[canadianjeff]

when I am on windows 10 and using PuTTY to SSH into my server start my server and watch the console output when some of these escaped hex shows up in console output PuTTY will freak out and when I go to quit or shutdown the server it will seg fault on linux

fails when \x05 is printed to server console

Code:

#include <sourcemod>
#include <sdktools>

#pragma semicolon 1
#pragma newdecls required

#define PLUGIN_VERSION "0.00"

public Plugin myinfo = 
{
	name = "HEX TEST",
	author = "linux_canadajeff",
	description = "Testing Print To Server To Find What Makes It Crash!!!!",
	version = PLUGIN_VERSION,
	url = ""
};

public void OnPluginStart()
{
	CreateConVar("sm_hextest_version", PLUGIN_VERSION, "Standard plugin version ConVar. Please don't change me!", FCVAR_REPLICATED|FCVAR_NOTIFY|FCVAR_DONTRECORD);
	RegAdminCmd("sm_hextest", hextest, ADMFLAG_ROOT, "Tests the printtoserver escaped hex values");
}

public Action hextest(int client, int args)
{
	PrintToServer("\\x01 Test!");
	PrintToServer("\x01");
	PrintToServer("\\x02 Test!");
	PrintToServer("\x02");
	PrintToServer("\\x03 Test!");
	PrintToServer("\x03");
	PrintToServer("\\x04 Test!");
	PrintToServer("\x04");
	PrintToServer("\\x05 Test!");
	PrintToServer("\x05");
	PrintToServer("\\x06 Test!");
	PrintToServer("\x06");
	PrintToServer("\\x07 Test!");
	PrintToServer("\x07");
	PrintToServer("\\x08 Test!");
	PrintToServer("\x08");
	PrintToServer("\\x09 Test!");
	PrintToServer("\x09");
	PrintToServer("\\x10 Test!");
	PrintToServer("\x10");
	PrintToServer("\\x11 Test!");
	PrintToServer("\x11");
	PrintToServer("\\x12 Test!");
	PrintToServer("\x12");
	PrintToServer("\\x13 Test!");
	PrintToServer("\x13");
	PrintToServer("\\x14 Test!");
	PrintToServer("\x14");
	PrintToServer("\\x015 Test!");
	PrintToServer("\x15");
	return Plugin_Handled;
}

[canadianjeff]

if I have plugins on my server that are closed source can sourcemod itself scan for plugins that are using escaped hex in them? and mark them as possible backdoored plugins?

or maybe a possible solution fix would be to have a plugin that gets loaded sooner and has higher priority that whenever it detects an escaped hex in other plugins it strips it out and continues to run the other plugins

[asherkin]

The issue here appears to be PuTTY rather than in SRCDS.

What you're doing there is printing raw control characters to the server's output stream, 0x05 is the "ENQ" control character (also known as "^E"). VT100-compliant terminals (like PuTTY) will print an identification string when they see an ENQ character, and it looks like something has broken with that in PuTTY. It looks like your PuTTY identification string is set to "" (the default is "PuTTY"), and that hits a bug that was fixed earlier this year: https://github.com/github/putty/comm...d8c1333ad4727b

[canadianjeff]

thanks for the response but I am still curious if a plugin could be made to strip out these hex and control chars from other plugins I still think if put in a correct order they could lead to compromise of a server

[asherkin]

No, there is no security issue here.

[canadianjeff]

how can you prove or disprove this all I have is your word on it

[canadianjeff]

if a plugin sends the ^C would it kill the server?????

[asherkin]

You already tested printing ^C, that’s 0x03.

[canadianjeff]

marking this thread as solved for now but may revisit it at a later date to keep testing more