SRCDS Server Crash Exploit

**headline** · **Author**

Hello everyone,

Recently I have had a few players joining my server and threatening to take it down. When they did, it was not a DDOS and that person had no access to the server itself. All RCON and FTP passwords have been changed and after coming in contact with the person via steam, they were telling me that it was an SRCDS Server Exploit which has *something* to do with usercmds.

That's all the information I was given, and I wanted to see if anyone else is having those people around.

The first person who turned my server off was just trolling and we are cool now, however it seems that others have access to the exploit as well and are going around turning servers off.

There are no errors reported in ANY logging.

After asking that guy if it involved SourceMod, he said no. Essentially, he can shut down any server.

He said that SMAC helps prevent the server from turning off, but will teleport players around and makes the server act weirdly.

Potato Uno · 11-24-2015 , 17:11 Re: SRCDS Server Crash Exploit

srcds in general or just csgo srcds?

**headline** · 11-24-2015 , 17:12 Re: SRCDS Server Crash Exploit

Quote:

Originally Posted by Potato Uno

srcds in general or just csgo srcds?

He just told me SRCDS, but I can only 100% confirm it's CS:GO

Potato Uno · 11-24-2015 , 17:14 Re: SRCDS Server Crash Exploit

If you know the exploit, do you mind PM'ing it to me so I can test it on TF2 srcds? (I don't own csgo.)

EDIT: oh wait you only have a hint

EDIT2: Or if someone knows the exploit and doesn't want to tell me directly, I'd like for them to contact me and try to crash my TF2 server just to see if it works on TF2.

Franc1sco · *Last edited by Franc1sco; 01-26-2016 at 06:21.*

Use this simple plugin that log all the commands that the clients use in addons/sourcemod/logs/CmdLog_%d.log and maybe you could find the usercmds that he use for crash the server.

With this plugin I found some exploits with usercmds that people used.

MOVED HERE https://forums.alliedmods.net/showthread.php?t=278166

**headline** · *Last edited by headline; 11-24-2015 at 17:35.*

Quote:

Originally Posted by Potato Uno

If you know the exploit, do you mind PM'ing it to me so I can test it on TF2 srcds? (I don't own csgo.)

EDIT: oh wait you only have a hint

EDIT2: Or if someone knows the exploit and doesn't want to tell me directly, I'd like for them to contact me and try to crash my TF2 server just to see if it works on TF2.

I don't know any more information than what was previously stated.

EDIT : I'm running Fransisco's plugin right now. I'll send you the file if it happens again.

asdfxD · *Last edited by asdfxD; 11-24-2015 at 22:48.*

this ppl using a teleport hack which can crash servers, thats all. a mate can do this aswell. this is a new exploit in csgo server which is not fixed yet. search around the web, some ppl cheat/hack companys selling it. -.-

but as i know it just crashes the server and dont give access to rcon & ftp.

**headline** · 11-24-2015 , 23:16 Re: SRCDS Server Crash Exploit

Quote:

Originally Posted by asdfxD

this ppl using a teleport hack which can crash servers, thats all. a mate can do this aswell. this is a new exploit in csgo server which is not fixed yet. search around the web, some ppl cheat/hack companys selling it. -.-

but as i know it just crashes the server and dont give access to rcon & ftp.

Is that something that can be patched via SM plugin?

asdfxD · *Last edited by asdfxD; 11-25-2015 at 03:05.*

Quote:

Originally Posted by Headline22

Is that something that can be patched via SM plugin?

i don't know. i ask my mate, this exploit is some months old and was first private and he has reported it already in july 2015 to vitality and they give a fuck.

and now it is public and some hack companys have updated their hacks with it.

i ask him and got a code. if someone have good knowledge about this stuff and can make a plugin to block this, send me a private message. i have no clue about all that stuff. this exploit has something to do with viewangels. probably a eyetest modul update can patch teleporting.

edit: send a email to http://csgo-servers.1073505.n5.nabbl...nodes&user=241 with code now, i hope he take a look at it.

@Headline22 you said smac helps to prevent the server from turning off/crashing. you want a fix for teleporting?

Franc1sco · *Last edited by Franc1sco; 01-26-2016 at 06:20.*

Quote:

Originally Posted by Franc1sco

Use this simple plugin that log all the commands that the clients use in addons/sourcemod/logs/CmdLog_%d.log and maybe you could find the usercmds that he use for crash the server.

With this plugin I found some exploits with usercmds that people used.

I moved my plugin here for a better search -> https://forums.alliedmods.net/showthread.php?t=278166