[Dragokas]

Valve has update to L4D2, not backported to L4D1.

Some user can use exploit to force votekick without vote (auto-mark all the checkboxes).

Does someone have this exploit or fix?

Setting a listener to the callvote command with returning Plugin_Stop in a callback does not help.

The black window does not appear (in the usual voting, it is intercepted by my vote plugin via CreateMenu), but the exploit somehow bypasses this restriction and displays such a black window already with marked checkboxes (according to one of the player's explanation).

PHP Code:

public void OnAllPluginsLoaded()
{
    AddCommandListener(CheckVote, "callvote");
}

public Action CheckVote(int client, char[] command, int args)
{
    char s[MAX_NAME_LENGTH];
    if (args >= 2) {
        GetCmdArg(1, s, sizeof(s));
        if (StrEqual(s, "Kick", false)) {
            GetCmdArg(2, s, sizeof(s));
            int UserId = StringToInt(s);
            if (UserId != 0) {
                int target = GetClientOfUserId(UserId);
                if (target != 0 && IsClientInGame(target))
                    StartVoteKickAccessCheck(client, target);
            }
            return Plugin_Stop;
        }
    }
} 


[MasterMind420]

hmm im not sure but maybe try monitoring all kicks or disconnects pre....check the reason in player disconnect event. im sure theres a way to fix it.

[Powerlord]

My understanding is that the exploit is that they're using callvote before their client finished connecting. As such, have you considered doing this instead?

PHP Code:

public Action CheckVote(int client, char[] command, int args) 
{
    if (!IsClientConnected(client))
        return Plugin_Stop;
} 


Edit: IsClientInGame might work as well

[Dragokas]

Sorry with my delay.

I resolved it using private extension "ProcessCmds" provided by my hoster, that blocks "status" cmd, preventing UserId from expose.

Quote:

Originally Posted by MasterMind420 hmm im not sure but maybe try monitoring all kicks or disconnects pre....check the reason in player disconnect event. im sure theres a way to fix it.

Reason?
https://wiki.alliedmods.net/Generic_...yer_disconnect
What should it give to me?
If it is possible to cancel disconnect by passing Plugin_Stop somewhere, so it may make sense. In such case I could cancel it because I surely can check whether kick is initiated by my plugin (in legal way).

Quote:

Originally Posted by Powerlord My understanding is that the exploit is that they're using callvote before their client finished connecting.

I'm not sure it make sense. If client is even not connected does he have UserId?

Maybe:

Code:

if (!IsClientInGame(client))
        return Plugin_Stop;

?

Anyway thanks for suggestion. I'll add such protection too.

[MasterMind420]

why not just block the callvote kick usermessage....check that players are connected before allowing any kick? assuming whats going on even calls callvote...or use votepass usermessage instead?

[Dragokas]

block usermessage is good idea, thanks.

[MasterMind420]

Quote:

Originally Posted by Dragokas block usermessage is good idea, thanks.

np...i just started messing with usermessages so...blocking votes that way works rather well.

[Lux]

The "CVoteController" - "vote_controller" entity has some entprops maybe usefull usually where voteissues are stored and exec

Code:

 Member: m_activeIssueIndex (offset 1088) (type integer) (bits 32) ()
 Member: m_onlyTeamToVote (offset 1092) (type integer) (bits 32) ()
 Member: m_votesYes (offset 1096) (type integer) (bits 32) ()
 Member: m_votesNo (offset 1100) (type integer) (bits 32) ()
 Member: m_potentialVotes (offset 1104) (type integer) (bits 32) ()