Raised This Month: $51 Target: $400
 12% 

Question NEW EXPLOIT


Post New Thread Reply   
AlliedModders Forum Index > AMX Mod X > Plugins > Suggestions / Requests
Page 1 of 5 1 23 Last »
 
Thread Tools Display Modes
Author Message
csblackangelscom
Member
csblackangelscom's Avatar
Join Date: Jul 2013
Location: Romania
Old 09-04-2014 , 17:25   Question NEW EXPLOIT
Reply With Quote #1
Hello, for all you know there is a new exploit that draws players from cs, now again this exploit is used as the name and entering the playar cs #Cstrike_GIGN_Label #Cstrike_GIGN_Label name and write something in chat out others players in cs. can you help me with it
Last edited by YamiKaitou; 09-05-2014 at 19:46.
csblackangelscom is offline
Send a message via Yahoo to csblackangelscom Send a message via Skype™ to csblackangelscom
fysiks
Veteran Member
fysiks's Avatar
Join Date: Sep 2007
Location: Flatland, USA
Old 09-04-2014 , 17:46   Re: Question NEW EXPLOIT
Reply With Quote #2
Before we can help you, you need to say that in comprehensible english.
__________________
fysiks is offline
Old 09-04-2014, 18:10
Eagle07
This message has been deleted by Eagle07.
hornet
AMX Mod X Plugin Approver
hornet's Avatar
Join Date: Mar 2010
Location: Australia
Old 09-04-2014 , 18:32   Re: Question NEW EXPLOIT
Reply With Quote #3
Quote:
Originally Posted by fysiks View Post
Before we can help you, you need to say that in comprehensible english.
Something related to the player changing their name to that text reference.
hornet is offline
Old 09-05-2014, 05:41
HamletEagle
This message has been deleted by HamletEagle.
Phant
Veteran Member
Phant's Avatar
Join Date: Sep 2009
Location: New Jersey
Old 09-05-2014 , 06:37   Re: Question NEW EXPLOIT
Reply With Quote #4
As I know, there is bug:
Code:
say "#Cstrike_GIGN_Label #Cstrike_GIGN_Label"
Not name of player.

Quote:
Originally Posted by HamletEagle View Post
Non-steamer. This exploit si not working on latest server builds without dproto.
You mean it's dproto bug ?
Last edited by Phant; 09-05-2014 at 06:38.
Phant is offline
Send a message via ICQ to Phant
HamletEagle
AMX Mod X Plugin Approver
HamletEagle's Avatar
Join Date: Sep 2013
Location: Romania
Old 09-05-2014 , 07:20   Re: Question NEW EXPLOIT
Reply With Quote #5
I don't mean anything, just remove dproto and update your server, then you won't get any bug.
__________________
HamletEagle is offline
GordonFreeman (RU)
Veteran Member
Join Date: Jan 2010
Location: Uzbekistan
Old 09-05-2014 , 07:31   Re: Question NEW EXPLOIT
Reply With Quote #6
Quote:
Originally Posted by HamletEagle View Post
I don't mean anything, just remove dproto and update your server, then you won't get any bug.
Wrong.
Code:
name "1#Cstrike_GIGN_Label #Cstrike_GIGN_Label"
And ask admin for ban,kick,slay and watch the fun.
__________________
The functional way is the right way
Last edited by GordonFreeman (RU); 09-05-2014 at 07:31.
GordonFreeman (RU) is offline
HamletEagle
AMX Mod X Plugin Approver
HamletEagle's Avatar
Join Date: Sep 2013
Location: Romania
Old 09-05-2014 , 08:00   Re: Question NEW EXPLOIT
Reply With Quote #7
Quote:
Originally Posted by GordonFreeman (RU) View Post
Wrong.
Code:
name "1#Cstrike_GIGN_Label #Cstrike_GIGN_Label"
And ask admin for ban,kick,slay and watch the fun.
Lol, it seems that you are right. When typing in chat it does nothing, but when using commands it crash the server.
__________________
Last edited by HamletEagle; 09-05-2014 at 08:08.
HamletEagle is offline
^SmileY
Veteran Member
^SmileY's Avatar
Join Date: Jan 2010
Location: Brazil [<o>]
Old 09-05-2014 , 11:49   Re: Question NEW EXPLOIT
Reply With Quote #8
OMFG!

Kick by userid
__________________
Projects:

- See my Git Hub: https://github.com/SmileYzn
PHP Code:
set_pcvar_num(pCvar, !get_pcvar_num(pCvar)); 
^SmileY is offline
Send a message via MSN to ^SmileY Send a message via Skype™ to ^SmileY
slLent
Member
slLent's Avatar
Join Date: Apr 2010
Location: Tomsk, Russia
Old 09-05-2014 , 14:14   Re: Question NEW EXPLOIT
Reply With Quote #9
this bug works on messages SayText, TextMsg, ShowMenu
native/stock client_print,client_print_color etc.

Code:
name "d #Spec_Help_Text #Spec_Duck"
and send message.

Code:
message_begin(MSG_ALL,get_user_msgid("SayText"));
write_byte(id);
write_string("d #Spec_Help_Text #Spec_Duck : Hello people!");
message_end();
players that received a message - client crashes.
more info
Last edited by slLent; 09-05-2014 at 14:36.
slLent is offline
fysiks
Veteran Member
fysiks's Avatar
Join Date: Sep 2007
Location: Flatland, USA
Old 09-05-2014 , 16:02   Re: Question NEW EXPLOIT
Reply With Quote #10
So, it is not a bug of the engine, it is a bug in plugins/modules that resend these things with message_begin() etc. It's basically like SQL injection.

You can test this by first doing it on a server without MetaMod installed. I bet it doesn't do anything. Then, test it on a server with AMX Mod X.
__________________
fysiks is offline
Reply
AlliedModders Forum Index > AMX Mod X > Plugins > Suggestions / Requests
Page 1 of 5 1 23 Last »

« Previous Thread | Next Thread »


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -4. The time now is 17:48.

DMCA - Archive - Top

Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Theme made by Freecode