SRCDS Steam group


Help me Exploit SRCDS!
#1
Alright, don't close this, it was just too tempting of a title not to use.

Anyways,
After quite a long time of planning, I am finally getting ready to open up the doors to my GSP pretty soon. One of my biggest worries though has been with the price of bandwidth, having clients fall victim to a DoS attack or something similar in nature.

There are already a lot of SM plugins, VSPs from SourceOP, MMS plugins, etc. that help to prevent specific exploits and attacks, however it can be an absolute pain trying to set all of these up. I have decided prior to opening I am going to work on a VSP (valve server plugin) to eliminate the need for any specific admin mods, that will incorporate all of these fixes and some new ones. I have no problem releasing this to the public, as the main concern is making sure my clients dont fall victim to an easily prevented attack.

So, basically I need the help of you guys to help me exploit SRCDS. I do specifically c++ coding, and since most of the attacks are web based, I really have no idea how to reproduce them. I know there are applications to DoS a server, and there has to be a script or something out there for some of the other issues such as A2C_PRINT spam. If you can help provide me with the tools needed to attack my dev server, so I can thoroughly test this mod prior to release, it would be most appreciated. I wouldn't have any problem giving beta versions to people who help as well.

I do prefer you PM me with tools and/or exploits as obviously we dont want them circulating on the srcds forum. Just in an attempt to prove I am not just someone out to collect exploits for personal gain, heres a link to my SM profile with some feedback on me from past jobs.
http://forums.alliedmods.net/member.php?u=31784

Current Exploit List to Target
1) A2C_PRINT Spam
2) A2S_INFO Spam
3) Invalid Player Names (Empty Names, Bell Characters)
4) Forced Full Update (Empty Packet)
5) Clientside Plugins
6) Half Connected Crash
7) DoS Attack
8) RCON Crash (Too many Login Attempts)

Any help with information on more exploits to add to the list, or help with causing these exploits would be great. Please just keep sensitive material to PMs though!
Reply
#2
Most things that are fixed in SM are later fixed by valve within a day or two. I don't think there are any exploits currently. If so, they are fixed relatively quickly. Anyways, servers crash. If so, they get re-started.
~ Mooga ...w00t? - SRCDS.com on Twitter
[Image: 76561197965445574.png]
Please do not PM me for server related help
fqdn Wrote:if you've seen the any of the matrix movies, a game server is not all that different. it runs a version of the game that handles the entire world for each client connected. that's the 2 sentence explanation.
Reply
#3
Theres a fair amount of exploits that have been around for quite a while that valve refuses to fix, This is intended for those. And yes, servers do crash, but when they are crashing because someones packet flooding your server with a type that valve left in the game, that has no use, it can be frustrating.
Reply
#4
(10-11-2009, 12:54 PM)CrimsonGT Wrote:  Theres a fair amount of exploits that have been around for quite a while that valve refuses to fix, This is intended for those. And yes, servers do crash, but when they are crashing because someones packet flooding your server with a type that valve left in the game, that has no use, it can be frustrating.

You should be fine, our CS:S server was like a main target for hackers, I mean we literally have had EVERY attack in the book, DDOS, crashing, rcon crashing, etc, at the present moment we have been exploit free.

Most game exploits should be patched or there are programs in AlliedMods.net (I believe you are a member there too) under the metamod section that prevent game DDOS.

If you want to prevent dedicated server DDOS that is something entirely and you will have to go to a web hosting tech support site for advice on that.
Reply
#5
(10-14-2009, 12:25 PM)SaintGTR Wrote:  You should be fine, our CS:S server was like a main target for hackers, I mean we literally have had EVERY attack in the book, DDOS, crashing, rcon crashing, etc, at the present moment we have been exploit free.

Most game exploits should be patched or there are programs in AlliedMods.net (I believe you are a member there too) under the metamod section that prevent game DDOS.

If you want to prevent dedicated server DDOS that is something entirely and you will have to go to a web hosting tech support site for advice on that.

Like CrimsonGT said, the exploits above are NOT fixed. As far as I remember correctly CrimsonGT is in the main SourceMod team as a coder, he already knows what's there on alliedmods.net

I agree on maybe a webhosting tech guy on how they block those kind of things. I've never been bothered with those things myself really so can't be much of help.
Join the Source Dedicated Server Support Group on Steam Community!
Source Dedicated Server (SRCDS)
Free to join, Live support! (When available)

http://forums.srcds.com/viewtopic/5114
Reply
#6
1) A2C_PRINT Spam
2) A2S_INFO Spam
3) Invalid Player Names (Empty Names, Bell Characters) - fixed by some SourceMod plugin.
4) Forced Full Update (Empty Packet)
5) Clientside Plugins - use zBlock
6) Half Connected Crash - use zBlock
7) DoS Attack - DoSprevent.dll/.so
8) RCON Crash (Too many Login Attempts) - SourceMod Plugin.
Reply
#7
Thanks, Im not on the dev team though, im just a moderator and a freelance SM developer, but close enough Toungue

realchamp: The second paragraph pretty much covers what you just posted. Im well aware that fixes exist for some of these, but it would much easier to run a self updating VSP that doesn't rely on anything else than to add 10+ plugins/mods and watch them all for updates. Also, zBlock is only for CSS, what about TF2/DoDS/L4D? Also, googling dosprevent.dll had 1 result and it didnt seem to be relevant (nor in english).

Anyways, I have most of them taken care of now, thanks anyways.
Reply
#8
(10-16-2009, 09:46 PM)CrimsonGT Wrote:  Thanks, Im not on the dev team though, im just a moderator and a freelance SM developer, but close enough Toungue

realchamp: The second paragraph pretty much covers what you just posted. Im well aware that fixes exist for some of these, but it would much easier to run a self updating VSP that doesn't rely on anything else than to add 10+ plugins/mods and watch them all for updates. Also, zBlock is only for CSS, what about TF2/DoDS/L4D? Also, googling dosprevent.dll had 1 result and it didnt seem to be relevant (nor in english).

Anyways, I have most of them taken care of now, thanks anyways.
Not sure about the exact name of the dosattack.dll stuff. I don't remember... Well one plugin that protects for it all would be awesome.
Reply
#9
Are you dalking about the DAF DoS attack prevent that runs as an independent plugin for srcds?
Looking for a game server? Visit fullfrag.com and pick one up as low as $2.50 / mo!
Reply


Forum Jump:


Users browsing this thread: 2 Guest(s)