clc_VoiceData exploid

[gants]

v34?

Yes
--- Добавлено позже ---

Which Linux distro are you using?

Me ? I'm using windows.

 

[servcss]

Yes
--- Добавлено позже ---

Me ? I'm using windows.

I did willstrix fix from all exploits, though protection and expensive but it's worth it 20K

 

[By.Maxx.]

Yes
--- Добавлено позже ---

Me ? I'm using windows.

Give me one good reason to use Windows for a server, eSteamation has bug detecting REVemu 4th gen, harder to get 1k fps, firewall rules are hard to code there... ProcessCMDs can also fix this, but there is a glitch in cracked version,

Switch to Debian 8/Ubuntu 14.04/Ubuntu 16.04...
I have fix for this, for attacker cmdrate will fell
down to an level where it lags for him;

apt-get install iptables-persistent
Choose Y to save rules.v4, also for rules.v6

Open /etc/iptables/rules.v4
Copy this into a file
# Generated by iptables-save v1.4.21 on Wed Jun 27 08:15:27 2018
*filter
:INPUT ACCEPT [9732343:726476362]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [11954071:3240765871]
-A INPUT -p udp -m length --length 30:110 -m u32 --u32 "0x1a&0xffff=0x100" -j DROP
COMMIT
# Completed on Wed Jun 27 08:15:27 2018
# Generated by iptables-save v1.4.21 on Wed Jun 27 08:15:27 2018
*raw
:PREROUTING ACCEPT [9732416:726481760]
:OUTPUT ACCEPT [11954080:3240767059]
-A PREROUTING -p udp -m u32 --u32 "0x1a&0xffff=0xfeff" -j DROP
-A PREROUTING -p udp -m u32 --u32 "0x1a&0xffff=0xfeff" -j DROP
-A PREROUTING -p udp -m u32 --u32 "0x1a&0xffff=0xfeff" -j DROP
COMMIT
# Completed on Wed Jun 27 08:15:27 2018

Save it, restart your machine; after restart, type iptables-save, and try mass on your server... :)

regards

 

[will_rock]

Give me one good reason to use Windows for a server, eSteamation has bug detecting REVemu 4th gen, harder to get 1k fps, firewall rules are hard to code there... ProcessCMDs can also fix this, but there is a glitch in cracked version,

Switch to Debian 8/Ubuntu 14.04/Ubuntu 16.04...
I have fix for this, for attacker cmdrate will fell
down to an level where it lags for him;

apt-get install iptables-persistent
Choose Y to save rules.v4, also for rules.v6

Open /etc/iptables/rules.v4
Copy this into a file
# Generated by iptables-save v1.4.21 on Wed Jun 27 08:15:27 2018
*filter
:INPUT ACCEPT [9732343:726476362]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [11954071:3240765871]
-A INPUT -p udp -m length --length 30:110 -m u32 --u32 "0x1a&0xffff=0x100" -j DROP
COMMIT
# Completed on Wed Jun 27 08:15:27 2018
# Generated by iptables-save v1.4.21 on Wed Jun 27 08:15:27 2018
*raw
:PREROUTING ACCEPT [9732416:726481760]
:OUTPUT ACCEPT [11954080:3240767059]
-A PREROUTING -p udp -m u32 --u32 "0x1a&0xffff=0xfeff" -j DROP
-A PREROUTING -p udp -m u32 --u32 "0x1a&0xffff=0xfeff" -j DROP
-A PREROUTING -p udp -m u32 --u32 "0x1a&0xffff=0xfeff" -j DROP
COMMIT
# Completed on Wed Jun 27 08:15:27 2018

Save it, restart your machine; after restart, type iptables-save, and try mass on your server... :)

regards

А зачем вводить 3 одинаковых правила))

 

[Hossinkia]

@damianmp, tnx ! blocked kick player !
But No one can talk !
sv_alltalk 1
sv_voiceenable 1

 

[damianmp]

Hi, i has read more about this exploid and initially i have this idea.
With an sniffer (how this) and learning as much as possible c++, make a extension will to do is read any packets. However, other posible solution is understand when a client send a packets audio:

void SV_BroadcastVoiceData(IClient * cl, int nBytes, char * data, int64 xuid )
{
    // Disable voice?
    if( !sv_voiceenable.GetInt() )
        return;

