Re: [hlds] New srcds exploit
These exploits have been around for a very long time, it's just nobody really abused them like they have been now. The obvious commands are physics_select and friends. The reason they crash a server is because the player is NULL during connect. As for the console spam, that's a side effect of having a NULL player, the game thinks the say is coming from the console. Most of this stuff is obvious when you look in the SDK. On Mon, Feb 2, 2009 at 4:10 PM, Tom Leighton tomrleigh...@googlemail.comwrote: VAC is fully automated, and VALVe do not accept any cheater's steam id submissions. However, you could report them to www.steambans.com if you run steambans. Andrey Titov wrote: sorry.. can i ask hire? need adress to sent cheat players steam id's.. piss me off that's little bastards )) valve adress better. ban by server is too liitle trouble for thouse players. sorr for bad eng 2009/2/2 Justin mysteriousjus...@gmail.com True, but we have alot of time on our hands aswell seeing as most of us have 10+ game servers, and are pissed off because this plugin affects the hard work put into them. On Mon, Feb 2, 2009 at 2:50 PM, Timothy L Havener timotheus_have...@earthlink.net wrote: that's an epic parenting fail right there. these kids have way too much free time on their hands to come up with this crap. Justin wrote: http://www.sythe.org/showthread.php?t=558846 He's selling it too.. On Fri, Jan 30, 2009 at 2:18 PM, DontWannaName! dontwannaname...@yahoo.comwrote: I dont think there is a way to stop the attacks because he uses a few commands and such. He also crashes the server before the server can tell him that he is banned. I think IP banning him may work? 86.3.49.194 He has a lot of steamids so a steam ban wont work, wont authenticate either. He isnt really getting your rcon password from what I have seen. http://download.chrisaster.com/garrysmod/ From: Chris headad...@gmail.com To: Half-Life dedicated Win32 server mailing list hlds@list.valvesoftware.com Sent: Friday, January 30, 2009 10:25:51 AM Subject: Re: [hlds] New srcds exploit ok, how to block this command? The sm command blocker plugin? On Fri, Jan 30, 2009 at 6:10 PM, Chad Austin c...@pcchemical.com wrote: dsplittber...@gmail.com wrote: thank god he gave us the link to where we can buy these exploits :p ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds anyone willing to buy the programs and provide a packet dump? ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
Re: [hlds] Achievement Farmer Honeypot
I'd use this plugin if it banned people randomly. On Wed, Feb 25, 2009 at 5:10 PM, Blood Letter bw_bloodlet...@hotmail.comwrote: I'm not pushing my beliefs or tactics on anyone Really? Achievement Farmers: Be Warned! Server admins are fighting back! You can help STOP achievement farming! Until Valve can find a way to stop those who belittle the meaning and purpose of Achievement and Unlockables, you can do something to stop them! Achievement farming ruins the integrity, the purpose, of achievements. The word achievement doesn't mean dick around in a map for 45 minutes and earn unlockables, and since Valve has yet to take a step towards stopping those who belittle the work and dedication of others, I have. Download the SourceMod plugin here. Take Back Team Fortress! These are known achievement farmers! Ban them NOW! You admit that joining the server running that map isn't wrong, yet you don't realize that some people will join and inadvertently earn an achievement? You don't realize that by setting the threshold of wrong to earning an achievement on an achievement server your honeypot is functioning just as any other achievement server? You claim over 2000 bans. I say you've aided and abetted in the farming of over 2000 achievements. You're a tool. From: mslee...@cyberwurx.com To: hlds@list.valvesoftware.com Date: Wed, 25 Feb 2009 18:17:32 -0500 Subject: Re: [hlds] Achievement Farmer Honeypot I wait for people to earn achievements before having them banned, because you're right, joining the map isn't doing anything wrong. Earning achievements on an achievement farming map on the other hand... I don't understand your comment about fake clients. My opinion of that is well known and I anxiously await the patch which will rid the world of fake clients. I'm not pushing my beliefs or tactics on anyone, and I'm not trying to force anyone to setup a honeypot server. If people want to follow my lead though, I am giving everyone the tools necessary to do so. And yes, I think every single 2100+ and counting people deserve to be banned. They cheated the system. Once again, if you want to continue this, I am on IRC and am happy to argue there. I'll go ahead and copy this over to AlliedModders since you want to bring it there too. On Wed, 2009-02-25 at 15:05 -0800, Blood Letter wrote: Your honeypot is more about you feeling like you have control than it is about bettering the community or taking a stand. I am not missing the point of a honeypot. I am a degree-wielding computer scientist, I know full well what a honeypot is. I also know that actual honeypots are looked down