Raised This Month: $12 Target: $400
 3% 

[CSGO] SRCDS Rcon Server Lagger Exploit Patch [1/2/21]


Post New Thread Reply   
 
Thread Tools Display Modes
Author
backwards
AlliedModders Donor
Join Date: Feb 2014
Location: USA
Plugin ID:
7442
Plugin Version:
1.0
Plugin Category:
Server Management
Plugin Game:
Counter-Strike: GO
Plugin Dependencies:
    Servers with this Plugin:
     
    Plugin Description:
    Prevent's clients from being able to lag the server by abusing tcp connections.
    Old 01-02-2021 , 03:51   [CSGO] SRCDS Rcon Server Lagger Exploit Patch [1/2/21]
    Reply With Quote #1

    Here's yet another patch for an exploit being abused in csgo to lag/dos servers within the last few weeks. This patch affectively just disables rcon from working. The real way to solve the issue and maintain rcon for sourcebans or admins would be to firewall off all ips to the tcp port of your game server except ones you whitelist. However many cheap hosts don't give access to firewall options along with not giving clients the ability to just never set an rcon_password. Setting rcon_password "" inside your server.cfg (and never setting it anywhere else) will prevent rcon from working and will solve the issue with the exploit.

    This patch should only be used if you have no way to access the firewall and you can't not set the rcon_password convar.
    THIS WILL BREAK SOURCEBANS AND OTHER SOFTWARE THAT COMMUNICATES WITH YOUR SERVER VIA RCON PROTOCOL


    Updated on 2/4/2023 for linux changes:
    Download rcon_exploit_fix_v1.1.zip for latest verison.
    Attached Files
    File Type: zip rcon_exploit_fix.zip (4.8 KB, 2904 views)
    File Type: zip rcon_exploit_fix_v1.1.zip (4.6 KB, 100 views)

    Last edited by backwards; 02-04-2023 at 16:06.
    backwards is offline
    foxsay
    AlliedModders Donor
    Join Date: Sep 2013
    Old 01-02-2021 , 05:29   Re: [CSGO] SRCDS Rcon Server Lagger Exploit Patch [1/2/21]
    Reply With Quote #2

    Bit out of the topic question. Witch your exploit patch plugins is still necessary to use because I still use all of them (except this one).

    Btw great release as always thank you = )

    Last edited by foxsay; 01-02-2021 at 05:34.
    foxsay is offline
    AePT
    Member
    Join Date: Jan 2016
    Old 01-02-2021 , 11:07   Re: [CSGO] SRCDS Rcon Server Lagger Exploit Patch [1/2/21]
    Reply With Quote #3

    Nice release!

    Thank you for sharing.
    AePT is offline
    r3v
    Senior Member
    Join Date: Feb 2016
    Location: Lithuania, Vilnius
    Old 01-02-2021 , 11:50   Re: [CSGO] SRCDS Rcon Server Lagger Exploit Patch [1/2/21]
    Reply With Quote #4

    My servers have some ddos attacks with A2S, and NOW i found this: https://steamcommunity.com/discussio...8351344359625/
    For CS:GO server i'm using linux32 .so files, so i now starting testing, with your exploit fix plugin.
    But Backwards, still do we need your exploit fix?

    Last edited by r3v; 01-02-2021 at 13:28.
    r3v is offline
    Trum
    AlliedModders Donor
    Join Date: Jan 2017
    Old 01-02-2021 , 12:07   Re: [CSGO] SRCDS Rcon Server Lagger Exploit Patch [1/2/21]
    Reply With Quote #5

    Trum is offline
    backwards
    AlliedModders Donor
    Join Date: Feb 2014
    Location: USA
    Old 01-03-2021 , 01:37   Re: [CSGO] SRCDS Rcon Server Lagger Exploit Patch [1/2/21]
    Reply With Quote #6

    The only one that i'm aware of that has been patched by valve and isn't needed anymore is this one:

    https://forums.alliedmods.net/showthread.php?p=2687724

    However yesterday I did release an update to the SendFile Exploit Patch:
    v3.1

    https://forums.alliedmods.net/showthread.php?p=2656975

    although it's untested. It should prevent 2 more variation of that exploit that exists. along with one that still works even with sv_allowupload 0 and sv_allowdownload 0 set.
    backwards is offline
    yuv41
    Member
    Join Date: Jan 2020
    Old 01-03-2021 , 07:15   Re: [CSGO] SRCDS Rcon Server Lagger Exploit Patch [1/2/21]
    Reply With Quote #7

    How does one even spam the TCP connection of the RCON protocol? edu purposes c:
    yuv41 is offline
    JLmelenchon
    Senior Member
    Join Date: Mar 2019
    Old 09-29-2022 , 14:04   Re: [CSGO] SRCDS Rcon Server Lagger Exploit Patch [1/2/21]
    Reply With Quote #8

    Will it have the same effect if i block all tcp connections and only allow the ip of the server ?

    Last edited by JLmelenchon; 09-29-2022 at 14:04.
    JLmelenchon is offline
    backwards
    AlliedModders Donor
    Join Date: Feb 2014
    Location: USA
    Old 09-30-2022 , 01:29   Re: [CSGO] SRCDS Rcon Server Lagger Exploit Patch [1/2/21]
    Reply With Quote #9

    Quote:
    Originally Posted by JLmelenchon View Post
    Will it have the same effect if i block all tcp connections and only allow the ip of the server ?
    Yes
    __________________
    I highly recommend joining the SourceMod Discord Server for real time support.

    Last edited by backwards; 09-30-2022 at 01:29.
    backwards is offline
    JLmelenchon
    Senior Member
    Join Date: Mar 2019
    Old 10-06-2022 , 23:03   Re: [CSGO] SRCDS Rcon Server Lagger Exploit Patch [1/2/21]
    Reply With Quote #10

    Even after putting rcon_password "" in my server file, when i am in game i still receive an answer with rong password if type rcon kick for example. Is it normal?
    JLmelenchon is offline
    Reply


    Thread Tools
    Display Modes

    Posting Rules
    You may not post new threads
    You may not post replies
    You may not post attachments
    You may not edit your posts

    BB code is On
    Smilies are On
    [IMG] code is On
    HTML code is Off

    Forum Jump


    All times are GMT -4. The time now is 11:41.


    Powered by vBulletin®
    Copyright ©2000 - 2024, vBulletin Solutions, Inc.
    Theme made by Freecode