AlliedModders - CSGO - have fun with the server lagger exploit

AlliedModders (https://forums.alliedmods.net/index.php)

- Source Servers (SRCDS) (https://forums.alliedmods.net/forumdisplay.php?f=130)

- - CSGO - have fun with the server lagger exploit (https://forums.alliedmods.net/showthread.php?t=280545)

CSGO - have fun with the server lagger exploit

http://i.imgur.com/W8C1Kxm.png

This doesn't sound very good.

Re: have fun with the server lagger exploit

Confirmed happening to us, and a lot of other communities.

Trying to find the source now.

Re: have fun with the server lagger exploit

Quote:

Originally Posted by Element

"Element": Hook OnClientSettingsChanged and keep track of client var changes -- if they go over a certain threshold they're almost certainly trying to crash the server. Obviously make sure you decrement their changes otherwise you'll be kicking legitimate players if they happen to change these variables a lot. (Most cheats create a thread/thread pool and flood these changes so fast that it's impossible to be someone just spamming console)

Looks like its just command hammering. Something any kid can write...

Re: have fun with the server lagger exploit

Quote:

Originally Posted by Neuro Toxin (Post 2403781)

Looks like its just command hammering. Something any kid can write...

Thanks! Added you on steam to figure out what this was, much appreciated.

Re: have fun with the server lagger exploit

Any idea what the threshold should be? Like how fast can a legitimate client fire OnClientSettingsChanged or how many times the exploit fires it?

Re: have fun with the server lagger exploit

So apparently...

The exploit runs @ 1ms.

And calls client side: setinfo x x

Where x is in a for loop

Sounds like the command executing client side is:

setinfo 1 1
setinfo 2 2
setinfo 3 3 ... ect

I'm not sure if this is how the aimware version works or not.

Re: have fun with the server lagger exploit

I wrote this up...

Code:

static int s_iClientSettingsChangedCount[MAXPLAYERS+1];

 

public void OnPluginStart()

{

    CreateTimer(1.0, OnClientCountSettingsChanged, _, TIMER_REPEAT);

}

 

public OnClientConnected(int client)

{

    s_iClientSettingsChangedCount[client] = 0;

}



public void OnClientSettingsChanged(int client)

{

    if (IsFakeClient(client))

        return;

    

    s_iClientSettingsChangedCount[client]++;

}

 

public Action OnClientCountSettingsChanged(Handle timer, any data)

{

    for (int client = 1; client < MaxClients; client++)

    {

        if (!IsClientInGame(client))

            continue;

            

        if (IsFakeClient(client))

            continue;

            

        PrintToConsole(client, "s_iClientSettingsChangedCount[%d] == %d", client, s_iClientSettingsChangedCount[client]);

        s_iClientSettingsChangedCount[client] = 0;

    }

}



This is my output in console...

Quote:

s_iClientSettingsChangedCount[10] == 0
s_iClientSettingsChangedCount[10] == 0
] setinfo 2 2
s_iClientSettingsChangedCount[10] == 1
s_iClientSettingsChangedCount[10] == 0

Apon connecting to a server with this, i get 3 changes...

Re: have fun with the server lagger exploit

Just heard about this. One of my friend of friends server's just got crashed. Anyone got an ETA of a patch via sourcemod or valve?

Re: have fun with the server lagger exploit

Just to ask. For which game this exploit works? I run TF2 server and I don't want someone to crash the server :|

Re: have fun with the server lagger exploit

any new info to avoid this? only kids on server who let the lag begin .... -.-