upon in the security sector and are pretty much useless (legally) when it comes to actually following through and taking action. They are a useful approach in terms of improving security (through statistical research), but since you're not Valve you're not really going to improve the core problem, are you? It's obvious you haven't thought things through. You state (I believe it was in your A-M thread) that the only reason people join servers running achievement maps is to farm. This is an incorrect assumption, but, even taking it to be true: -Why wait for people to earn an achievement before banning them? Just ban them on join. --The answer is because you want it to be full so you can get more to join and thus ban more. -So why not just report false clients? Perhaps Dan from Circle-X can help you out. He posts here. Though he still maintains that their servers are vanilla and absolutely don't report fake clients have fast respawns or shuffle you off to other servers. --The answer is because you actually want to toy with people and then deny them things. You enjoy wielding your power, and you will do so arbitrarily and with an inflated sense of self-righteousness. You are the worst kind of admin. You are as much of a problem to TF2 as the farmers, griefers, and exploiters. As to why your assumption is incorrect: Many people will simply join an achievement box to meet up with friends (right click friend, view game info, join!). Many people will simply join a server based on ping and player count, and not the map. Many people will not know what an achievement box map is, or that is considered a bad thing. If your argument is that people should know better, then I'd like to ask you about all the NEW players that will be playing TF2. If a free weekend is upon us, then there will be a lot of new players. Should someone be banned from your servers just because they joined your honeypot? Should they be banned from other servers who have picked up your list? Apparently you think it is an acceptable price to pay for maintaining what you think is a desirable decorum and behavior among your players. That's fine. What's not fine is you trying to push your
Re: [hlds] blocking the server's PLAYERNAME has joined the game message
Maybe someone could make a plugin that bans users for connecting AND removes the message, I bet they were only trying to farm achievements anyway. No point in letting them spoil the gameplay with a connect message. On Wed, Mar 18, 2009 at 2:42 PM, SakeFox sake...@kingdomsend.com wrote: don't they show up as being disconnect by closing connection when that happens and when they do retry over and over it show up as disconnect by user? I dont remember and not going to look at the logs, i'm lazy =P DontWannaName! wrote: Sometimes players who are not banned will join once and you will still get 10 messages saying they connected, not quite sure whats that from, probably a connection problem on their side. ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
Re: [hlds] Team Fortress 2 Update Released
4/20 special feature, delete your stuff. I was high when I coded it. On Mon, Apr 20, 2009 at 6:33 PM, Jason Ruymen jas...@valvesoftware.comwrote: A required update for Team Fortress 2 is now available. Please run hldsupdatetool to receive. The specific changes include: Game Changes: - Reworked the character loadout screens to support future features. - Added the ability for players to permanently delete items from their inventory using the new Backpack menu. This does not reset achievements. Once an item has been deleted it can never be re-earned - Added the ability for players to reset their player stats using the Reset Stats button on the Stats menu. This does not reset achievements - Added a player_teleported game event that is sent when a player is teleported - Updated cp_junction_final to score per-capture instead of per-round. This fixes the map not working correctly with Tournament mode and the stopwatch - Scouts now drop the flag if they're carrying it when they start phasing Fixes: - Fixed instances where Steam connection problems would cause some unlocked items to be unusable - Fixed the custom crosshair menu not clearing itself when None is selected for non-English clients - Fixed warning about not being able to execute skill1.cfg when starting the dedicated server Jason ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
Re: [hlds] Team Fortress 2 Update Released
