PAC3 (or other?) exploit - mass-spamming HL2 citadel effects

Sorry if the title is a little vague. This isn’t particularly Lua-related, so I didn’t posted it in the dev. discussion.

This is rather hard to describe, but essentially clients have been connecting to my server and using PAC (I believe) to spawn in a ton of what I think are citadel effects
(either **models/props_combine/combine_citadel001b.mdl **or models/props_combine/combine_citadel001b_open.mdl) in a somewhat concentrated area.

Clients reported that everything became invisible, so this is probably causing the CUtlLinkedList error at Coincidentally, thergb93’s example specifically uses citadels to trigger it. (I should note that clientside Lua is disabled.)

A set of 3 clients did this back in September and I forgot about it. However, someone today did it again (screenshot below), which finally motivated me to look for more info. Each incident has been identical, which leads me to believe someone has made it publicly available (e.g., via Dropbox).

My reasons for believing this is being done via PAC are that:

  1. Nothing is showing up in my logs (I record anything that runs PLAYER:AddCount, CanTool, PlayerSpawned*, undo.Finish, cleanup.Add, etc. but **not **anything PAC related beyond projectiles)
  2. The citadels are being spawned in very quick succession (identical to how PAC spawns in parts sequentially over a short period of time)
  3. Kicking the offenders appears to automatically remove the effects (same occurs for PAC outfits)

I haven’t been able to find any information about this at all, so I just want to know if anyone else has seen this occur on their sever and if they know how it’s being done.

tl;dr - several people over several months have identically spawned in a massive amount of citadel effects; it’s not from duplicator/advdupe/advdupe2/e2/expadv2 because it would certainly be logged; there are apparently no other reported incidents of this happening.

  • Also, I say citadel effects, but the effect rings aren’t actually drawn. This leads me further to believe it is being done via PAC.

could you ban those props/effects via FPP?

Im not familiar with PAC and if FPP would actually work

I don’t use FPP – everything is custom written.

Detour ents.Create and call debug.Trace()
Or do the same for Entity.SetModel and debug.Trace() only if it is called with a certain model.