Raised This Month: $319 Target: $400
 79%   Almost there!

Solved [CSGO] New Exploit?


Post New Thread Reply   
 
Thread Tools Display Modes
Author Message
cristian20042
AlliedModders Donor
Join Date: Jun 2016
Location: Romania
Old 10-16-2019 , 11:57   [CSGO] New Exploit?
Reply With Quote #1

This is very bad, some cunt decided to give himself admin with admins_simple.

He seems to have access to admins_simple. I think it is a dead exploit coming back to life...
https://forums.alliedmods.net/showthread.php?t=304847

Other person had the same issue, but somehow, this dude managed to access the database as well, and I only hope that it's just a code that changed the sourcebans password.

I am telling you, there is no possible way for him to have FTP access, all actions are logged and didn't seem like he accessed ftp. What I think is that he made a plugin which modified a sourcebans account email, then reset the password.

Also, I only have my own plugins, there is no way there will be a backdoor, just so you know.
__________________
Steam - https://steamcommunity.com/id/sniperheroofficialu/
Discord - SniperHero#8545

Last edited by cristian20042; 10-16-2019 at 15:54.
cristian20042 is offline
Franc1sco
Veteran Member
Join Date: Oct 2010
Location: Spain (Madrid)
Old 10-16-2019 , 12:39   Re: [CSGO] New Exploit?
Reply With Quote #2

You have sv_allowupload and sv_allowdownload to 0? You need to have it to 0. Just use a fastdl.

Also exists a exploit for maps in tf2, not sure if in csgo is fixed, more info https://forums.alliedmods.net/showthread.php?t=318094
__________________
Veteran SourceMod Coder -> Activity channel
Taking paid and free jobs.
Contact: Steam, Telegram or discord ( Franc1sco#7876 ).

You like my work? +Rep in my steam profile comments or donate.

Franc1sco is offline
Send a message via MSN to Franc1sco
Mitchell
~lick~
Join Date: Mar 2010
Old 10-16-2019 , 12:43   Re: [CSGO] New Exploit?
Reply With Quote #3

Did you follow the suggested fix that's in the the thread that you posted?
Mitchell is offline
cristian20042
AlliedModders Donor
Join Date: Jun 2016
Location: Romania
Old 10-16-2019 , 12:44   Re: [CSGO] New Exploit?
Reply With Quote #4

Quote:
Originally Posted by Franc1sco View Post
You have sv_allowupload and sv_allowdownload to 0? You need to have it to 0. Just use a fastdl.

Also exists a exploit for maps in tf2, not sure if in csgo is fixed, more info https://forums.alliedmods.net/showthread.php?t=318094
sv_allowdownload is set to 1, do I need it in FastDL?

nvm, put it to 0 and yes, i've made a plugin which blocks uploads
__________________
Steam - https://steamcommunity.com/id/sniperheroofficialu/
Discord - SniperHero#8545

Last edited by cristian20042; 10-16-2019 at 12:45.
cristian20042 is offline
cristian20042
AlliedModders Donor
Join Date: Jun 2016
Location: Romania
Old 10-16-2019 , 15:54   Re: [CSGO] New Exploit?
Reply With Quote #5

It's the old exploit and valve didn't fix it =))

I had to set sv_allowdownload 0.

Solved.
__________________
Steam - https://steamcommunity.com/id/sniperheroofficialu/
Discord - SniperHero#8545
cristian20042 is offline
Mitchell
~lick~
Join Date: Mar 2010
Old 10-16-2019 , 23:14   Re: [CSGO] New Exploit?
Reply With Quote #6

Quote:
Originally Posted by cristian20042 View Post
It's the old exploit and valve didn't fix it =))

I had to set sv_allowdownload 0.

Solved.
Well not solved if you used that only.
You should set sv_allowupload 0 also so they cant upload plugins to your server.
Mitchell is offline
RealEdan
Member
Join Date: Dec 2016
Location: United States
Old 10-17-2019 , 03:01   Re: [CSGO] New Exploit?
Reply With Quote #7

How does this even work? Isn't allowdownload only linked to the FastDL Server? How are people downloading server files..?
__________________
RealEdan is offline
sneaK
SourceMod Moderator
Join Date: Feb 2015
Location: USA
Old 10-17-2019 , 10:10   Re: [CSGO] New Exploit?
Reply With Quote #8

Quote:
Originally Posted by RealEdan View Post
How does this even work? Isn't allowdownload only linked to the FastDL Server? How are people downloading server files..?
No, sv_allowdownload is only for downloading directly from server, not from fastdl.
__________________
sneaK is offline
cristian20042
AlliedModders Donor
Join Date: Jun 2016
Location: Romania
Old 10-17-2019 , 11:41   Re: [CSGO] New Exploit?
Reply With Quote #9

Mitchell, allowupload was on 0 already, i've also made a plugin to block uploads just in case. Both vars are set to 0.
__________________
Steam - https://steamcommunity.com/id/sniperheroofficialu/
Discord - SniperHero#8545
cristian20042 is offline
RealEdan
Member
Join Date: Dec 2016
Location: United States
Old 10-18-2019 , 03:41   Re: [CSGO] New Exploit?
Reply With Quote #10

Quote:
Originally Posted by sneaK View Post
No, sv_allowdownload is only for downloading directly from server, not from fastdl.
What exact files can you download through it?
__________________
RealEdan is offline
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 06:24.


Powered by vBulletin®
Copyright ©2000 - 2021, vBulletin Solutions, Inc.
Theme made by Freecode