It may be that they're turning it into an RPG, where you pick up a rocket launcher + 3, and you can decide to delete it in your backpack. On Mon, Apr 20, 2009 at 6:41 PM, Jeff Sugar jeffsu...@gmail.com wrote: - Added the ability for players to permanently delete items from their inventory using the new Backpack menu. This does not reset achievements. Once an item has been deleted it can never be re-earned I cannot for the life of me figure out what the point of this is. -Atreus On Mon, Apr 20, 2009 at 5:33 PM, Jason Ruymen jas...@valvesoftware.com wrote: A required update for Team Fortress 2 is now available. Please run hldsupdatetool to receive. The specific changes include: Game Changes: - Reworked the character loadout screens to support future features. - Added the ability for players to permanently delete items from their inventory using the new Backpack menu. This does not reset achievements. Once an item has been deleted it can never be re-earned - Added the ability for players to reset their player stats using the Reset Stats button on the Stats menu. This does not reset achievements - Added a player_teleported game event that is sent when a player is teleported - Updated cp_junction_final to score per-capture instead of per-round. This fixes the map not working correctly with Tournament mode and the stopwatch - Scouts now drop the flag if they're carrying it when they start phasing Fixes: - Fixed instances where Steam connection problems would cause some unlocked items to be unusable - Fixed the custom crosshair menu not clearing itself when None is selected for non-English clients - Fixed warning about not being able to execute skill1.cfg when starting the dedicated server Jason ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
Re: [hlds] Stealing Accounts
Let this thread die. Sent from my Personal Computer. On Sat, Apr 25, 2009 at 5:09 PM, Saul Rennison saul.renni...@gmail.comwrote: Didn't you just post jailbait? End of topic-- let it die please. Sent from my iPhone On 25 Apr 2009, at 23:47, Karl Weckstrom k...@weckstrom.com wrote: Beginning Flamebait Detection cycle, pass 1 of 1... Searching for word ignore ..Found! Searching for word relevant ..Found! Searching for common phrases associated with in-question maturity ..Found! Searching for common phrases associated with inbox bloat ..Found! Searching for common phrases attributed to aggressive fictional creature mastication ..Found! FLAMEBAIT PROBABILITY: 99.% Generated by FLAMEBAIT DETECTOR, (C)2009 Ice Nine(TM), All Rights Reversed. /me removes his asbestos suit and pops another beer. -Original Message- From: hlds-boun...@list.valvesoftware.com [mailto: hlds-boun...@list.valvesoftware.com ] On Behalf Of bl4nk Sent: Saturday, April 25, 2009 4:24 PM To: Half-Life dedicated Win32 server mailing list Subject: Re: [hlds] Stealing Accounts I think the list would work fine if you guys just ignored the shit that msleeper (and/or whoever else) said and moved on like mature people. Who cares if he says something that's not 100% relevant; just ignore it, and don't bother replying. You're just feeding the troll and adding more useless chatter to our inbox every time you do reply. Patrick Shelley wrote: I think its evident that this list works just fine when msleeper doesnt chime in with the crap that he does. One minute he's championing the idea of this list as 'relevant to server admin' - the next he's chiming in with his l33t speak crap that reflects his truer colors - namely that he's an immature twat that THE MAJORITY dislike immensely. He causes more diversity amongst this list that anyone else here, more rows are caused by his input that anyone elses. ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
[hlds] Script kiddies abusing A2C_PRINT
It seems people discovered the old A2C_PRINT UDP message and are spamming servers. http://screencast.com/t/JRYs3LglN Is there any chance Valve can fix this instead of us having to fix every exploit they ignore? ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
Re: [hlds] Script kiddies abusing A2C_PRINT
It works on clients and servers. A2C_PRINT is 'l' it uses the generic connectionless message. On Sun, May 3, 2009 at 4:39 PM, Sebastian Staudt korak...@gmail.com wrote: There are several other packets not listed on the developer wiki. Like the name suggests A2C_PRINT can be send from *A*ll (master, server, clients) to *C*lients, so servers should not be affected by this. Weird. On Mon, May 4, 2009 at 12:18 AM, 1nsane 1nsane...@gmail.com wrote: I believe it was initially used to send messages from the master server to the game server. Also Azui... You forgot. Exploits must be reported Monday through Friday only! Now some fatty might google his way into the ability to freeze servers. On Sun, May 3, 2009 at 5:34 PM, Yaakov Smith m4ngr...@gmail.com wrote: What's A2C_Print? There's nothing about that on the Developer Wiki. -Original Message- From: hlds-boun...@list.valvesoftware.com [mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of 1nsane Sent: Monday, 4 May 2009 6:46 AM To: Half-Life dedicated Win32 server mailing list Subject: Re: [hlds] Script kiddies abusing A2C_PRINT Oh fun. On Sun, May 3, 2009 at 2:55 PM, AzuiSleet azuisl...@gmail.com wrote: It seems people discovered the old A2C_PRINT UDP message and are spamming servers. http://screencast.com/t/JRYs3LglN Is there any chance Valve can fix this instead of us having to fix every exploit they ignore? ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds __ Information from ESET Smart Security, version of virus signature database 4049 (20090501) __ The message was checked by ESET Smart Security. http://www.eset.com __ Information from ESET Smart Security, version of virus signature database 4049 (20090501) __ The message was checked by ESET Smart Security. http://www.eset.com ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
