Raised This Month: $51 Target: $400
 12% 

File upload exploit fix


  
 
AlliedModders Forum Index > SourceMod > Metamod: Source > Metamod:Source Plugins
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
Author Message
devicenull
Veteran Member
Join Date: Mar 2004
Location: CT
Old 08-19-2009 , 13:24   File upload exploit fix
Reply With Quote #1
v 1.0.0.2
Changes:
* Attempt to prevent crashes by only removing hooks when absolutely necessary
* Update with a workaround for the delete file exploit.

This plugin will prevent the recently discovered file upload exploit from working on your server. Installation is just like a normal SourceMM plugin, except you need to create a "exploits" directory in your mod directory (ex: cstrike/exploits). Any files that are attempted to be uploaded will be placed here.

This will prevent any file writes using valve's standard interface. This will break things such as SourceTV demos, sprays, and possibly some SM plugins. Normal log files will remain working

Source code, and binaries are in the attachment.

Thanks to psychonic for the windows builds.

Donate
Attached Files
File Type: zip exploit_fix.zip (145.3 KB, 2007 views)
__________________
Various bits of semi-useful code in a bunch of languages: http://code.devicenull.org/
Last edited by devicenull; 08-21-2009 at 01:12.
devicenull is offline
 

« Previous Thread | Next Thread »


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -4. The time now is 10:16.

DMCA - Archive - Top

Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Theme made by Freecode