Raised This Month: $12 Target: $400
 3% 

[ANY] Spray Exploit Fixer (2.22) [28-Jan-2024]


Post New Thread Reply   
 
Thread Tools Display Modes
Author
Silvers
SourceMod Plugin Approver
Join Date: Aug 2010
Location: SpaceX
Plugin ID:
7055
Plugin Version:
2.22
Plugin Category:
Server Management
Plugin Game:
Any
Plugin Dependencies:
    Servers with this Plugin:
     
    Plugin Description:
    Deletes bad sprays and prevents them from crashing clients.
    Old 04-19-2020 , 23:44   [ANY] Spray Exploit Fixer (2.22) [28-Jan-2024]
    Reply With Quote #1

    About:
    • This will delete invalid sprays preventing clients from crashing, except the person attempting to crash others.
    • You can disable sprays completely by setting the cvar sv_allowupload "0".
    • Can specify sm_sprays_allowed in sourcemod/configs/admin_overrides.cfg to make sprays only usable to users with certain flags.
    • Small chance there may still be false positives, if there are please PM me the spray file.
    • This plugin assumes only sprays will appear in the games /download/ folder tree and be triggered.
    • In TF2 many random files are sent by clients, they will be deleted except valid sprays and wave files.
    • Because of this the plugin is prevented from banning clients in TF2.
    • Might eventually update to only ban when invalid sprays are detected and ignore other random files.



    Thanks:
    • Dunder - Bringing the exploit to my attention.
    • Madness (null138) - Adding another exploit fix.
    • domino_ - For various help.
    • Lux - For various help.
    • maximsmol - Helped finding binaries.
    • nosoop - Helped finding binaries.
    • xZk - Helped testing.
    • Cuba - Helped testing.
    • SlidyBat - Helped testing.



    ConVars:

    Saved to spray_exploit_fixer.cfg in your servers \cfg\sourcemod\ folder.

    PHP Code:
    // 0=Off. 1=Ban users who trigger invalid sprays (may still be some false positives).
    spray_exploit_fixer_ban "0"

    // 0=Off. 1=Kick users who trigger invalid sprays (may still be some false positives).
    spray_exploit_fixer_kick "0"

    // Logging saved to sourcemod/logs/spray_downloads.log: 0=Off. 1=Log all user uploads. 2=Log invalid sprays only.
    spray_exploit_fixer_log "1"

    // Print to server console: 0=Off. 1=Missing sprays and invalid sprays. 2=Only invalid sprays.
    spray_exploit_fixer_msg "1"

    // Path to the downloads folder of sprays. Add /cc/ if sprays are stored in individual 2 character folders. Must contain trailing / slash.
    spray_exploit_fixer_path "download/user_custom/cc/" or "downloads/" in Source 2006/2007 and L4D1/L4D2.

    // Spray Exploit Fixer plugin version.
    spray_exploit_fixer 


    Admin Command:

    PHP Code:
    // Tests all sprays in the games downloads folder, listing bad ones.
    sm_spray_test 



    Changes:
    Code:
    2.22 (28-Jan-2024)
        - Fixed memory leak caused by clearing StringMap/ArrayList data instead of deleting.
    
    2.21 (19-Feb-2023)
        - Now prevents even more log spamming duplicate entries. Thanks to ".Rushaway" for reporting.
    
    2.20 (20-Jan-2023)
        - Now logs if a Steam ID is unverified.
        - Now prevents log spamming duplicate entries.
        - Fixed checking bots for sprays.
        - Thanks to ".Rushaway" for reporting and help testing.
    
    2.19 (07-Jan-2023)
        - Fixed processing getting stuck. Thanks to "SuperConker" for reporting and help testing.
        - Fixed invalid handle errors. Thanks to "nikooo777" for reporting.
    
    2.18 (24-Dec-2022)
        - Changed moving sprays to use an asynchronous method to prevent a script execution timed out error. Thanks to ".Rushaway" for reporting.
    
