Hey,
I have found an exploit in a darkrp drug plugin like 3 months ago. Unfortunately it still isn't fixed and the plugin is still being used on many servers.
The exploit allows you to remove player entities (possibly all entities) on the server. Removing a player causes the player to crash and therefore this exploit
can be abused to crash entire servers. This might've been posted on facepunch already, but a really quick search didnt show anything.
This is the code that is exploitable:
[CODE]
net.Start("SellPlant")
net.WriteEntity(self)
net.SendToServer()
[/CODE]
I can only imagine the serverside code to be something like this:
[CODE]net.Receive("SellPlant", function(len, ply)
local ent = net.ReadEntity()
ent:Remove()
...
end)[/CODE]
Obviously it is missing the check whether or not the entity is an actual plant.
I want this addon to be gone or atleast be fixed very soon.
Now I know this will probably abused a lot but I just don't see any other way of getting rid of stupid shit like this.
syl0r
Looks like this: [url]http://coderhire.com/browse/script/843/darkrp-weed-plant[/url]
(I'm pretty certain)
This is a good example of a scenario where adequate serverside verification is necessary.
It astounds me how the creator failed to at least add a simple entity class check.
Never trust the client
Cool exploit
[highlight](User was banned for this post ("why reply/please check post dates!" - NiandraLades))[/highlight]
Sorry, you need to Log In to post a reply to this thread.