Re: [hlds] Script kiddies abusing A2C_PRINT
It doesn't freeze, the bell character \7 freezes when it's printed. On Sun, May 3, 2009 at 5:17 PM, Yaakov Smith m4ngr...@gmail.com wrote: But what does it actually do? (apart from freezing servers) ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
Re: [hlds] Script kiddies abusing A2C_PRINT
Or if you want to be really clever and cover up the message you can do \xFF\xFF\xFF\xFFl\rhello \n On Sun, May 3, 2009 at 5:29 PM, Saul Rennison saul.renni...@gmail.comwrote: All you do is send: FF FF FF FF 6C your message here Note the above is in hex ~_~. @AzuiSleet what do you mean? It freezes when it prints \x07, yes. AKA lags. Sent from my iPhone On 4 May 2009, at 00:23, 1nsane 1nsane...@gmail.com wrote: Sends messages. A quick search got this: A2C_PRINT from 68.142.72.250:27011 : No challenge for your address. A2C_PRINT from 72.165.61.189:27011 : No challenge for your address. Adding master at 72.165.61.189:27011 A2C_PRINT from 72.165.61.189:27011 : Bad challenge. Just a few examples of legit uses. On Sun, May 3, 2009 at 7:17 PM, Yaakov Smith m4ngr...@gmail.com wrote: But what does it actually do? (apart from freezing servers) ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
Re: [hlds] Script kiddies abusing A2C_PRINT
I don't know what \b is, but \r is return, it puts the cursor at the start of the line. \n puts the cursor on a new line. On Sun, May 3, 2009 at 5:36 PM, Saul Rennison saul.renni...@gmail.comwrote: Huh? You mean by using \b to cover up the A2C_PRINT from x.x.x.x:y : prefix? Using \r would just make a new line. Sent from my iPhone On 4 May 2009, at 00:32, AzuiSleet azuisl...@gmail.com wrote: Or if you want to be really clever and cover up the message you can do \xFF\xFF\xFF\xFFl\rhello \n On Sun, May 3, 2009 at 5:29 PM, Saul Rennison saul.renni...@gmail.comwrote: All you do is send: FF FF FF FF 6C your message here Note the above is in hex ~_~. @AzuiSleet what do you mean? It freezes when it prints \x07, yes. AKA lags. Sent from my iPhone On 4 May 2009, at 00:23, 1nsane 1nsane...@gmail.com wrote: Sends messages. A quick search got this: A2C_PRINT from 68.142.72.250:27011 : No challenge for your address. A2C_PRINT from 72.165.61.189:27011 : No challenge for your address. Adding master at 72.165.61.189:27011 A2C_PRINT from 72.165.61.189:27011 : Bad challenge. Just a few examples of legit uses. On Sun, May 3, 2009 at 7:17 PM, Yaakov Smith m4ngr...@gmail.com wrote: But what does it actually do? (apart from freezing servers) ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
Re: [hlds] Script kiddies abusing A2C_PRINT
I run a very popular Garry's Mod server, you may have heard of it, NoxiousNet. Go ahead, try and DDoS me, I'm invincible. On Sun, May 3, 2009 at 5:41 PM, 1nsane 1nsane...@gmail.com wrote: It is a very good idea to post exploits on HLDS. Only Azui does not run any servers. So that's kinda mute now... is it not? On Sun, May 3, 2009 at 7:37 PM, Cc2iscooL cc2isc...@gmail.com wrote: You guys do a good job of exposing your servers :) with this info the kiddies will get worse most likely since half the script kiddies watch this list for new commands to run. On 5/3/09, AzuiSleet azuisl...@gmail.com wrote: Or if you want to be really clever and cover up the message you can do \xFF\xFF\xFF\xFFl\rhello \n On Sun, May 3, 2009 at 5:29 PM, Saul Rennison saul.renni...@gmail.comwrote: All you do is send: FF FF FF FF 6C your message here Note the above is in hex ~_~. @AzuiSleet what do you mean? It freezes when it prints \x07, yes. AKA lags. Sent from my iPhone On 4 May 2009, at 00:23, 1nsane 1nsane...@gmail.com wrote: Sends messages. A quick search got this: A2C_PRINT from 68.142.72.250:27011 : No challenge for your address. A2C_PRINT from 72.165.61.189:27011 : No challenge for your address. Adding master at 72.165.61.189:27011 A2C_PRINT from 72.165.61.189:27011 : Bad challenge. Just a few examples of legit uses. On Sun, May 3, 2009 at 7:17 PM, Yaakov Smith m4ngr...@gmail.com wrote: But what does it actually do? (apart from freezing servers) ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds -- Sent from my mobile device ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
Re: [hlds] Referenced Memory
You should check the mdmp. On Mon, May 4, 2009 at 10:40 PM, Mike Stiehm mikesti...@gmail.com wrote: Hay your the power admin LOL How many people see this error? Kenny Loggins ClanAO.com On May 4, 2009, at 11:23 PM, Surplus Power Admin admin.surpluspo...@gmail.com wrote: Lately, like in the past two days, it seems my 4 person (close friends only) arena server can't go for a half hour without getting some error message of this nature: The instruction at 0x01091328 referenced memory at 0x0c1701b8. The memory could not be read. Click on OK to terminate the program Anyone know what that means, or what I can do to fix it? Best I can figure is that its a leak... but w/ the engine or a plugin or what? ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
Re: [hlds] Vac Ban for Idle program @ Source Op?
Maybe someone could make a sourcemod plugin that bans people for standing still. They could have been idling. On Mon, Jun 1, 2009 at 1:56 PM, Cc2iscooL cc2isc...@gmail.com wrote: Lollypop? On 6/1/09, msleeper mslee...@cyberwurx.com wrote: What are you talking about? I'm refering to the VAC for people who cheat the system. On Mon, 2009-06-01 at 15:35 -0400, Neil Voutt wrote: Honeypot? Neil Voutt - Administrator http://www.neilvoutt.com http://www.ipoststupidshit.com On Mon, Jun 1, 2009 at 3:33 PM, msleeper mslee...@cyberwurx.com wrote: Anyone want to guess my opinion on the matter? On Mon, 2009-06-01 at 15:07 +0800, Shane Arnold wrote: This. I imagine the purpose of the VAC system is to stop cheats that give an unfair advantage. Idling in a server, be it by minimised official client or third-party client is no different. It's still idling. Not to mention the fact that even if VALVe wanted to design the system to block/ban this particular client, they couldn't, as the server it connects to is not VAC secure (probably for exactly that reason, they aren't pretending to be a legitimate way to play the game). People are creating a storm in a teacup about this, it's a very small percentage of a very large player base that use it. And even then this whole argument is a moot point, as achievements are now grindable again to gain unlocks (YAY!). /thread ___ Shane Arnold - clontar...@iinet.net.au For want of a nail, the horseshoe was lost. For want of a horseshoe, the horse was lost. For want of a horse, the messenger was lost. For want of a messenger, the message was not delivered. For want of an undelivered message the war was lost. tgnwells wrote: It's not really any different than running TF2 in an idling server and minimizing the window, I wouldn't say it's very honest but I wouldn't really classify it as a cheat. And VACs main purpose is protecting the game process, I don't think you could get VAC banned from just manipulating the Steam API to perform simple tricks like this unless you do it from within the game, while connected to a VAC secured server. Although it seems possible if you were to try to connect to a legitimate (VAC enabled) server using what would appear to be a phony client that VAC might flag your account, although I think it'd most likely just refuse the connection. On 5/31/2009 4:01 PM, SakeFox wrote: I really shouldn't be starting in on this since I really want this thread to die, but by your logic using a application to let me see through walls to improve my performance is no difference then using custom materials that let me see through wall for better performance. Donnie Newlove wrote: In the end the only difference between idling in your app or idling in TF2 is RAM, CPU and if not minimized, GPU used. It's no more cheating than running TF2 in DX8 mode to get better performance. On Sun, May 31, 2009 at 11:45 PM, Cc2iscooLcc2isc...@gmail.com wrote: Seeing as it mimics idling in a server even though you're not idling in a server it could be considered a cheat. You're not actually running a game. You're using a program to emulate the game's function of connecting to a server. As far as I'm concerned that seems like cheating to me. It's like editing your punch times at work to say you were working when you really took the day off instead, and you're still getting paid. While you can't really get in trouble if you have nothing to do all day at work, you can get in trouble for editing your time sheet to say you were at work when you actually weren't. iGiggled -- Cc2iscooL Head Admin/Owner http://www.cc2iscool.com On Sun, May 31, 2009 at 4:31 PM, Philip Bembridge philipbembri...@gmail.com wrote: Valve: feel free to block the program, but please PLEASE after the weapon drop probabilities are geared towards playing well.. similar to the crit calculation!! @ cc2iscool: is this program any different to sitting idle in a server? then sitting in an idle server is cheating... if so, how are you going to strip their achieves? You can't strip one without stripping the other ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
Re: [hlds] Error On Steam Client
On the topic of odd steam bugs, I always get random context menus stuck in the upper left of my screen. On Wed, Aug 26, 2009 at 6:34 AM, Jeff Sugar jeffsu...@gmail.com wrote: What does this have to do with servers On Wed, Aug 26, 2009 at 5:29 AM, AJ King pcmaster...@hotmail.com wrote: I Know this may sound strange but has anyone had their steam client, erroring and closing when going on steam groups. When i go on them the content is right at the bottom of the page. | | | | | | | | | | | | | | SO ITS DOWN HERE INSTEAD OF UP THEIR _ Windows Live Messenger: Thanks for 10 great years—enjoy free winks and emoticons. http://clk.atdmt.com/UKM/go/157562755/direct/01/ ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