    2.17 (08-Oct-2022)
        - Fixed command "sm_spray_test" getting stuck processing under certain conditions.
        - Re-wrote the recursive directory function to avoid several bugs under several conditions.
        - Now only moves sprays (.dat or .dat.ztmp) and not other files to the "backup_sprays" folder.
        - Now deletes empty directories on plugin start after moving sprays to the "backup_sprays" folder.
    
    2.16 (30-Sep-2022)
        - Fixed not moving all sprays on disconnect.
        - Fixed client not in game errors when renaming sprays.
        - Now moves "dat.ztmp" spray files to backup folder.
    
    2.15 (22-Sep-2022)
        - Fixed not deleting the old backup if the names match.
    
    2.14 (22-Sep-2022)
        - Added cvar "spray_exploit_fixer_msg" to control if messages should print to the server console. Requested by ".Rushaway".
        - Plugin now moves all sprays to the "download/backup_sprays" folder on plugin start and client disconnect.
        - Removed saving checked and blocked sprays to file. All sprays will be checked.
    
    2.13 (22-May-2022)
        - More detailed "LogAction" when kicking or banning clients.
    
    2.12 (22-May-2022)
        - Added some more "LogAction" when kicking or banning clients.
    
    2.11 (22-May-2022)
        - Added cvar "spray_exploit_fixer_kick" to kick clients. Ban cvar overrides this. Requested by ".Rushaway".
        - Changes to fix not kicking or banning clients under some conditions.
    
    2.10 (23-Apr-2022)
        - Fixed the plugin blocking sprays on some servers. Thanks to "SuperConker" for reporting and lots of testing.
    
    2.9 (10-Apr-2022)
        - Fixed showing the wrong invalid files count. Thanks to "sappho" for reporting.
    
    2.8 (20-Mar-2022)
        - Added another check and prevention against crash exploits. Thanks to "Sreaper" and "ficool2" for lots of help.
        - Fixed some false positives due to recent updates.
    
    2.7 (08-Mar-2022)
        - Added support for banning using the "Material Admin" plugin. Thanks to "lechuga" for adding.
    
    2.6 (01-Mar-2022)
        - Another crash exploit fixed. Thanks to Kenzzer for reporting.
    
    2.5 (15-Jan-2022)
        - Fixed randomly using recursive folder and extension names in spray filenames causing validation failure. Thanks to "A1m" for reporting.
    
    2.4 (02-Dec-2021)
        - Added support for banning using the "SourceBans" plugin. Thanks to "lechuga" for adding.
    
    2.3 (12-Nov-2021)
        - Added a check for missing downloads folder and filename. Thanks to "nebsun" for reporting.
        - Changes to fix warnings when compiling on SourceMod 1.11.
    
    2.2 (30-Jun-2021)
        - Fixed another Spray exploit. Thanks to "Madness (null138)" for fixing and reporting.
    
    2.1 (31-Mar-2021)
        - Added a check for "sm_sprays_allowed" in the command admin_overrides.cfg to only allow specific flag groups to use sprays.
    
    2.0 (09-Aug-2020)
        - Now should support all games.
        - Added more checks for invalid files.
        - Added cvar "spray_exploit_fixer_path" to specify the downloads folder if not correctly detected.
        - Removed gamedata and DHooks dependency.
        - Removed cvar "spray_exploit_fixer_name".
    
    1.6 (15-Jul-2020)
        - Fixed issue with CSS game. Thanks to "NeonC" for reporting.
        - Added cvar "spray_exploit_fixer_name" to choose the method for retrieving the spray owner.
    
    1.5 (14-May-2020)
        - Added better error log message when gamedata file is missing.
        - Fixed gamedata for HL2:DM. Thanks to "CliptonHeist" for reporting and "asherkin" for explaining engine != game.
        - (Info: the gamedata "engine" key for HL2:DM uses "hl2dm" (the engine name) while the "game" part uses "hl2mp" (game name) e.g. for offsets).
    
    1.4 (10-May-2020)
        - Added support for "Zombie Panic! Source" game. Requires gamedata update.
        - Fixed "sm_spray_test" timing out when checking many sprays. Thanks to "Sreaper" for reporting and testing.
        - Now checks 50 files and waits 0.1 seconds before checking the next batch.
        - TF2 updated to fix clients crashing, but this plugin is still recommended to delete the other randomly uploaded user files.
    
