First, the demo file won't record any crucial information... plus, these exploits aren't valve commands being messed up, it could be protocols being buggy; for example sending the connection packet of 300 different clients...
And secondly, this reminds me of the disconnect message exploit, that would *also block FVAR*, but I wouldn't worry about that exploit, it's already fixed! On Fri, Apr 13, 2012 at 2:15 AM, Harry Strongburg <harry.h...@harry.lu>wrote: > Hi, just thought I'd tell you guys that there's a remote slowhacking > exploit in the wild. Any user, who doesn't need any permissions at all > on the server, and happens without ANY server modifications installed, > can make all the client's on the server unresponsive. The exploit will > even run just fine on Valve's official TF2 servers. Along with this, > they can run seemingly any rcon command, such as "say". > > Any command on the player's clients will give the console error > "FCVAR_SERVER_CAN_EXECUTE prevented server running command" (this > includes toggleconsole, etc). This will make your game impossible to > use, until you taskkill HL2 and join a new server. > > In the experience I saw, this exploit doesn't work if you have SMAC > installed: "User was kicked for command spamming: say hi". > > So my point of this email is if anyone here any idea on what I can do > with a demo I was recording while the exploit was run on a server I was > playing on. In particular, if I could see what commands the server > forced my client to run (the "slowhacking" commands were recorded > properly in the demo), it might be a bit easier for Valve to fix up > whatever the exploit is. > > Thanks for any suggestions. > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds >
_______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds
