Small Exploit Fix.

2

Comments

  • [WHO]Them[WHO]Them You can call me Dave Join Date: 2002-12-11 Member: 10593Members, Constellation
    <!--QuoteBegin--Brutus+Dec 20 2002, 05:56 AM--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> (Brutus @ Dec 20 2002, 05:56 AM)</td></tr><tr><td id='QUOTE'><!--QuoteEBegin-->Are all the other settings off by default on this spidermonkey plugin?<!--QuoteEnd--></td></tr></table><span class='postcolor'><!--QuoteEEnd-->
    there aren't any *settings*, like I've already mentioned twice, spidermonkey doesn't do ANYTHING on it's own, it only provides serverside commands. It doesn't alter the game in any way until you type one of the commands into the server console
  • dariendarien Join Date: 2002-11-01 Member: 1937Members
    edited December 2002
    I have a successful linux compile ready for download.

    <a href='http://chimayhem.com/files/bugfix.so' target='_blank'>http://chimayhem.com/files/bugfix.so</a>
    (right-click and save to disk if your browser displays it as text)

    For those suspicious types who want to compile their own:

    1. use unzip -a
    2. go into the src/dlls directory
    3. gcc -shared -I../includes -I../common -I../engine -I../metamod -o bugfix.so voogru_api.cpp dllapi.cpp h_export.cpp engine.cpp vutil.cpp

    You may get a few warnings, but it will compile and run from metamod as shown below:

    <!--c1--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>CODE</b> </td></tr><tr><td id='CODE'><!--ec1-->L 12/20/2002 - 14:53:06: [META] ini: Read plugin config for: <bugfix.so>
    L 12/20/2002 - 14:53:06: [VOOGRU] NS Commander Mode bugfix v1.00.00, 12/18/2002
    [VOOGRU] NS Commander Mode bugfix v1.00.00, 12/18/2002
    L 12/20/2002 - 14:53:06: [META] dll: Loaded plugin 'NS Commander Mode bugfix': NS Commander Mode bugfix v1.00.00 12/18/2002, voogru <voogru@voogru.com><!--c2--></td></tr></table><span class='postcolor'><!--ec2-->

    Whether or not it stops the hack, I have not been able to test.

    Many thanks to my buddy aphistic (I wish he would drop CS and come play with us) for helping with the compile.

    CHI MAYHEM NS
    ns.chimayhem.com
  • HtNickoliHtNickoli Join Date: 2002-11-24 Member: 9786Members
    Sup Darien.

    Added and tested your linux compile. Worked fine. Had a few idiots attempt it, and failed.
  • scottlscottl Join Date: 2002-12-20 Member: 11232Members
    Great job darien and voogru for this. Just to let you know darien the bugfix.so file wouldn't work for me so i re-compiled it with the command you posted and worked great. Just a little note to people if you attempt to re-compile it just get the 2nd download file the is on voogru's first post(the one from his game server, that has the metamod files in it) and just follow dariens commands. Works like a charm and no more marine exploit.... Great job guys!
  • TechwidTechwid Join Date: 2002-11-13 Member: 8440Members, Constellation
    :O
    Now if only every server admin would go install this :/
  • scottlscottl Join Date: 2002-12-20 Member: 11232Members
    Mines got it: 209.220.161.245:27015 , Come check it out. When it gets to just a few people sometimes we will go explore space a bit.. HEHE. Did you guys know you could just drop a phase in space and teleport into it. Lol. I just have that server up temp for now. after christmas im going to put in a dedicated box for that server to run off of. Ns seems pretty cool but you need to dedicate a box to it.
  • voogruvoogru Naturally Modified (ex. NS programmer) Join Date: 2002-10-31 Member: 1827Members, Retired Developer, NS1 Playtester, Contributor, Constellation
    edited December 2002
    <!--QuoteBegin--darien+Dec 20 2002, 04:05 PM--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> (darien @ Dec 20 2002, 04:05 PM)</td></tr><tr><td id='QUOTE'><!--QuoteEBegin-->I have a successful linux compile ready for download.

