Raised This Month: $ Target: $400
 0% 

can players exploit sourcemod with their name?


  
 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
Blinx
Senior Member
Join Date: Oct 2013
Old 06-24-2021 , 10:03   Re: can players exploit sourcemod with their name?
Reply With Quote #4

I'm not very knowledgeable about code injection but I think sm_command is your only worry since it's executing a command without any filtering as far as I know, but stuff like PrintToChat and basically every other function doesn't work like that.

As for your specific worry though, %N is a formatting thing that puts someones name into the string provided a client index, i.e.,

PrintToChat(client, "%N Welcome to the server!", client);

Hopefully someone with more indepth knowledge of sourcepawn can verify these things.
Blinx is offline
 



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 21:02.


Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Theme made by Freecode