Re: [hlds] [TF2] Valve using their special weapons
You're all forgetting the easy solution, unlock the items interface and let anyone make items. On Tue, Sep 8, 2009 at 5:57 PM, Alec Sanger eclyp...@hotmail.com wrote: wat Thank you, Alec Sanger P: 248.941.3813 F: 313.286.8945 Date: Tue, 8 Sep 2009 19:50:16 -0400 From: mnk...@mnkras.com To: hlds@list.valvesoftware.com Subject: Re: [hlds] [TF2] Valve using their special weapons We are complaining about VALVe and the crappy weapons they made for themselves while saying that its unfair that they have an advantage over us normal people even though valve can do whatever they want as well... THEY MADE THE GAME Even if 100 people have valve weapons sooo Mnkras On Tue, Sep 8, 2009 at 5:14 PM, Tony Paloma drunkenf...@hotmail.com wrote: A-ha-ha. You may ignore my previous email questioning your intentions. -Original Message- From: hlds-boun...@list.valvesoftware.com [mailto: hlds-boun...@list.valvesoftware.com] On Behalf Of Kyle Sanderson Sent: Tuesday, September 08, 2009 2:11 PM To: Half-Life dedicated Win32 server mailing list Subject: Re: [hlds] [TF2] Valve using their special weapons Sorry, last time I had looked was when I had lost my Fireaxe due to idling once, that was when I saw a bunch of Valve employee's with the pimped out FireAxe's and other misc weapons on the 2nd. http://tf2items.com/profiles/76561197960563532 http://tf2items.com/profiles/76561197999842654 http://tf2items.com/profiles/76561197993060890 http://tf2items.com/profiles/76561197960434622 I apologize for my previous outburst as it was really uncalled for and not needed, Kyle. On Tue, Sep 8, 2009 at 1:51 PM, Alec Sanger eclyp...@hotmail.com wrote: The items that gave the special abilities actually had them listed - the one's that just say Special Attributes are the purely aesthetic ones that Robin was speaking of. Thank you, Alec Sanger P: 248.941.3813 F: 313.286.8945 From: kyle.l...@gmail.com Date: Tue, 8 Sep 2009 13:29:03 -0700 To: hlds@list.valvesoftware.com Subject: Re: [hlds] [TF2] Valve using their special weapons http://tf2items.com/profiles/76561197960435530 Really now? Maybe Robin should check his own backpack. Do some research about it Phillip and check what they're talking about/ actually doing. I'm sorry for being so damn cruel about it but come on, look! Kyle. On Tue, Sep 8, 2009 at 1:24 PM, Phillip Vector t...@mostdeadlygame.com wrote: Did you even read what they quoted? They weren't supposto have them and now that Robin knows about it, he's taking them away. I'd say that was a pretty resonable response to it. On Tue, Sep 8, 2009 at 1:18 PM, Kyle Sanderson kyle.l...@gmail.com wrote: This is quite ironic, almost every VALVe employee has the special VALVe guns (100% Crit, 15% speed, health, etc.) however they shitlist 5% of the community for running an external idler. Sounds like quite the plan I would like to see what you guys come up with next, Kyle. On Tue, Sep 8, 2009 at 12:40 PM, Alec Sanger eclyp...@hotmail.com wrote: Thanks for the update, robin! Thank you, Alec Sanger P: 248.941.3813 F: 313.286.8945 From: ro...@valvesoftware.com To: hlds@list.valvesoftware.com Date: Tue, 8 Sep 2009 12:32:09 -0700 Subject: Re: [hlds] [TF2] Valve using their special weapons Hi All. Our original usage of these was a couple of weeks ago, and lasted a day. It was mostly around testing the item system (they contain every positive attribute in the system). After that, we converted all the Valve weapons to be purely cosmetic. Unfortunately, unknown to us on the dev side, some of the non-TF2-team folks at Valve didn't get the memo, and gave themselves the broken items recently. We're removing these from everyone today, and removing the ability for folks to give these kinds of weapons to themselves in the future. Shouldn't happen again. (And if it somehow does, feel free to drop me an email at ro...@valvesoftware.com and let me know) Robin. -Original Message- From: hlds-boun...@list.valvesoftware.com [mailto: hlds-boun...@list.valvesoftware.com] On Behalf Of tgnwells Sent: Tuesday, September 08, 2009 6:55 AM To: Half-Life dedicated Win32 server mailing list Subject: Re: [hlds] [TF2] Valve using their special weapons Seems like a childish and unprofessional thing to do. So it was
[hlds] Source Engine Upload/Download POC
It seems the upload/download exploits aren't dead yet, and Valve didn't do a good job at patching them. A blacklist didn't work too well. Here is a serverplugin POC to upload and download files. It's fairly trivial to use: download_file cfg/server.cfg upload_file addons/serverplugin_sample.dll upload_file doesn't work in TF2, but download_file does. I'm told you can upload DLLs in Gmod and L4D2. Credit to Chrisaster and the rest of the Gmod scene. Codename Source Engine Suck Server Pwner in memory of nitro2o: http://dl.dropbox.com/u/759758/sourcenginesuck_serverowner.7z Source: http://azu.pastebin.com/m1cd1ab0b ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
