

Ok I banned to the player because it was appearing in the logs a lot (and only him) so I was attacking with this exploit. :facepalm:

You uploaded the gamedata and your game is CS:GO? Linux or Windows?

I also got this error:

HTML Code:

L 03/23/2020 - 01:25:34: [SM] Exception reported: Unnamed Signature Incorrect (2).

L 03/23/2020 - 01:25:34: [SM] Blaming: ExploitFix_3_20_2020.smx

L 03/23/2020 - 01:25:34: [SM] Call stack trace:

L 03/23/2020 - 01:25:34: [SM]   [0] SetFailState

L 03/23/2020 - 01:25:34: [SM]   [1] Line 44, /home/forums/content/files/2/4/6/0/2/9/180250.attach::OnPluginStart

L 03/23/2020 - 01:25:34: [SM] Unable to load plugin "ExploitFix_3_20_2020.smx": Error detected in plugin startup (see error logs)

L 03/23/2020 - 01:25:36: [UPDATER] --- BEGIN ERRORS FROM AUTOMATIC UPDATER ---

L 03/23/2020 - 01:25:36: [UPDATER] Could not download "http://update.sourcemod.net/update/"

L 03/23/2020 - 01:25:36: [UPDATER] Error: The requested URL returned error: 502

L 03/23/2020 - 01:25:36: [UPDATER] --- END ERRORS FROM AUTOMATIC UPDATER ---

L 03/23/2020 - 01:25:47: Error log file session closed.

I have also uploaded gamedata!

Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]

This plugin is no longer needed for csgo and should be uninstalled if currenlty installed to prevent server crashes.

This exploit has been patched in csgo with the recent update:

PHP Code:


		
			
Exe version 1.37.4.5 (csgo)

Exe build: 14:10:24 Mar 19 2020 (7803) (730)

Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]

By Valve Patched Crash Server Method pls Post Delete. ;))):)

Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]

someone still keeps crashing my servers

also a question should we delete all fixes for crashes?
likt this one or this one
or this ?

should we delete all of them to avoid random crashes?

Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]

Quote:

Originally Posted by eliteroyal (Post 2688202)

someone still keeps crashing my servers

also a question should we delete all fixes for crashes?
likt this one or this one
or this ?

should we delete all of them to avoid random crashes?

The nullwave and movement crashes were patched a long time ago. The only security plugins for csgo you currently need from me would be these 2:

https://forums.alliedmods.net/showthread.php?t=321932
https://forums.alliedmods.net/showthread.php?t=317120

Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]

Hello, This exploit was not paired in l4d2, my question is Can this plugin solve the problem?

PHP Code:


		
			
*********. b3b0b632 050088e9 ed6ead2c 0fa4ce0d 2eac6eae 8c0c840e

PKT >> ..*********,*********.L..bz*********[+*********.*********s*********.******************+# ad0ce42c acad4c01 00627abb 5b2bcb03 a973830b ab9b2b23

PKT >> .*********C+.9.k+S...*********************************************@********************************************* 03a1432b 03390b6b 2b530080 98deeed6 caf240ea dce0c2ea

PKT >> ***************************@***************************@************************************.. *********************************************<.:7 e6cac840 e8d0ca40 cec2daca 140020a6 b7bbb5b2 3c903a37

PKT >> ************************************22.:*********2.***************************2...******************n.,. b8b0bab9 3232103a b43290b3 b0b63205 0088e9ed 6ead2c0f

PKT >> ******************..*********n******************.*********...*********,*********.L..bz*********[ a4ce0d2e ac6eae8c 0c840ead 0ce42cac ad4c0100 627abb5b

PKT >> +*********.*********s*********.******************+#.*********C+.9.k+S... 2bcb03a9 73830bab 9b2b2303 a1432b03 390b6b2b 53008098

PKT >> *********************************************@************************************************************************@***************************@************************************. deeed6ca f240eadc e0c2eae6 cac840e8 d0ca40ce c2daca14

PKT >> . *********************************************<.:7************************************22.:*********2.****************** 0020a6b7 bbb5b23c 903a37b8 b0bab932 32103ab4 3290b3b0

PKT >> *********2...******************n.,.******************..*********n******************.*********... b6320500 88e9ed6e ad2c0fa4 ce0d2eac 6eae8c0c 840ead0c

PKT >> *********,*********.L..bz*********[+*********.*********s*********.******************+#.********* e42cacad 4c010062 7abb5b2b cb03a973 830bab9b 2b2303a1

PKT >> C+.9.k+S...*********************************************@***************************************************************

This came out on the console and then crashed the server today 21/05 - L4D2