The history of an exploit

[begin true story]
Aluigi posts an exploit in file uploading on his site, uses hardcoded bitstreams to send a blank file to the server.
People look deeply into it and discover an sdk function named INetCanmel->RequestFile and ->SendFile,wonder why the functions are serverside but work fine on the client
The discovery is kept secret for almost 6/7 months, used publically by Chrisaster
Chrisaster receives a bad name
Azuisleet posts an advisory on the hl2 developer mailing list
The script is leaked to a small group of people
The script is overused and was put on Valve’s top priority list
Laucorp steals and leaks some gamemodes
Valve releases a patch to all source games disallowing file upload/download… We thought
Aluigi releases a new post to his site stating that the exploit has not been fixed completely
Chrisaster / Azuisleet ponder for about a month for a solution
Chrisaster does some reverse engineering and discovers that the patch only blacklists some extensions on the server and client
Chrisaster works in private
Chrisaster discovers that you can bypass the clientside check by rewriting the file transfer assembly code
Chrisaster works more on bypassing serverside checks
Chrisaster discovers that the expression used to check a valid file can be bypassed by adding a period and three spaces to the end of the filepath
Chrisaster vows never to give out his discovery
Chrisaster uses his new exploit secretively, does not attract attention
Chrisaster gives the exploit to Azuisleet, the source is still secret
A user named Fish tells Azuisleet he has the exploit figured out
Fish is discovered later to be a fake
More secret hacks take place
Azuisleet alerts popular servers of an outbreak that needs to happen
Popular servers put up defences
Azuisleet posts the exploit on the hl2 mailing list in order to create an outbreak to catch attention of Valve
Chrisaster creates gm_INetChannel.dll, posts on FP
Chrisaster posts PoC on Facepunch with a link to Azu’s post
People discover post
Hilarity ensues
[/true story]

This actually took place and is everything I know about this exploit from start to finish in cronological order.
Some things may be off because I only know what I am told or figure out myself.


Yes indeed.
Very interesting.

Im happy to make a place in history

No history about several DarkRP servers being blown up? (Then again, that SHOULD be given.)

Eh, well, at least everything is cleared up now though. Thanks.

But Azuisleet probably did the right thing, whether it caused people to go into panic mode or not. It’s a great way to get fat Valve to do something.


My server (as in I don’t own it I just play there alot) Has had to shut down becuase of the outbreak.

[Lif] Has been hacked so many times.
We have been exploded,tuanted,and made ourselves look like complet assholes

On our sled build server he made it were we can’t move props and Posted furry porn on the MOTD

Also we are not a stupid DarkRp server we are a commited Tacoscript server.

Act cool some more please.

And, this thread is sad. I wouldn’t be surprised if some if not all of this was a load of BS thought up in an attempt to make you sound cool.

The fact that you even post HEARSAY is ridiculous. I doubt very much that all of this drama would happen over something so small; the only reason you think it’s so important is because people like this stir it up and make a boiling pot of fuss for all the DarkRP server owners to PMS about.

As far as the meme goes, pics or it didn’t happen.

It’s true, I’ve been following this for quite awhile. Please don’t start flaming someone when you don’t know if it actually happened or not.


I’ll post some sourcecode of the development of this when I get home. There’s your pics, it did happen.


In terms an average person can understand, you either believe my true story or you don’t. If you don’t, keep your comments to yourself please.

If the POC was released on 19 Aug 2009, how did the discovery stay secret for almost 6/7 months?

“Files uploading vulnerabilities in the Source engine (build 3933 and 3950)
Half-Life 2, Counter-Strike Source, OrangeBox, Team Fortress 2, Left 4 Dead, …
19 Aug 2009: english - PoC - PoC_LAN - sourceupfile”

I apparently know more than you :hurr:

Because only a limited number of people in the GMod community can actually figure this out, and they tend to be fame whores.

Except when it gets out and VALVe is notified, then it was everyone but them.

Things were happening for quite awhile. As I said, things may not be perfect, but all of those events took place, some maybe before or after others. I typed it at 1:00 at night on an iPhone for people who may have wanted to read it. I did not intend for someone to come here and tell me what I know is wrong.

So where is Chrisaster now?

Link to aluigi’s post
INetChannel.h’s functions
Fish’s original chat with Azuisleet
Chrisaster reverse engineers the assembly code
Azuisleet posts on mailing list
Source of the exploit


Just hanging out.

Lol’d at outcome.

I was there. I told the guy how, sorry about that :S.


AngrychairR: You’re a retarded troll.


To fix your server if you already didn’t figure it out, remove lua/autorun/motd.lua.

You numpty, don’t go telling everyone how to do the exploit as it just makes the problem worse, Valve are aware of it now, all we have to do is wait.

This thread dramatizes what really happened. Everything I did was independent of ************

The real story:
aluigi posts POC.
ComWalk investigates SDK headers and finds RequestFile/SendFile.
Both of us created some modules and used it for a while.
Nothing happened for a long time, there was a Valve patch.
Fish social engineers me to get some information.
Chrisaster acts on this information and eventually finds you can use ". "
It was eventually used on my server triggering me to create the POC and release it.

Chrisaster with a period after it is a filtered word.

All I took out of that log was CreateFragmentsFromFile.

Whoever keeps putting furry motds on every server, stop :stuck_out_tongue:

You forgot the part where Exiled steals the perp gamode lol and all the hacking that went down for that week of epic fun!!