    <a href='http://chimayhem.com/files/bugfix.so' target='_blank'>http://chimayhem.com/files/bugfix.so</a>
    (right-click and save to disk if your browser displays it as text)

    For those suspicious types who want to compile their own:

    1. use unzip -a
    2. go into the src/dlls directory
    3. gcc -shared -I../includes -I../common -I../engine -I../metamod -o bugfix.so voogru_api.cpp dllapi.cpp h_export.cpp engine.cpp vutil.cpp

    You may get a few warnings, but it will compile and run from metamod as shown below:

    <!--c1--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>CODE</b> </td></tr><tr><td id='CODE'><!--ec1-->L 12/20/2002 - 14:53:06: [META] ini: Read plugin config for: <bugfix.so>
    L 12/20/2002 - 14:53:06: [VOOGRU] NS Commander Mode bugfix v1.00.00, 12/18/2002
    [VOOGRU] NS Commander Mode bugfix v1.00.00, 12/18/2002
    L 12/20/2002 - 14:53:06: [META] dll: Loaded plugin 'NS Commander Mode bugfix': NS Commander Mode bugfix v1.00.00 12/18/2002, voogru <voogru@voogru.com><!--c2--></td></tr></table><span class='postcolor'><!--ec2-->

    Whether or not it stops the hack, I have not been able to test.

    Many thanks to my buddy aphistic (I wish he would drop CS and come play with us) for helping with the compile.

    CHI MAYHEM NS
    ns.chimayhem.com<!--QuoteEnd--></td></tr></table><span class='postcolor'><!--QuoteEEnd-->
    Thank you! <!--emo&:D--><img src='http://www.unknownworlds.com/forums/html/emoticons/biggrin.gif' border='0' valign='absmiddle' alt='biggrin.gif'><!--endemo--> <!--emo&:D--><img src='http://www.unknownworlds.com/forums/html/emoticons/biggrin.gif' border='0' valign='absmiddle' alt='biggrin.gif'><!--endemo-->
  • GanjaGanja Join Date: 2002-11-26 Member: 10038Members
    /me points out that it is not a hack since hacking generally is changing or going around the code . . . thats just there
  • Lt_PredatorJ_LGSOLt_PredatorJ_LGSO Join Date: 2002-12-15 Member: 10851Members
    Call it whatever the hell you want , It's a cheat!!
  • BrutusBrutus Join Date: 2002-10-20 Member: 1555Members
    It's an exploit that people use to cheat. Your right, it is not hacking, it is cheating.
  • dariendarien Join Date: 2002-11-01 Member: 1937Members
    /me withdraws the word 'hack' from my previous post and replaces it with 'bug'

    I was anxious to get this fix into the hands of admins as quickly as possible, and so did not consult my thesaurus. I will attempt to be more prudent in the use of descriptive nouns in the future so as not to offend the benign 'hacker' community.

    8)
  • HannebambelHannebambel Join Date: 2002-11-02 Member: 5416Banned
    Must be very poor creatures who use such a **obscenity** to irritate other players.
  • RhoadsToNowhereRhoadsToNowhere i r 8 Join Date: 2002-01-24 Member: 33Members
    Well, until v1.04 is released this looks like the only way to keep lamers at bay, so to allow more server ops to see this...

    <b><span style='color:blue'>***PINNED***</span></b>
  • TechwidTechwid Join Date: 2002-11-13 Member: 8440Members, Constellation
    Awesome it got a pin <!--emo&:D--><img src='http://www.unknownworlds.com/forums/html/emoticons/biggrin.gif' border='0' valign='absmiddle' alt='biggrin.gif'><!--endemo-->
    It would be nice if admins who have successfully installed it on their servers and have this plugin running would post their ip address to their server like scottl did, so that we players know which servers to play on to avoid this bug.
  • [WHO]Them[WHO]Them You can call me Dave Join Date: 2002-12-11 Member: 10593Members, Constellation
    edited December 2002
    <!--QuoteBegin--Techwid+Dec 21 2002, 02:28 PM--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> (Techwid @ Dec 21 2002, 02:28 PM)</td></tr><tr><td id='QUOTE'><!--QuoteEBegin-->Awesome it got a pin <!--emo&:D--><img src='http://www.unknownworlds.com/forums/html/emoticons/biggrin.gif' border='0' valign='absmiddle' alt='biggrin.gif'><!--endemo-->
    It would be nice if admins who have successfully installed it on their servers and have this plugin running would post their ip address to their server like scottl did, so that we players know which servers to play on to avoid this bug.<!--QuoteEnd--></td></tr></table><span class='postcolor'><!--QuoteEEnd-->
    i dunno if the bugfix does anything like this, but spidermonkey registers a cvar with it's version (the cvar is specifically named "spidermonkey"), so u can run a filter on your games to see if they're running 0.82, if so, you're guaranteed that they have the fix <!--emo&:p--><img src='http://www.unknownworlds.com/forums/html/emoticons/tounge.gif' border='0' valign='absmiddle' alt='tounge.gif'><!--endemo-->

