This isn't news. If you read the rest of the thread, a number of veterans came in here stating there was no sign of Stealth Mode's statements being accurate. The kid went on ranting and then made another email asking Valve to ban people who were being 'mean' to him. I don't think he ever provided any type of proof that an exploit like this exists, only wanted everyone to take his word for it.
Valve has worked to patch a number of exploits on various games including old Gold Source games over the past year or two. If there was a legitimate threat, there's a reasonable chance Valve would have looked into it. I haven't seen a single report of this issue from other users here, nor on Allied Mods, or any other SRCDS related server forums I frequent. Countless people here are using custom files on their servers and have no issues. I'm sure most of us scan our server files every so often for malicious files as well. On Fri, Jan 26, 2018 at 5:43 PM, Difegue <su...@cock.li> wrote: > Hey there, > > It's been about 3 months since news of this exploit surfaced (and only > here, haven't seen it elsewhere, I suppose to keep disclosure to a > minimum), so ~4 months since valve is aware of it. > > Has there been any news about this exploit being fixed with Jungle > Inferno? We've been running with custom files disabled since the news broke > and some players are getting pretty upset about the lack of sprays. > > On 09/10/2017 11:31, Stealth Mode wrote: > > Headsup admins/owners. Might want to disable custom files till valve > addresses this issue brought to their attention a month ago. > There is an exploit where any client with minor skill can inject custom > files with all types of malicious code. From hacks in weapon skins, to > ransomware in custom .bsp, to remote backdoors in custom spray paints. > > The exploit is injecting code into any image, sound, or data file. You can > take weapon skins (csgo), sound files, spray paint image files, even > .bsp/etc. and inject hack code, or actual ransomware, viruses, or > Trojans/rootkits directly into a server cache, or client cache via the > custom file. > > Might want to disable custom files till valve decides to correct this > issue. > > -StealthMode > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, please > visit:https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds > > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds > >
_______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds
