Solve this Exploit Allied Modders
Before hand I would just like to let you know that I have tried all plugins (kigen, daf, rcon_lock, forlixfloodcheck, smac (and all the plugins that come with it including client protection), zblock, and have even resorted to whitelisting certain ConVars. Although I've tried all that this exploit still has the ability to crash my server and re-crash it on restart.
Here is an example Logging on what this attack looks like - http://pastebin.com/D9x6FR4A (too big for this post) Now these bots rejoin over 1000 times in 1 second, they generate random characters, and when I ban an IP address it automatically switches over to a new one. Not only this, but no steamids show up when the bots rejoin. (I have managed to catch a steamid or two but banning the steamid doesnt help) When the server restarts the bots automatically rejoin once again continually crashing the server. (Yes I have added css anti-rejoin and other plugins the like) Please help me get this taken care of, I own some pretty popular servers and have run out of ideas on what to do. If you need more information here is a KAC Log of the attack. http://pastebin.com/vfmc8hMz (Please also note that this exploit was created by HaloShadoW) |
Re: Solve this Exploit Allied Modders
|
Re: Solve this Exploit Allied Modders
Here's is a dump of sm plugins list
30 "SourceMod Anti-Cheat" (0.7.3.0) by GoD-Tony, psychonic (Please note these plugins are running and my server is still vulnerable) 31 "SMAC Client Protection" (0.7.3.0) by GoD-Tony, psychonic, Kigen 32 "SMAC CS:S Anti-Rejoin" (0.7.3.0) by Kigen |
Re: Solve this Exploit Allied Modders
I have to ask, what is the value of your smac_antispam_connect cvar set to? (SMAC and KAC had this disabled by default)
Quote:
Quote:
|
Re: Solve this Exploit Allied Modders
"smac_antispam_connect" = "1" min. 0.000000
- [smac_client.smx] Seconds to prevent someone from restablishing a connection. (0 = Disabled) We have our own proprietary plugins for logging, for some reason this attack was not showing up in the normal sm command logs, although we were able to see it in console logs, but recently disabled -condebug because of creation of such large files. I can re-enable it, wait for another attack, and send you the console logs if you want. |
Re: Solve this Exploit Allied Modders
honestly if my server keeps getting attacked I would be willing to let you have access to the server and try to patch this exploit. I have just run out of ideas.
|
Re: Solve this Exploit Allied Modders
How often is your server getting crashed this way?
Quote:
Quote:
|
Re: Solve this Exploit Allied Modders
Don't bother banning IP because in my logs they keep changing every so often. But the SteamIDs stay the same.
Code:
–@@X]G{”մ"<3451><STEAM_0:1:41719390><>" disconnected (reason "Connection closing") EDIT: Code:
L 11/10/2011 - 21:12:24: "“uj|‚Ž$q„2ϧPž(3!_<917><STEAM_0:1:11902529><>" disconnected (reason "Connection closing") EDIT2: And another: Code:
L 11/01/2011 - 14:28:08: "|*‹8‚– Aag:mblnŸ<6214><STEAM_0:1:21620883><>" connected, address "88.2.225.59:27005" Anyone who want to ban them type this into console: Code:
sm_rcon banid 0 STEAM_0:1:21620883; sm_rcon banid 0 STEAM_0:1:11902529; sm_rcon banid 0 STEAM_0:1:41719390; sm_rcon writeid |
Re: Solve this Exploit Allied Modders
Quote:
|
Re: Solve this Exploit Allied Modders
Yea I have since then. I don't see what is different about this guys issue though (except for the fact player steamids don't show, which could be a server side issue).
|
All times are GMT -4. The time now is 08:45. |
Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.