    1.3 (26-Apr-2020)
        - Changed cvar "spray_exploit_fixer_log" to log all files or only invalid sprays.
        - Logging now saves to "sourcemod/logs/spray_downloads.log" file.
    
    1.2 (23-Apr-2020)
        - Added better checks to detect more bad sprays.
        - Added better checks for TF2 and other games to avoid false positives.
        - Prevented banning people in TF2 since many random invalid files are sent, not just sprays.
    
    1.1 (21-Apr-2020)
        - Added better checks to prevent false positives.
        - Added ability to detect the users uploading sprays or other files.
        - Added cvar "spray_exploit_fixer_ban" to ban players with invalid sprays.
        - Added cvar "spray_exploit_fixer_log" to log players and files they uploaded.
        - Changed "sm_spray_test" to allow recursive searching the downloads directory.
        - Fixed plugin crashing TF2.
        - Updated GameData required.
    
    1.0 (20-Apr-2020)
        - Initial release.



    Updating from 2.13 or older:
    • Cvars have changed: use the Cvar Configs Updater, or delete the old cvars config or manually add them.

    Installation:
    1. Click "Get Plugin" and put the .smx file into your servers \addons\sourcemod\plugins\ folder.
    Attached Files
    File Type: sp Get Plugin or Get Source (spray_exploit_fixer.sp - 131 views - 29.2 KB)
    __________________

    Last edited by Silvers; 01-28-2024 at 02:25.
    Silvers is offline
    n3ontm
    Junior Member
    Join Date: May 2017
    Old 04-20-2020 , 06:14   Re: [ANY] Spray Exploit Fixer (1.0) [20-Apr-2020]
    Reply With Quote #2

    That for sure will be a lot of false positives...
    n3ontm is offline
    Silvers
    SourceMod Plugin Approver
    Join Date: Aug 2010
    Location: SpaceX
    Old 04-20-2020 , 10:44   Re: [ANY] Spray Exploit Fixer (1.0) [20-Apr-2020]
    Reply With Quote #3

    Quote:
    Originally Posted by n3ontm View Post
    That for sure will be a lot of false positives...
    What makes you say that? I was given 150+ to test from and only a handful triggered (mostly bad ones) so should be rare, if there are false positives send me.
    __________________
    Silvers is offline
    kidfearless
    Junior Member
    Join Date: Jun 2017
    Old 04-20-2020 , 12:06   Re: [ANY] Spray Exploit Fixer (1.0) [20-Apr-2020]
    Reply With Quote #4

    It doesn't look like it's an issue in csgo. But I modified the plugin to loop through the decals folder and optionally delete any bad sprays.
    Attached Files
    File Type: smx spray_exploit_fixer.smx (3.7 KB, 683 views)
    File Type: sp Get Plugin or Get Source (spray_exploit_fixer.sp - 975 views - 2.9 KB)

    Last edited by kidfearless; 04-20-2020 at 12:07.
    kidfearless is offline
    n3ontm
    Junior Member
    Join Date: May 2017
    Old 04-20-2020 , 13:19   Re: [ANY] Spray Exploit Fixer (1.0) [20-Apr-2020]
    Reply With Quote #5

    Quote:
    Originally Posted by Silvers View Post
    What makes you say that? I was given 150+ to test from and only a handful triggered (mostly bad ones) so should be rare, if there are false positives send me.
    From my understanding you are scanning the header of the vtf file. And if it doesnt match your pattern it will get deleted. But your pattern is for a specific version of vtf files and a specific resolution for example.
    Or am i completly wrong here?
    n3ontm is offline
    finishlast
    Senior Member
    Join Date: Nov 2018
    Location: In Reno with the vitamin
    Old 04-20-2020 , 16:17   Re: [ANY] Spray Exploit Fixer (1.0) [20-Apr-2020]
    Reply With Quote #6

    I ran it on my server, console.log stated 1300 invalid entries.

    all like this:

    Invalid file: downloads/154a44f0.dat.ztmp: 00 (4C <> 56)
    Invalid file: downloads/45200a84.dat.ztmp: 00 (4C <> 56)
    Invalid file: downloads/8edc761f.dat.ztmp: 00 (4C <> 56)
    Invalid file: downloads/bcc94a1b.dat.ztmp: 00 (4C <> 56)
    Invalid file: downloads/b3bcd84b.dat.ztmp: 00 (4C <> 56)
    Invalid file: downloads/36a9993c.dat.ztmp: 00 (4C <> 56)
    Invalid file: downloads/7e230223.dat.ztmp: 00 (4C <> 56)
    Invalid file: downloads/a20f8c01.dat.ztmp: 00 (4C <> 56)
    Invalid file: downloads/8a577bff.dat.ztmp: 00 (4C <> 56)
    Invalid file: downloads/e6200f2a.dat.ztmp: 00 (4C <> 56)
    __________________
    finishlast is offline
    Silvers
    SourceMod Plugin Approver
    Join Date: Aug 2010
    Location: SpaceX
    Old 04-20-2020 , 16:20   Re: [ANY] Spray Exploit Fixer (1.0) [20-Apr-2020]
    Reply With Quote #7

    Quote:
    Originally Posted by finishlast View Post
    I ran it on my server, console.log stated 1300 invalid entries.
    Will be updating with better checks to prevent so many false positives. At least it prevents the issue for now with strict checks, otherwise just disable sprays or uploading until this is more robust.
    __________________
    Silvers is offline
    rengo
    Member
    Join Date: Jun 2015
    Old 04-21-2020 , 13:40   Re: [ANY] Spray Exploit Fixer (1.0) [20-Apr-2020]
    Reply With Quote #8

    sorry for ignorance, as is the command to disable spray from my server
    __________________
    rengo is offline
    Send a message via AIM to rengo
    finishlast
    Senior Member
    Join Date: Nov 2018
    Location: In Reno with the vitamin
    Old 04-21-2020 , 13:55   Re: [ANY] Spray Exploit Fixer (1.0) [20-Apr-2020]
    Reply With Quote #9

    Quote:
    Originally Posted by Silvers View Post
    Will be updating with better checks to prevent so many false positives. At least it prevents the issue for now with strict checks, otherwise just disable sprays or uploading until this is more robust.
    Yeah, no problem, your work is as always apreciated! I still saw enough sprays from my friends and that folder needed a serious cleanup anyways.

    I just leave it running, better save than sorry.
    __________________
    finishlast is offline
    Silvers
    SourceMod Plugin Approver
    Join Date: Aug 2010
    Location: SpaceX
    Old 04-21-2020 , 14:36   Re: [ANY] Spray Exploit Fixer (1.1) [21-Apr-2020]
    Reply With Quote #10

    Quote:
    Originally Posted by rengo View Post
    sorry for ignorance, as is the command to disable spray from my server
    Use the cvar sv_allowupload "0". Added to the first post.

    Quote:
    Originally Posted by finishlast View Post
    I ran it on my server, console.log stated 1300 invalid entries.
    Thanks, these issues will no longer happen.


    Code:
    1.1 (21-Apr-2020)
        - Added better checks to prevent false positives.
        - Added ability to detect the users uploading sprays or other files.
        - Added cvar "spray_exploit_fixer_ban" to ban players with invalid sprays.
        - Added cvar "spray_exploit_fixer_log" to log players and files they uploaded.
        - Changed "sm_spray_test" to allow recursive searching the downloads directory.
        - Fixed plugin crashing TF2.
    Now detects who uploaded what! I suggest not banning until more testing is done to confirm no false positives.

    GameData and plugin updated.
    __________________

    Last edited by Silvers; 04-21-2020 at 14:38.
    Silvers is offline
    Reply


    Thread Tools
    Display Modes

    Posting Rules
    You may not post new threads
    You may not post replies
    You may not post attachments
    You may not edit your posts

    BB code is On
    Smilies are On
    [IMG] code is On
    HTML code is Off

    Forum Jump


    All times are GMT -4. The time now is 05:25.


    Powered by vBulletin®
    Copyright ©2000 - 2024, vBulletin Solutions, Inc.
    Theme made by Freecode