[Whizion]

Remember that exploit with bad camera data? And then again with bad bullet data?

Well, there's another one out there ...

There's actually a couple of them packed in this tool. The first one works by shooting any weapon and the players around you will freeze. They will have to restart their computer or WINKEY+L, taskmanager and then kill gta_sa to regain control. The second one works by jumping on a bicycle and i don't know (haven't tested) but i think the effect is same as the first one.

I am in the possession of said exploit and i would like to patch it if i could. The problem is i don't know how. So could the people who figured out the first two exploits tell me how they did it? What they used to do it? I can also send this exploit so you can try it yourself (only trusted members / beta testers).

I would really like this to be fixed as soon as possible, thank you for your answers.

EDIT: Just to explain, in "how you did it" i meant what tool besides "printf-ing" every callback and no need to explain any scripting.

[Whitetiger]

your best bet is sending the tool to kurta999 so he can fix it in YSF.

[Vince]

What format is the tool? Is it a CLEO script of some sort?

[Whizion]

Quote:

Originally Posted by Whitetiger your best bet is sending the tool to kurta999 so he can fix it in YSF.

Will do, thanks.

Quote:

Originally Posted by Vince What format is the tool? Is it a CLEO script of some sort?

It's a .dll, s..... (with added features).

[Yera96]

Yep... They are destroying my server right now..

They should hit you with any weapon (not fist) and your client is getting frozen. Debugged OnPlayerWeaponShot and output was:

pawn Code:

[00:51:26] OnPlayerWeaponShot playerid 0, weaponid 31, hittype 1, hitid 1, fX -0.176513, fY -0.156494, fZ -0.105707

Second one is when they use bikes & trains, streamed players will get frozen. Debugged all callbacks related to vehicles, but nothing special.

I could give you the soft, if it's really needed to test.

[Carper]

You can fix it self... very easy.
The cheat (sob edit) is open source.

[georgian1]

you can fix it using same method used on anti bullet crasher

[Yera96]

Could you give an example code?

[Yera96]

Bumping... That's really a big problem

[Matite]

"Vehicle component crasher" = Add code to OnVehicleMod to check if the component being synced is not valid for the vehicle (return 0 if it is bad). Look for a post by JernejL with this code.

"Bullet crasher (Player)" = Add code to OnPlayerWeaponShot to check the type of shot. If the player is shooting themselves (not possible) then do not sync it (return 0). If the bullet hit location is outside what would be considered a normal range then do not sync it (return 0). If the bullet hit location is INF or NaN then kick/ban and do not sync it (return 0). Look for code on the forum to do this if you need more help.

"Bullet crasher (Vehicle)" = Same as above for "Bullet crasher (Weapon)".

"Train crasher" = Add code to OnPlayerUpdate or a timer that checks the train and trams Z position. If it is outside the range of -10 to 100 then it is not valid. In OnPlayerUpdate you could de-sync this data (return 0) or in a timer you could alert admins and kick/ban the player.

"Attached object crasher" = Add code to OnPlayerEditAttachedObject to check the model ID returned is valid. You should not attach an object in this callback using the model ID that is returned... it should be stored in a variable elsewhere when the player first starts editing the attached object.


Update 1:
"Weapon crasher" = Use GetPlayerCameraPos to check the Z value when aiming or shooting. If it is really high or low then kick/ban the player.

"Train crasher v2" = Check the velocity of the train/tram is not really high.

Update 2:
"Bike crasher v2" = Use OnPlayerStateChange to detect rapid changes from on foot to driver and driver to on foot. Credit to Tamer.


As Kalcor mentioned in his announcement thread these exploits are all patched in SA-MP 0.3.7.