    here's the all seeing eye filter i use personally

    1 if servertype != "HL" remove
    2 if spidermonkey == "0.82" goto 4
    3 remove

    on the downside, it looks like there are only about 12 servers out there that think spidermonkey isnt dog **obscenity** in a shoebox :/
  • BrutusBrutus Join Date: 2002-10-20 Member: 1555Members
    edited December 2002
    I tried using it, but my server started crashing, so I had to remove it. We always seem to have an admin or 3 on, so we can deal with this.

    Edit: Wanted to add that it 'seems' to be crashing more since I added it, could just be that I messed something up.
  • voogruvoogru Naturally Modified (ex. NS programmer) Join Date: 2002-10-31 Member: 1827Members, Retired Developer, NS1 Playtester, Contributor, Constellation
    Which DLL/SO are you talking about? Mine or Spidermonkey?
  • SuicideDogSuicideDog Join Date: 2002-11-10 Member: 8104Members
    I'm running spidermonkey on my linux box.. no problems what so ever.
  • BrutusBrutus Join Date: 2002-10-20 Member: 1555Members
  • BrutusBrutus Join Date: 2002-10-20 Member: 1555Members
    After looking at it, it wasn't Spiders, but the bugfix.so that was compiled for Linux.
  • GreyFish2GreyFish2 Join Date: 2002-12-30 Member: 11590Members
    (I've got a linux server, but there must be text file search tools for windows, cygwin comes with grep)

    If you want to find people who have exploited this bug you can search your logs like this:

    <!--c1--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>CODE</b> </td></tr><tr><td id='CODE'><!--ec1-->
    cd logs
    grep "alien.*changed role to \"Soldier\"" *
    <!--c2--></td></tr></table><span class='postcolor'><!--ec2-->

    and it will list all the alien players who have used the alien -> marine
    exploit so you can then ban them...

    I've currently had (i've only included one line):

    <!--c1--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>CODE</b> </td></tr><tr><td id='CODE'><!--ec1-->
    L 12/29/2002 - 21:50:16: "F.Fighter > DangerForce<97><1158264><alien1team>" changed role to "Soldier"
    L 12/29/2002 - 22:31:59: "Existence<103><1569896><alien1team>" changed role to "Soldier"
    L 12/30/2002 - 04:28:00: "Aurora<170><1975399><alien1team>" changed role to "Soldier"
    L 12/30/2002 - 04:29:28: "WaNnAbE<156><2162647><alien1team>" changed role to "Soldier"
    <!--c2--></td></tr></table><span class='postcolor'><!--ec2-->

    I'm using these loging settings in my server.cfg:

    <!--c1--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>CODE</b> </td></tr><tr><td id='CODE'><!--ec1-->
    mp_logdetail 1
    mp_logfile 1
    mp_logmessages 1
    mp_logecho 1
    log on
    logsdir logs
    <!--c2--></td></tr></table><span class='postcolor'><!--ec2-->
  • cracker_jackmaccracker_jackmac Join Date: 2002-11-04 Member: 6891Members, Constellation, Reinforced - Shadow
    <!--QuoteBegin--GreyFish2+Dec 30 2002, 10:42 AM--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> (GreyFish2 @ Dec 30 2002, 10:42 AM)</td></tr><tr><td id='QUOTE'><!--QuoteEBegin-->(I've got a linux server, but there must be text file search tools for windows, cygwin comes with grep)

    If you want to find people who have exploited this bug you can search your logs like this:

    <!--c1--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>CODE</b> </td></tr><tr><td id='CODE'><!--ec1-->
    cd logs
    grep "alien.*changed role to \"Soldier\"" *
    <!--c2--></td></tr></table><span class='postcolor'><!--ec2-->

    and it will list all the alien players who have used the alien -> marine
    exploit so you can then ban them...

