anti crasher - Printable Version

+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Scripting and Plugins (https://sampforum.blast.hk/forumdisplay.php?fid=8)
+--- Forum: Scripting Help (https://sampforum.blast.hk/forumdisplay.php?fid=12)
+--- Thread: anti crasher (/showthread.php?tid=658346)

---

anti crasher - DeMoo - 02.09.2018

this is crasher source, anyone know how it working? and how can i make anti cheat for this crasher?

---

Re: anti crasher - DeMoo - 03.09.2018

anyone?

---

Re: anti crasher - Dayrion - 03.09.2018

This is the same as ApplyAnimation.
You can only intercept RPC but I don't know if that possible to read it to pass some tests and check if everything is fine.

---

Re: anti crasher - Whale - 04.09.2018

This exploit is being used in many servers now. any Possible patch?

---

Re: anti crasher - ShihabSoft - 04.09.2018

Not sure of how it works, mostly it looks like the old animation crasher, which sends invalid animation index to other players to be synced and the players without anticrasher.cs would crash.

If you've the full source, feel free to PM me I will take a deep look.

---

Re: anti crasher - J0sh... - 04.09.2018

That is the full source.
Animation stuff (iirc) in ID_FOOT_SYNC are being sent 0x07fc00000 (2143289344) not sure why such protection has not been added yet.

---

Re: anti crasher - Sew_Sumi - 04.09.2018

Why'd you think it was a good idea to post the source of this?



This is wonderful for those who now want to crash servers........ SMH...


How has this stayed up for so long and not been pulled, or thought about....

---

Re: anti crasher - Whale - 04.09.2018

Yes, Remove the threads ,Dont Provide a patch. let the server owners deal with this exploit themselves.

---

Re: anti crasher - Sew_Sumi - 05.09.2018

You do realize that if you post an exploit up on ANY dev forum YOU DON'T POST THE EXPLOIT SOURCE IN YOUR REPORT.......



Jesus, do you guys actually think at all?

Nothing to do with removing the thread, it's the fucking sourcxe code which is obviously something which is causing issue, which is now posted...



Thanks guys, for SPREADING the problem and making it so EVERY script kiddie and their mongrel dog, can pick up this shit, and start fucking over all your servers.



Like, seriously... Do you advertise to your neighbourhood that your side door lock is broken, and let all and sundry know, or do you get it fixed?


You get it fixed, because if you tell everyone, you'll end up being ripped off.....





If you think that posting the source is fine, then I'm thinking that you're a complete retard.


Hey, lets not remove the thread, or the source and see how much more your server will crash thanks to the above who posted the source code of the crasher....

Wonderful idiocy there...


And to be clear...

I'm not an advocate for removing the thread, I'm an advocate for not posting source code for exploits so that every idiot can get it and use it.

All I'd have liked to have had is someone think if it was wise to even post it, as even if there are people who aren't being affected, now, if anyone doesn't like a server themselves, the tools provided in here, make it so it's able to be attacked, thanks solely to the OP...

Now, OP, remove the source code so this can actually be a discussion, not just a source of the attack. Like, come on, what in the fuck were you thinking.....

---

Re: anti crasher - ShihabSoft - 05.09.2018

Ya I've just happened to check it, you're right.

I've tested the above in multiple servers, which is 0.3.7 R2. Looks like 0.3.7 R2 is not affected.

---

Re: anti crasher - Whale - 05.09.2018

Alight, So Others are supposed to "GUESS" the mechanism of the exploit? Or does the OP has to Pm the code to every one of them here? Yes, I think this is good idea that he posted the more mainstream the exploit becomes the more important people here will consider to patch this shit. Common f*kin sense right here buddy. Instead of Criticism , How about looking into it and offer a patch? Contribute!

--OP Don't remove The source code so kids can use it to other servers and the developers can create a hype to FIX this ASAP. also code also saves the efforts of making assumptions and help patch the exploit fast

---

Re: anti crasher - NaS - 05.09.2018

Intercept the RPC, check the animation library and name or index if it is valid and if it is invalid, block it.

https://gtagmodding.com/forums/index.php?showtopic=35

Make an array of these, get the animation indexes of all of them and you have an array for valid animations.
The index of the array should be the animation ID as that is way more efficient than looping an array and comparing strings or IDs.

