Raised This Month: $37 Target: $400
 9% 

CSGO - have fun with the server lagger exploit


Post New Thread Reply   
 
Thread Tools Display Modes
Author Message
Neuro Toxin
Veteran Member
Join Date: Oct 2013
Location: { closing the void; }
Old 03-19-2016 , 02:44   CSGO - have fun with the server lagger exploit
Reply With Quote #1



This doesn't sound very good.
__________________

Last edited by Neuro Toxin; 03-19-2016 at 18:38.
Neuro Toxin is offline
balonfx
AlliedModders Donor
Join Date: Dec 2013
Location: New Haven, CT
Old 03-19-2016 , 02:58   Re: have fun with the server lagger exploit
Reply With Quote #2

Confirmed happening to us, and a lot of other communities.

Trying to find the source now.
__________________
balonfx is offline
Neuro Toxin
Veteran Member
Join Date: Oct 2013
Location: { closing the void; }
Old 03-19-2016 , 03:12   Re: have fun with the server lagger exploit
Reply With Quote #3

Quote:
Originally Posted by Element
"Element": Hook OnClientSettingsChanged and keep track of client var changes -- if they go over a certain threshold they're almost certainly trying to crash the server. Obviously make sure you decrement their changes otherwise you'll be kicking legitimate players if they happen to change these variables a lot. (Most cheats create a thread/thread pool and flood these changes so fast that it's impossible to be someone just spamming console)
Looks like its just command hammering. Something any kid can write...
__________________
Neuro Toxin is offline
balonfx
AlliedModders Donor
Join Date: Dec 2013
Location: New Haven, CT
Old 03-19-2016 , 03:19   Re: have fun with the server lagger exploit
Reply With Quote #4

Quote:
Originally Posted by Neuro Toxin View Post
Looks like its just command hammering. Something any kid can write...
Thanks! Added you on steam to figure out what this was, much appreciated.
__________________
balonfx is offline
lay295
Senior Member
Join Date: Sep 2013
Old 03-19-2016 , 03:42   Re: have fun with the server lagger exploit
Reply With Quote #5

Any idea what the threshold should be? Like how fast can a legitimate client fire OnClientSettingsChanged or how many times the exploit fires it?
__________________

lay295 is offline
Neuro Toxin
Veteran Member
Join Date: Oct 2013
Location: { closing the void; }
Old 03-19-2016 , 03:49   Re: have fun with the server lagger exploit
Reply With Quote #6

So apparently...

The exploit runs @ 1ms.

And calls client side: setinfo x x

Where x is in a for loop

Sounds like the command executing client side is:

setinfo 1 1
setinfo 2 2
setinfo 3 3 ... ect

I'm not sure if this is how the aimware version works or not.
__________________
Neuro Toxin is offline
Neuro Toxin
Veteran Member
Join Date: Oct 2013
Location: { closing the void; }
Old 03-19-2016 , 04:23   Re: have fun with the server lagger exploit
Reply With Quote #7

I wrote this up...

Code:
static int s_iClientSettingsChangedCount[MAXPLAYERS+1];
 
public void OnPluginStart()
{
    CreateTimer(1.0, OnClientCountSettingsChanged, _, TIMER_REPEAT);
}
 
public OnClientConnected(int client)
{
    s_iClientSettingsChangedCount[client] = 0;
}

public void OnClientSettingsChanged(int client)
{
    if (IsFakeClient(client))
        return;
    
    s_iClientSettingsChangedCount[client]++;
}
 
public Action OnClientCountSettingsChanged(Handle timer, any data)
{
    for (int client = 1; client < MaxClients; client++)
    {
        if (!IsClientInGame(client))
            continue;
            
        if (IsFakeClient(client))
            continue;
            
        PrintToConsole(client, "s_iClientSettingsChangedCount[%d] == %d", client, s_iClientSettingsChangedCount[client]);
        s_iClientSettingsChangedCount[client] = 0;
    }
}

This is my output in console...
Quote:
s_iClientSettingsChangedCount[10] == 0
s_iClientSettingsChangedCount[10] == 0
] setinfo 2 2
s_iClientSettingsChangedCount[10] == 1
s_iClientSettingsChangedCount[10] == 0
Apon connecting to a server with this, i get 3 changes...
__________________
Neuro Toxin is offline
JustCallMeLuke
Member
Join Date: Dec 2015
Old 03-19-2016 , 07:43   Re: have fun with the server lagger exploit
Reply With Quote #8

Just heard about this. One of my friend of friends server's just got crashed. Anyone got an ETA of a patch via sourcemod or valve?
__________________
It's just a prank bro
Cameras over there.
JustCallMeLuke is offline
Naydef
Senior Member
Join Date: Dec 2015
Location: Doom Town, Nevada
Old 03-19-2016 , 07:58   Re: have fun with the server lagger exploit
Reply With Quote #9

Just to ask. For which game this exploit works? I run TF2 server and I don't want someone to crash the server
__________________
My plugins:
Admin Stealth REDUX(v1.6.1)

Non-Sourcemod related projects:
8086eD x86 Emulator

Steam:
naydef

Last edited by Naydef; 03-19-2016 at 07:59.
Naydef is offline
asdfxD
Veteran Member
Join Date: Apr 2011
Old 03-19-2016 , 16:30   Re: have fun with the server lagger exploit
Reply With Quote #10

any new info to avoid this? only kids on server who let the lag begin .... -.-
asdfxD is offline
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 18:41.


Powered by vBulletin®
Copyright ©2000 - 2021, vBulletin Solutions, Inc.
Theme made by Freecode