    I've currently had (i've only included one line):

    <!--c1--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>CODE</b> </td></tr><tr><td id='CODE'><!--ec1-->
    L 12/29/2002 - 21:50:16: "F.Fighter > DangerForce<97><1158264><alien1team>" changed role to "Soldier"
    L 12/29/2002 - 22:31:59: "Existence<103><1569896><alien1team>" changed role to "Soldier"
    L 12/30/2002 - 04:28:00: "Aurora<170><1975399><alien1team>" changed role to "Soldier"
    L 12/30/2002 - 04:29:28: "WaNnAbE<156><2162647><alien1team>" changed role to "Soldier"
    <!--c2--></td></tr></table><span class='postcolor'><!--ec2-->

    I'm using these loging settings in my server.cfg:

    <!--c1--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>CODE</b> </td></tr><tr><td id='CODE'><!--ec1-->
    mp_logdetail 1
    mp_logfile 1
    mp_logmessages 1
    mp_logecho 1
    log on
    logsdir logs
    <!--c2--></td></tr></table><span class='postcolor'><!--ec2--><!--QuoteEnd--></td></tr></table><span class='postcolor'><!--QuoteEEnd-->
    sounds like this would work great with logD..

    *starts reading code*
  • GoleXGoleX Join Date: 2002-11-07 Member: 7681Members
    This fix has been running fine on my Linux box as soon as someone posted the linux compiled .so version of it. The IP and details are in my sig.
  • cracker_jackmaccracker_jackmac Join Date: 2002-11-04 Member: 6891Members, Constellation, Reinforced - Shadow
    doh, i missed that post......these forums are down so much its hard to know what i've missed sometimes.
  • voogruvoogru Naturally Modified (ex. NS programmer) Join Date: 2002-10-31 Member: 1827Members, Retired Developer, NS1 Playtester, Contributor, Constellation
    <!--QuoteBegin--cracker jackmac+Dec 30 2002, 11:02 AM--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> (cracker jackmac @ Dec 30 2002, 11:02 AM)</td></tr><tr><td id='QUOTE'><!--QuoteEBegin--><!--QuoteBegin--GreyFish2+Dec 30 2002, 10:42 AM--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> (GreyFish2 @ Dec 30 2002, 10:42 AM)</td></tr><tr><td id='QUOTE'><!--QuoteEBegin-->(I've got a linux server, but there must be text file search tools for windows, cygwin comes with grep)

    If you want to find people who have exploited this bug you can search your logs like this:

    <!--c1--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>CODE</b> </td></tr><tr><td id='CODE'><!--ec1-->
    cd logs
    grep "alien.*changed role to \"Soldier\"" *
    <!--c2--></td></tr></table><span class='postcolor'><!--ec2-->

    and it will list all the alien players who have used the alien -> marine
    exploit so you can then ban them...

    I've currently had (i've only included one line):

    <!--c1--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>CODE</b> </td></tr><tr><td id='CODE'><!--ec1-->
    L 12/29/2002 - 21:50:16: "F.Fighter > DangerForce<97><1158264><alien1team>" changed role to "Soldier"
    L 12/29/2002 - 22:31:59: "Existence<103><1569896><alien1team>" changed role to "Soldier"
    L 12/30/2002 - 04:28:00: "Aurora<170><1975399><alien1team>" changed role to "Soldier"
    L 12/30/2002 - 04:29:28: "WaNnAbE<156><2162647><alien1team>" changed role to "Soldier"
    <!--c2--></td></tr></table><span class='postcolor'><!--ec2-->

    I'm using these loging settings in my server.cfg:

    <!--c1--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>CODE</b> </td></tr><tr><td id='CODE'><!--ec1-->
    mp_logdetail 1
    mp_logfile 1
    mp_logmessages 1
    mp_logecho 1
    log on
    logsdir logs
    <!--c2--></td></tr></table><span class='postcolor'><!--ec2--><!--QuoteEnd--></td></tr></table><span class='postcolor'><!--QuoteEEnd-->
    sounds like this would work great with logD..