That's for an invalid animation index. But that is probably not all it does.

Find out what exactly it does and how it works, then post that info instead of the source code.
If you must, talk to someone who's experienced enough to find that out before posting.

---

Re: anti crasher - Dayrion - 05.09.2018

I tried something similar and it didn't works. I sent a RPC with a invalid animation to the player. The player crash and the RPC dosn't reach pawn callbacks (using Pawn.RakNet plugin).
Maybe, I've done something wrong.

---

Re: anti crasher - NaS - 05.09.2018

Why would that RPC reach the server? It gets sent to the player which then cannot further distribute it since they crashed.

You'll need to send an invalid animation from the client to the server. Or, to test, apply an animation to the player that is valid. If it can be intercepted, it should also work for invalid ones.
Otherwise just use the exploit which should be the best way to test anyway.

Also I think you must ignore the first 8 bits for the info to be correct, since the packet identifier is not part of the enum.

---

Obviously someone doesn't understand the implications... - Sew_Sumi - 05.09.2018

I'll highlight your 'points' and address them as follows...

1] Guess? No, you just have to realize that here on the forums, along with people who are scripting, and developing, there are also those who are looking for attacks, such as what would be put up in this scenario by someone who isn't thinking...

After all, there are ways of passing this info on, without releasing it to the general population....

This is why Gggogle have bounties and the sort, so people pass the info to them, rather than using it against them. Now, we aren't going to have that here, but thing is, at least most people who know development and security, don't post source code of suspected exploits to the GENERAL POPULATION....

[2] It's actually very retarded, and completely selfish in this manner... You are DEMANDING something be fixed BY MAKING an exploit more known...

That's absolute retardation there by a country mile, and if you are a dev of ANY project, even if your website, you 'code' is hosted, I hope it gets dropped to shit by a basic exploit, lose everything, and you realize how this shit actually works.

[3] Common sense, would be not to post up code for exploits, but hey, can't let that get in the way of demanding a patch, right?

Oh, and about that 'patch', the previous post before yours says that 0.3.7 R2 isn't affected, so if that's the case, no patch needed?

[4] Good job at showing your avoidance of any advice in regards to this, as thing is, that just shows you're ignorant as to others... After all, you do realise that by encouraging this, (If it actually worked) then you're consigning many servers to being attacked, simply for what......


A patch, which you demand, and get all antsy about, just because someone who knows about the risks of having random people posting up random exploits to the general populace. Too bad for everyone else eh...



Think about that for a minute, and let that sink in...


How would you feel if you were just chilling out, scripting your shit gamemode, to find your server keep crashing, and having no idea why it's happening...


Inconsiderate is only part of the phrase...

---

Re: anti crasher - v1k1nG - 05.09.2018

Okay I didn't read every line, so sorry if I misunderstood anything.

Agreed, it is risky. But if anyone is interested in studying cheats he could simply download the files and get a look into it without getting it here, with all these hacking communities around . Also an exploit it is, but a fix would be worth taking the risk. Maybe this will all end up in a client update.. And that'd be good!
Last but not less important is the fact that developers should talk and discuss about everything related to their works to improve theirselves and their crafts everytime.

---

Re: anti crasher - Sew_Sumi - 05.09.2018

Errr, this isn't exactly just a hack... This was rumoured to crash the server, which is a little more serious than just hacking on a server...


And as I mentioned before, posting this out in an attempt to force an update (Or even glorifying this as a way to get a patch) is straight up stupid...

What if it ends up with someone just saying 'Fuck it, and fuck it all" and shuts down the whole mod? Then what?

Did you just fuck it all by that ideal?

---

Re: anti crasher - ShihabSoft - 05.09.2018

Guys guys, calm your tits! This shit won't work in R2. And most of the servers are R2 and above. Not a major exploit considering the current scenario.

---

Re: anti crasher - v1k1nG - 05.09.2018

I dont mind bad words but there is a consistent use of **** here

---

Re: anti crasher - Sew_Sumi - 05.09.2018

It's the simple fact that by posting the source, they're not thinking of anyone else other than themselves.

It is also good that you've tested it, but I hope that you did that on your own server, not to other peoples servers without advising the owners/admins.

---