[DarkRP] Exploit to spawn blacklisted props [Fix]

Hello guys,

Recently there has been a exploit which lets you spawn blacklisted props, this can get very bad very quickly.

This is a black listed prop:

replace it with:

Use the command to be able to spawn it:

Fix for this exploit:

Note: I only explained the exploit just in case someone wanted to fix it another way, if people think this is me releasing the exploit then I will remove how to do it.

This exploit is fixed in 2.5.0 however most servers run on 2.4.X

Credit to Rainbow Dash for creating a fix and possibly finding this exploit.

yeah dude it’s not like there’s a way to bypass the patch implemented in 2.5.0 or anything

Kinda a newb to this, but where would I put the fix?

Just update your DarkRP.

Figured it out - if anyone doesn’t want to update there dark rp just drop it in the init.lua file and it should work.

I’m kinda a noob at this, and How do you spawn the large_gate thing? I really would appreciate it if someone would help me. :smiley:

[editline]18th November 2013[/editline]


I’m very sorry to bump this thread, but I believe I do deserve credit considering it’s my code…


What is really the point of giving credit? I understand you did fix this but I was simply just spreading it to this forum I never claimed saying I was the creator and I should get all the credit. Just for the sake of it I’ll give you credit. Even though it’s quite pointless.

Sorry, I just feel like you were claiming it as your own, it’s quite frustrating because a lot of communities have been doing it, the code is actually part of my anti-cheat and I was nice enough to share it!

Lets take this 13 year old admin for example:

A better fix would actually have been to check if the model is valid via util.IsValidModel. Prevents any possible further string exploits.

Edit: Are you sure that it’s fixed in 2.5.0? I’ve done a quick swoop over it and I can’t see anything that would prevent such a case either. In fact I can actually replicate it no problem on a local server.
Edit: Nevermind, I see what’s done.