Player is arming a dupe. - Developers

Alright, so lately a server i develop for has been encountering an issue... Everything could be running absolutely fine, but all of a sudden the server console will just stop, with the last message being Player [number][player_name] is arming a dupe. When this happens, the entire server displays the red message on the top right and freezes, causing a majority of the playerbase to disconnect from the server and not all of them disconnect by choice. Now, it appears to be a different player each time, but due to me thinking it's somebody using some form of exploit or ddos or something along the lines of attacking us and the server, it could always be an alt account. Previous times this has happened the player seems to usually have a VAC ban on their steam account, but of course this is just suspicion and I can't definitely confirm that this is what it is. Obviously, because it says the word dupe in the message, I thought it would be wise to mention that the dupe toolgun is restricted, as far as I believe. I was hoping someone could shed some light upon this. I've only found one other post about the issue, and it was never resolved there. Any information about this would be absolutely great, thanks for reading

This is a exploit. Let me dig that shit up REAL quick.

Quoted from drizzy on discord There is currently a crash issue with Duplicator. If you have Duplicator (the normal sandbox one NOT Advanced Dupe) on your server, then people can crash it. We have 3 solutions you can use to fix this now: First option (If you need Duplicator) If you'd like, you can use this script which attempts to address the issue by validating json before converting it to a table: https://owo.whats-th.is/66796d.txt (creds to https://github.com/amussey/lua-json-validator) Second option (If you don't need Duplicator) Alternatively, if you don't need dupe, I advise you use this script, which will fix the issue in a different way, by disabling the net message that duplicator uses the vulnerable function in: https://owo.whats-th.is/3967fe.txt Third option (If you want to remove the tool entirely from your server - steam updates will restore the tool.) If you want to remove the tool entirely, you can go into the gamemodes/sandbox/entities/weapons/gmod_tool/stools folder & remove the duplicator.lua file and the duplicator folder. Technical breakdown: The crash issue itself lies with util.JSONToTable - the first script attempts to validate the json before converting it to a table. This should fix the crash issues. It's hard to say for sure if this is totally reliable, but I think it works. Ideally the second or third options are more reliable

Thank youuu!!!! I can't really tell for a while, as to whether it worked but I just went with the third option. Thanks for helping