    // Build voice message once
    SVC_VoiceData voiceData;
    voiceData.m_nFromClient = cl->GetPlayerSlot();
    voiceData.m_nLength = nBytes * 8;    // length in bits
    voiceData.m_DataOut = data;
    voiceData.m_xuid = xuid;

    if ( voice_debugfeedbackfrom.GetBool() )
    {
        Msg( "Sending voice from: %s - playerslot: %d\n", cl->GetClientName(), cl->GetPlayerSlot() + 1 );
    }

    for(int i=0; i < sv.GetClientCount(); i++)
    {
        IClient *pDestClient = sv.GetClient(i);

        bool bSelf = (pDestClient == cl);

        // Only send voice to active clients
        if( !pDestClient->IsActive() )
            continue;

        // Does the game code want cl sending to this client?

        bool bHearsPlayer = pDestClient->IsHearingClient( voiceData.m_nFromClient );
        voiceData.m_bProximity = pDestClient->IsProximityHearingClient( voiceData.m_nFromClient );

        if ( IsX360() && bSelf == true )          
            continue;
           
        if ( !bHearsPlayer && !bSelf )
            continue;  

        voiceData.m_nLength = nBytes * 8;

        // Is loopback enabled?
        if( !bHearsPlayer )
        {
            // Still send something, just zero length (this is so the client
            // can display something that shows knows the server knows it's talking).
            voiceData.m_nLength = 0;  
        }

        pDestClient->SendNetMsg( voiceData );
    }
}

 

[Hossinkia]

#

 

[damianmp]

@damianmp,
//// voice.sp
//
// voice.sp(3) : warning 219: local variable "IClient" shadows a variable at a p
receding level
// voice.sp(3) : error 001: expected token: ")", but found "*"
// voice.sp(3) : error 143: new-style declarations should not have "new"
// voice.sp(3) : error 157: 'char' is a reserved keyword
// voice.sp(3) : fatal error 189: too many error messages on one line

Lol no, this is a code of the old engine 2007 (sv_client.cpp) not a plugin of sourcespawn.

 

[Hossinkia]

@damianmp, Fool! I want for "sourcespawn"!
Tnx

 

[WhoAmI / WillStriX]

@damianmp, Fool! I want for "sourcespawn"!
Tnx

r u srsly? if u dont know how is it working, u should pay cause any job gotta be paid

 

[Hossinkia]

@WhoAmI, It is true!!
--- Добавлено позже ---
@damianmp,
Ashamed !
Good luck.

 

[damianmp]

@Hossinkia, dont worry everyone has done wrong! nobody is born with knowledge!
@WhoAmI, with yours knowledge and skills should work in Microsoft or IBM! here in Argentina is a well paid job and they paid in dollars lool. I wanna work in programming's stuff but i dont have lucky (low iq lol).

 

[GuSenoK]

@Hossinkia, dont worry everyone has done wrong! nobody is born with knowledge!
@WhoAmI, with yours knowledge and skills should work in Microsoft or IBM! here in Argentina is a well paid job and they paid in dollars lool. I wanna work in programming's stuff but i dont have lucky (low iq lol).

Sabes como puedo fijar una problema con este exploit? Alguien rompe mi servidor cada vez.

 

[damianmp]

Hola, la solución es poner el ProcessCmd (consultalo con el creador), también poniendo el sv_voiceenable en 0 funciona.

hi, the solution is put the ProcessCmd (check with the creator), also set the sv_voiceenable at 0 work.

 

[Hossinkia]

If the svc_voicedata code is closed
Is it kick again ???

 

[damianmp]

Maybe, the ultrahook hack has a diferent behavior. Always the packets received has a size of 150 and sent random tash data.

 

[Hossinkia]

All packages are sent from "svc_voicedata"@damianmp,

 

[damianmp]

lol was a my mistake.

 

[Hossinkia]

@damianmp, Very Very Funy

 

[makentosh]

Host_EndGame: Buffer overflow in net message