    *starts reading code*<!--QuoteEnd--></td></tr></table><span class='postcolor'><!--QuoteEEnd-->
    Yea, LogD could detect it and kick players, but im more for preventing it in the first place.
  • EvilGrinEvilGrin Join Date: 2002-11-04 Member: 6851Members
    <!--QuoteBegin--voogru+Dec 30 2002, 07:33 PM--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> (voogru @ Dec 30 2002, 07:33 PM)</td></tr><tr><td id='QUOTE'><!--QuoteEBegin-->
    Yea, LogD could detect it and kick players, but im more for preventing it in the first place.<!--QuoteEnd--></td></tr></table><span class='postcolor'><!--QuoteEEnd-->
    I'm more for watching people who exploit explode in a shower of gibs. <!--emo&:D--><img src='http://www.unknownworlds.com/forums/html/emoticons/biggrin.gif' border='0' valign='absmiddle' alt='biggrin.gif'><!--endemo-->
  • cracker_jackmaccracker_jackmac Join Date: 2002-11-04 Member: 6891Members, Constellation, Reinforced - Shadow
    <!--QuoteBegin--EvilGrin+Dec 30 2002, 08:49 PM--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> (EvilGrin @ Dec 30 2002, 08:49 PM)</td></tr><tr><td id='QUOTE'><!--QuoteEBegin--><!--QuoteBegin--voogru+Dec 30 2002, 07:33 PM--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> (voogru @ Dec 30 2002, 07:33 PM)</td></tr><tr><td id='QUOTE'><!--QuoteEBegin-->
    Yea, LogD could detect it and kick players, but im more for preventing it in the first place.<!--QuoteEnd--></td></tr></table><span class='postcolor'><!--QuoteEEnd-->
    I'm more for watching people who exploit explode in a shower of gibs. <!--emo&:D--><img src='http://www.unknownworlds.com/forums/html/emoticons/biggrin.gif' border='0' valign='absmiddle' alt='biggrin.gif'><!--endemo--><!--QuoteEnd--></td></tr></table><span class='postcolor'><!--QuoteEEnd-->
    LOL wouldn't it be great if then changed like that to just explode?! LOL

    everytime they do it *pop* like a <!--emo&::siege::--><img src='http://www.unknownworlds.com/forums/html/emoticons/siege.gif' border='0' valign='absmiddle' alt='siege.gif'><!--endemo--> to a <!--emo&::gorge::--><img src='http://www.unknownworlds.com/forums/html/emoticons/pudgy.gif' border='0' valign='absmiddle' alt='pudgy.gif'><!--endemo-->

    omg, i 'm sooo going to code that now.
  • CestusCestus Join Date: 2002-12-31 Member: 11687Members
    Heh, it would be great to key an admin_slay in reaction to the exploit <!--emo&:)--><img src='http://www.unknownworlds.com/forums/html/emoticons/smile.gif' border='0' valign='absmiddle' alt='smile.gif'><!--endemo--> That's certainly messy.
  • EvilGrinEvilGrin Join Date: 2002-11-04 Member: 6851Members
    <!--QuoteBegin--Cestus+Jan 1 2003, 12:26 AM--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> (Cestus @ Jan 1 2003, 12:26 AM)</td></tr><tr><td id='QUOTE'><!--QuoteEBegin-->Heh, it would be great to key an admin_slay in reaction to the exploit <!--emo&:)--><img src='http://www.unknownworlds.com/forums/html/emoticons/smile.gif' border='0' valign='absmiddle' alt='smile.gif'><!--endemo--> That's certainly messy.<!--QuoteEnd--></td></tr></table><span class='postcolor'><!--QuoteEEnd-->
    half coded it.. stay posted <!--emo&:)--><img src='http://www.unknownworlds.com/forums/html/emoticons/smile.gif' border='0' valign='absmiddle' alt='smile.gif'><!--endemo-->
  • scottlscottl Join Date: 2002-12-20 Member: 11232Members
    Curious: The admin_slay, will you need to have adminmod running for the bug -> slayed?
Sign In or Register to comment.