[PSA] Prop spawning exploit

A user named “cdriza” (STEAM_0:0:136834592) (/id/cdriza) joined one of my servers today and started spamming props, but when I went to him in-game there were no props around him but my servers console was a shitshow, about 100~ props every .5 seconds. I just assumed it was just something bypassing my garbage prop limit (not default sandbox prop limiter), but when I tried to clean up all ents the server was still lagging like crazy, and when I checked ents registered to him there were 0. None. But the console was being spammed with logs of how he was spawning tons of props (model was models/props_wasteland/kitchen_stove002a.mdl), eventually I just banned him after many attempts to get rid of the props, even after I cleared all disconnected players props the server was still lagging so I just restarted it. I was interested in how he did this so I checked his command logs and I found something quite interesting, he was using a second argument in gm_spawn (__), and upon further research I have noted this has to be a number, but it isn’t typechecked. This makes them invalid ents, unable to be cleaned up but still lagging the server. If anyone wants the full command this is it: gm_spawn models/props_wasteland/kitchen_stove002a.mdl __

Command log:


gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
gm_spawn models/props_wasteland/kitchen_stove002a.mdl __
~5k more entries of this

So yeah, this should probably be fixed.

[editline]20th July 2015[/editline]

Found out complete reason, argument #2 is supposed to be the skin number and it doesn’t typecheck it.


function CCSpawn( player, command, arguments )

	if ( arguments[ 1 ] == nil ) then return end
	if ( !gamemode.Call( "PlayerSpawnObject", player, arguments[ 1 ], arguments[ 2 ] ) ) then return end
	if ( !util.IsValidModel( arguments[ 1 ] ) ) then return end

	local iSkin = arguments[ 2 ] or 0
	local strBody = arguments[ 3 ] or nil

	if ( util.IsValidProp( arguments[ 1 ] ) ) then 
	
		GMODSpawnProp( player, arguments[ 1 ], iSkin, strBody )
		return
	
	end

	if ( util.IsValidRagdoll( arguments[ 1 ] ) ) then 
	
		GMODSpawnRagdoll( player, arguments[ 1 ], iSkin, strBody )
		return
	
	end

	-- Not a ragdoll or prop.. must be an 'effect' - spawn it as one
	GMODSpawnEffect( player, arguments[ 1 ], iSkin, strBody )

end

garry pls


local iSkin = arguments[ 2 ] or 0

Nice find. I feel like it would have been better to just post this to Github in an issue or a PR though. Also, I know cdriza is a shitbird but I’m not sure if you’re him or you just really enjoy slandering him at this point.

Ninja’d.

Thanks!

Cdriza is the community retard, dont take it personally

It was fun while it lasted.

[editline]20th July 2015[/editline]

Majority of propkillers already knew about this for a long while now

ok

do you seriously call yourselves propkillers, man that’s edgy

not really?

there are people that call themselves “professional propkillers”, that’s pretty edgy


(User was permabanned for this post ("Alt of perma'd user" - NiandraLades))

And there are people who worship propkilling…

This is not good at all.

[editline]21st July 2015[/editline]

That isn’t true. Don’t troll…

[editline]21st July 2015[/editline]

This does require skill actually ,my video. It’s not “edgy” at all. It’s like calling someone a professional bhopper or a professional builder. Just with propkilling.

Another video by shim
[video]www.youtube.com/watch?v=8VsL2oUc1lw[/video]

I can watch this all the day…

how isn’t cdriza the community retard? all he does is spam shitty memes whenever he posts on here and fucks with people using stupid shit like this.

The guy that calls himself “cdriza” is pretty e
oh wait, that’s you reporting your own “exploits” -,-

STOP TALKING ABOUT PROP KILLING

prop killing is a serious talent… it’s an art.

https://4st.me/jCPM9.png

Pls cdriza…PLS.

EDIT: I spelled his name wrong oops.

Not when you have clientside modifications doing it for you, which is exactly what everyone who calls themselves good propkillers do.

“Doing it for you”. Okay subscibe to falcos utlities and come on the PK server. I bet you wouldn’t last a minute!

The only “modifications” that are used are ESP and Wallhack. This is because propkilling is extremely fast paced and if you try to play a propkill 1v1 without them then you will not know where the enemy is because people are surfing up to 3000-4000 velocity (default noclip speed is 1500).

Lots of gamemodes have radars/huds to tell you where players are actually. It’s not “doing it for you” at all. It still requires skill to aim, surf, and do everything with props its just that you can see where everyone is on the map and where the props are on the map…

Compare it to the radars/huds but everyone likes to use their own thing so they made propkilling allow clienside scripts so you can choose your own xray or better - make your own!

Try to keep track of the enemy in this video and you will see it’s even hard with an ESP/wallhack…

Now imagine it without a esp/wallhac... Impossible...

OK back on topic I doubt it was Cdriza it’s probably not Cdriza at all.