AlliedModders

AlliedModders (https://forums.alliedmods.net/index.php)
-   Plugins (https://forums.alliedmods.net/forumdisplay.php?f=108)
-   -   [CSGO] SRCDS Rcon Server Lagger Exploit Patch [1/2/21] (https://forums.alliedmods.net/showthread.php?t=329643)

backwards 01-02-2021 03:51
[CSGO] SRCDS Rcon Server Lagger Exploit Patch [1/2/21]
 
2 Attachment(s)
Here's yet another patch for an exploit being abused in csgo to lag/dos servers within the last few weeks. This patch affectively just disables rcon from working. The real way to solve the issue and maintain rcon for sourcebans or admins would be to firewall off all ips to the tcp port of your game server except ones you whitelist. However many cheap hosts don't give access to firewall options along with not giving clients the ability to just never set an rcon_password. Setting rcon_password "" inside your server.cfg (and never setting it anywhere else) will prevent rcon from working and will solve the issue with the exploit.

This patch should only be used if you have no way to access the firewall and you can't not set the rcon_password convar.
THIS WILL BREAK SOURCEBANS AND OTHER SOFTWARE THAT COMMUNICATES WITH YOUR SERVER VIA RCON PROTOCOL

Updated on 2/4/2023 for linux changes:
Download rcon_exploit_fix_v1.1.zip for latest verison.

foxsay 01-02-2021 05:29
Re: [CSGO] SRCDS Rcon Server Lagger Exploit Patch [1/2/21]
 
Bit out of the topic question. Witch your exploit patch plugins is still necessary to use because I still use all of them (except this one).

Btw great release as always thank you = )

AePT 01-02-2021 11:07
Re: [CSGO] SRCDS Rcon Server Lagger Exploit Patch [1/2/21]
 
Nice release! :3

Thank you for sharing.

r3v 01-02-2021 11:50
Re: [CSGO] SRCDS Rcon Server Lagger Exploit Patch [1/2/21]
 
My servers have some ddos attacks with A2S, and NOW i found this: https://steamcommunity.com/discussio...8351344359625/
For CS:GO server i'm using linux32 .so files, so i now starting testing, with your exploit fix plugin.
But Backwards, still do we need your exploit fix?

Trum 01-02-2021 12:07
Re: [CSGO] SRCDS Rcon Server Lagger Exploit Patch [1/2/21]
 
:shock:

backwards 01-03-2021 01:37
Re: [CSGO] SRCDS Rcon Server Lagger Exploit Patch [1/2/21]
 
The only one that i'm aware of that has been patched by valve and isn't needed anymore is this one:

https://forums.alliedmods.net/showthread.php?p=2687724

However yesterday I did release an update to the SendFile Exploit Patch:
v3.1

https://forums.alliedmods.net/showthread.php?p=2656975

although it's untested. It should prevent 2 more variation of that exploit that exists. along with one that still works even with sv_allowupload 0 and sv_allowdownload 0 set.

yuv41 01-03-2021 07:15
Re: [CSGO] SRCDS Rcon Server Lagger Exploit Patch [1/2/21]
 
How does one even spam the TCP connection of the RCON protocol? edu purposes c:

JLmelenchon 09-29-2022 14:04
Re: [CSGO] SRCDS Rcon Server Lagger Exploit Patch [1/2/21]
 
Will it have the same effect if i block all tcp connections and only allow the ip of the server ?

backwards 09-30-2022 01:29
Re: [CSGO] SRCDS Rcon Server Lagger Exploit Patch [1/2/21]
 
Quote:
Originally Posted by JLmelenchon (Post 2789985)
Will it have the same effect if i block all tcp connections and only allow the ip of the server ?
Yes

JLmelenchon 10-06-2022 23:03
Re: [CSGO] SRCDS Rcon Server Lagger Exploit Patch [1/2/21]
 
Even after putting rcon_password "" in my server file, when i am in game i still receive an answer with rong password if type rcon kick for example. Is it normal?


All times are GMT -4. The time now is 09:20.

Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.