Re: [hlds] Source Engine Upload/Download POC
Yes well you can ignore those fools. They like to vandalize my pastebin. On Sun, Nov 29, 2009 at 3:55 AM, cnu bsh...@broadpark.no wrote: On Sunday 29 November 2009 10:26:50 AzuiSleet wrote: Source: http://azu.pastebin.com/m1cd1ab0b You got some other interesting pastes here :p http://azu.pastebin.com/m483ef5a0 http://azu.pastebin.com/f32ff6903 ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
Re: [hlds] watch out lua script cheat available in CSS, may be all source game soon
Looking at those scripts, they aren't much different than what plagued GMod a while. It's mostly a bunch of scripts that run a console command a bunch (physics_budget) and some that run commands during the connect phase. In TF2 it was fixed and there are plenty of plugins to block console commands from NULL players, and it should be trivial to add a command like physics_budget to the list. On Mon, Feb 8, 2010 at 2:33 AM, raydan rayda...@gmail.com wrote: ( remove all _ , because google to powerful) from 3_r_d_e_r_a_._c_o_m that gay made a Lau script addon in CSS, it a public release, anyone can download it. And There are many lua client script released, like GunGrave cheat (youtube DaeynQK7pVA) that is a client side plugin and too new, VAC can't detect now. the L_S_S will more powerful, later may be able bypass or detour client dll in any source game. Player without any hard work, just know Lua script can cheating easily. Hope valve can look at that. ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
Re: [hlds] Plugin Loading on clients, enough is enough.
So consider Valve does disable clientside plugins, what will change? Absolutely nothing. All the cheaters will continue to use their cheats that don't rely on clientside plugins. Everyone else will use a network proxy, which can replication all the malicious exploits you're worried about. With a network proxy you just send net_SetConVar to force any cvar on the client. There's also the magic of the exploits in the netcode that aren't fixed, like net_StringCmd before you do any sign on, which is what the NULL player crash is. There's also the client disconnect control command, which is again being exploited by the lua clientside plugin, but is trivial to do with a network proxy. In the end Valve needs to fix the real exploits, which are the source of the issue, not disable a very useful feature. On Fri, Apr 2, 2010 at 8:22 PM, Charles Mabbott cmabb...@verizon.net wrote: --- Scott Highland wrote: Maybe you could explain why this whole list, and the company that runs it should all agree to completely remove the ability to incorporate modifications just because it would suit YOUR needs as an anti-cheat function to thwart the .3% of TF2 players that are abusing it in this fashion? That's a pretty self-centered way of thinking and kind of ridiculous, it's sad so many of you don't seem to see it this way. --- The only suggestion I have seen that seems appropriate is a server CVAR that forcefully unloads any non-valve released client plugins. (sv_pure extension could be pretty good, but has a couple of issues). Which would allow everyone a decent options. A CVAR was added to effectively disable Mic spam, remove the wait command from client scripts. Of which a very small portion of the population actually used, however, it only takes one aimbot to hop into a full server and empty it in a matter of minutes and does a number to the games overall population. How many games that made zero efforts against cheating and other aspects do you think hold an audience? That is what most of this discussion is about. A new threat is out there, all be it small at the moment, but might as well get the counter measures in place now. Some client side plugins are legitimate as I pointed out, and loosing those functions would be a hinderance to many players, but asking for Valve to give server ops an option to disallow client plugins on their servers isn't too much of a stretch since there is now a very public website and scripts that from what I read serve no purpose other than exploiting the game environment. Rather than having multiple parties code anti-cheat plugins, a bunch of server ops with something extra to worry about, it be a nice addition if Valve could give an option to server admins to disable non-valve released client plugin. I don't think that is an unreasonable thing to ask for if it's possible. I think the blanket removing of the feature entirely is a bit over the top myself. ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
Re: [hlds] CSS: Long disconnect messages crashing servers?
