[TESLA-X4]

Maybe creating a subfolder with a cryptic name inside the plugins folder (not in the 'disabled' folder, of course) and moving the KAC plugin in there would work? SourceMod will continue loading any plugins in subfolders as long as they're not inside the disabled folder. It still won't fix them unloading all plugins at once though... We need a command much like 'load_lock' to block unloading plugins instead.

[Kigen]

The sonic guy was banned for cheating in KAC a while back that got him on the global banlist. He has to unload KAC in order to join the server.

Though I have to admit it is amusing as well.

Also, I have created a bug report requesting SM devs add some sort of load lock option to prevent plugins from being unloaded so that people like him can't obtain complete control.

And actually I had slated a feature for KAC that would help stop RCON compromises by preventing anyone from doing anything through RCON, but the SM devs wanted to protect the command "sm" from being messed with by any plugin which made me have to loose that feature as if they can unload my plugin then it is worthless to do anything.

I might create a temporary feature to cause KAC to reload itself if unloaded so that people like the sonic guy can't easily stop KAC from removing him.

[tigerox]

Quote:

Originally Posted by LordVader! Has anyone set the correct permissions for your server install folders? The server does not need write access to many folders in the install. Take away write access to plugins, extensions, and many more! (Done via your OS permissions system) It’s a pain in the ass to setup but it’s a good additional safe guard for malicious uploads.

I run all my servers as a separate user that has no write permissions. Just allow logs, sprays, data files to be written. This method does works to prevent upload exploits.

[DontWannaName]

You mean sm plugins load_lock?

That guy should get his account deactivated, its happened before to people like that.

[Kigen]

https://bugs.alliedmods.net/show_bug.cgi?id=4212

[DontWannaName]

Should this plugin be fixed to support smx files?

[Kigen]

I haven't seen anyone being able to upload a smx plugin through D-FENS. It has protected our servers against the upload/download exploit.

[Onedda]

messed about and got it going cheers guys

[sonicsight2]

I hate to break the news to you guys but the only thing suggested in this thread that could stop it is actually putting D-FENS (or a similar fix) on your server as that does block it.

As for unloading KAC yes i had to unload it because i was already banned for a dumb reason about 6 months back

As for the cryptic folder name that wont do anything to stop me because i can query an entire server (and the files above the server file) and view folder and files names so you cant hide any files or folders from me once i exploit the server

As for a load_lock i can also delete any files or folders so it would be a simple matter of deleting the .smx file and restarting the server using "rcon quit" or reloading sourcemod completely using metamod, which would also prevent KAC from reloading itself.

As for having KAC lock rcon, thats pointless as well because i could write a sourcemod plugin in about 5 mins that will register a new command to replace rcon using "ServerCommand("");" which isnt hooked as a rcon command.

Long story short put the fix on your server or your f***ed

[Dr!fter]

Anyone get this working in orgianl l4d? I get this error on linux

Code:

[META] Failed to load plugin addons/D-FENS/bin/dfens_mm_i486_l4d.so: /l4d/left4dead/addons/D-FENS/bin/dfens_mm_i486_l4d.so: undefined symbol: _Unwind_Resume

Got it to work fine on css servers. Cant seem to get l4d one to work.