[CSGO] Server Crasher Exploit Patch [3/20/2020]
2 Attachment(s)
This plugin is no longer needed for csgo and should be uninstalled if currenlty installed to prevent server crashes.
This exploit has been patched in csgo with the recent update: PHP Code:
This patch is only for csgo linux and windows servers. The sdk2013 based patchs will come at a later time. Installation: add "ExploitFix_3_20_2020.txt" to your servers "csgo\addons\sourcemod\gamedata\" directory. add "ExploitFix_3_20_2020.smx" to your servers "csgo\addons\sourcemod\plugins\" directory. *NOTE* This hasn't been extensively tested yet and may show unknown net messages in your server console when an attacker trys to exploit it. |
Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]
I think for your own good it'd be better to send this to Valve via HackerOne; they'd definitely compensate.
Great release! |
Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]
Valve's already aware of this, the hackerone report was marked as a duplicate from an ancient report that is greater than a year old. Sometimes it takes them a while to patch these, the RCE I submited 1.3 years ago still hasn't been resolved.
|
Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]
super useful. nice job!
|
Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]
Thanks for these. Just got my servers crashed today so I installed both. :P
|
Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]
Thanks a lot.
|
Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]
Thanks a lot for a quick fix!
|
Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]
Really appreciate your work on this exploit + the previous one everyone else knows about. I think we recently spoke regarding these and the H1 RCE Exploit you submitted awhile back. Thanks Norway!
|
Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]
L 03/21/2020 - 12:15:43: [SM] Call stack trace:
L 03/21/2020 - 12:15:43: [SM] [0] LoadGameConfigFile L 03/21/2020 - 12:15:43: [SM] [1] Line 16, /home/forums/content/files/2/4/6/0/2/9/180250.attach::OnPluginStart L 03/21/2020 - 12:15:43: [SM] Unable to load plugin "ExploitFix_3_20_2020.smx": Error detected in plugin startup (see error logs) L 03/21/2020 - 12:15:43: [SM] Error parsing gameconfig file "/home/server2731/service5565/csgo/csgo/addons/sourcemod/gamedata/LagExploitFix_3_7_2020.txt": L 03/21/2020 - 12:15:43: [SM] Error 1 on line 0, col 0: Stream failed to open compiled on last sm 1.10 PLEASE HELPE! EDIT: because of being too dumb i forgot to upload the gamedata file, issue solved |
Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]
Thanks for this buddy.
|
Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]
You've been hard a work lately, keep doing Gaben's work
|
Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]
Quote:
Code:
Netchannel: unknown net message (76) from {hidden attacker ip for privacity rules}:27005. After that he tried to lag the server with "rcon bad password" attacks with different ips but if you dont have sv_rcon_banpenalty to 0 then it dont produce lag. (so you should set it to a value > than 0). |
Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]
exactly how to run exploit?
|
Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]
Quote:
|
Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]
Quote:
|
Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]
Fun side effect: Most cheats use crappy network breaking code(e.g. "fakelag") that triggers this message.
It's a good idea to log these and ban users that generate these messages en masse(4-10 at once), rather than patching the exploit. At least until an actual patch is pushed into the binaries. |
Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]
Quote:
gaben is coming |
Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]
A question, the logs that I posted here say the attacker, right? Or can be produced in another player? because i have the same logs for someone that usually play in the server but not sure if he really attacked.
|
Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]
Quote:
|
Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]
L 03/22/2020 - 14:44:25: [SM] Exception reported: Unnamed Signature Incorrect (2).
L 03/22/2020 - 14:44:25: [SM] Blaming: ExploitFix_3_20_2020.smx L 03/22/2020 - 14:44:25: [SM] Call stack trace: L 03/22/2020 - 14:44:25: [SM] [0] SetFailState L 03/22/2020 - 14:44:25: [SM] [1] Line 44, /home/forums/content/files/2/4/6/0/2/9/180250.attach::OnPluginStart [SM] Plugin ExploitFix_3_20_2020.smx failed to load: Error detected in plugin startup (see error logs) Has somebody this error too? |
Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]
Quote:
|
Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]
Quote:
Quote:
|
Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]
Quote:
HTML Code:
L 03/23/2020 - 01:25:34: [SM] Exception reported: Unnamed Signature Incorrect (2). |
Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]
This plugin is no longer needed for csgo and should be uninstalled if currenlty installed to prevent server crashes.
This exploit has been patched in csgo with the recent update: PHP Code:
|
Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]
By Valve Patched Crash Server Method pls Post Delete. ;))):)
|
Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]
|
Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]
Quote:
https://forums.alliedmods.net/showthread.php?t=321932 https://forums.alliedmods.net/showthread.php?t=317120 |
Re: [CSGO] Server Crasher Exploit Patch [3/20/2020]
Hello, This exploit was not paired in l4d2, my question is Can this plugin solve the problem?
PHP Code:
|
All times are GMT -4. The time now is 05:05. |
Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.