This particular exploit is a buffer overflow in the event message where the client can specify a disconnect message, and the server will serialize an event containing that message. There is an issue with the function that serializes the game event that causes a buffer overflow in the net message, and so it has to potential to crash other clients or make them receive commands from another player relayed through the server. On Mon, Apr 26, 2010 at 7:57 PM, Matt Lyons mly...@internode.com.au wrote: Ok after a bit more googling its a hack: http://www.youtube.com/watch?v=xsC8GtSWuyU If you parse or stream your log files for monitoring you should probably add a watch/event for these long disconnect messages as they are using a 3rd party program to do so. ML. On 27/04/2010, at 11:16 AM, Matt Lyons wrote: Over the last few days I've had a couple of my servers experience weird behaviour, pausing, restarting or outright crashing. Notes: - Servers are using the beta update from a few days ago. - Servers are using latest version of SM/Meta Mod running kac and rcon_lock - rcon TCP port is blocked and rcon password is secure (32 digits of random letters/numbers) - No crash dump - Log file cuts out mid stream. - Nothing obvious in the log files except for disconnect messages like the following: L 04/26/2010 - 16:30:28: Player Name]1260STEAM_0:X:XXXTERRORIST disconnected (reason SS) (Player name and steam ID removed to protect the guilty.) When such a log entry appears there are lots of comments straight after of server weirdness. I was just in one of my servers then when it restarted after the above message. Anyone else seen this? -- Matt Lyons Content Administrator, games.on.net Email: m...@games.on.net Web: http://games.on.net In theory, there is no difference between theory and practice; In practice, there is. ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
Re: [hlds] Garrysmod Servers and Invalid STEAM UserID Ticket
I took a quick look at that particular message, Invalid STEAM UserID Ticket, and it appears in the new engine it's ignored, but the general context is that there is an issue with Valve's ticket servers (although I can't think of why because the old auth protocol uses two ticket servers). If you're getting STEAM validation rejected then there is something to worry about with your server. On Sat, Jun 19, 2010 at 12:17 PM, Violent Crimes violentcri...@convictgaming.com wrote: I have the same issue actually I deleted the clientblob and still have the issue. Updated servers restarted it. Notta. On 6/19/2010 12:21 PM, ics wrote: Invalid steam userid ticket is clients fault that connects to the server. If the player deletes his ClientRegistry.blob from Steam folder, restarts steam, he is able to connect to a server anytime. Yes, it might be that some other server works when the player connects to it and not yours but the fault is in the player, not on the server you run. -ics 19.6.2010 16:59, AaRoNg11 kirjoitti: I've had this problem on and off for the last month or so with a dedicated server hosted on one of my machines. It usually works fine after I reboot the server for some weird reason. Might be an OS issue. On Sat, Jun 19, 2010 at 2:02 PM, adminad...@hl2land.net wrote: As of yesterday, all players connecting to garrysmod servers on one of my machines receive an invalid steam userid ticket error. Oddly enough, the servers connect to steam and the master servers successfully and TF2 and L4D2 servers appear to be unaffected. I've tried to rectify this by changing the ports and reinstalling the servers entirely but to no avail. ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds No virus found in this incoming message. Checked by AVG - www.avg.com Version: 9.0.829 / Virus Database: 271.1.1/2948 - Release Date: 06/19/10 02:35:00 ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds