GMod server crash in seconds exploit (jeep exploit is back)

Here, have fun, fix it if you want.


EDIT: rope must be rigid

Uh, I tried this in singleplayer and it did nothing. Can you list out the steps in text?

Right… spell it out for the people so they can crash servers.

Yes, so let us let this video sit here ambiguously and don’t fix the issue. Exploits get made public, they get fixed, get over it.

You don’t make exploits public, you send them to the developers… that’s how they get fixed.

This just spreads them.

Send them in a PM to a moderator or a developer that knows one of the folks that can get it fixed. The tinkerers on here can’t do anything with it except try to figure it out. Which just gives it more attention and keeps it readily accessible at the top of the forum and doesn’t actually RESOLVE anything.

This is not malicious and cannot be used to get personal information. Maybe he didn’t know how to contact a dev. You want to fix this on your own server? Clamp rope_addlength in the STool, but so far, this is looking like a specific server issue since I followed his exact steps and it didn’t work.

Ummm… huh? An exploit is a bug that’s abused. What would that have to do with personal information? You lost me there.

This is not major. A major exploit would be one that is illigal or can cause serious damage: this being made public is really not some huge concern.

Wow, the self import here is stifling.

It’s obvious I’m not going to get through to you on how this should have been handled. Thanks for all you do to spread exploits that crash our servers :goodjob:

You might want to check the name of the OP again, because it’s not code_gs, sorry to break it to you.



Correct me if I’m wrong, don’t you also help out with updates for gmod?

I make pull requests, but I’m not an employee of Facepunch.

It’s proven time and time again the more an exploit is known the quicker it’s fixed.

This is a fact that won’t change in the general world of security/bugs etc. Get used to it.

I didn’t even see this post until now. Report issues the game has properly in the future:

If you worked in it security you’d know that public disclosure is one of the best methods to get exploits fixed quickly.

Although serious exploits should be disclosed to developers so they have a reasonable amount of time to solve the issue.

Big companies (Google, Microsoft, etc.) use the following simple tactic. When Google finds an exploit in Microsoft code, they first disclose it privately. After a reasonable amount of time (defined in policy), they publish the exploit, regardless of whether it was fixed.

This can’t be performed in darkrp though which is the only type of server I want to crash :v:

For major security compromises, sure. These are usually things that would leak a large company’s user database though, something that would affect tens of thousands of people. A crash in a game already plagued by crashes is hardly worth withholding.

Not like it matters, vphysics crashes can’t really be stopped. Thanks Valve.

Because you are not on a server. :goodjob: