######## #Quick and dirty workaround to block people from using the channel overflow client disconnect exploit #Original author: Lobster Man #Contact: AIM - lobsterman246, Steam - lobster_man246 #Websites: www.f10community.com & www.newslobster.com #Check out my css surf server at f10.ath.cx:27015 :) ######## #PLEASE NOTE: The code below is python and is for use with eventscripts 2.0+, this is NOT an eventscripts classic script #To use this script, make a folder in your \cstrike\addons\eventscripts directory called block_crash #then inside of that new folder (\cstrike\addons\eventscripts\block_crash), move this entire document and make sure it's called block_crash.py (you can remove the comments if you like :P ) #To use it, simply add "es_load block_crash" to your autoexec.cfg or whatever method you use to load scripts #IMPORTANT!!! #This has been tested by me on windows only (server 2003), and in my experience, you must be loading mani via metamod (www.sourcemm.net) for this to work, and NOT by a .vdf file #I personally have not tested this on linux, but after talking with several other people, it appears that you may not need to use metamod for this to work on linux #also, see the comments below if you wish to change kicks to bans: line 51 import es import gamethread users = {} def load(): #hooking the commands, not sure if ma_timeleft and ma_nextmap are actually necessary es.regclientcmd('timeleft', 'block_crash/watch_console', 'test to block channel overflow exploit') es.regclientcmd('ma_timeleft', 'block_crash/watch_console', 'test to block channel overflow exploit') es.regclientcmd('nextmap', 'block_crash/watch_console', 'test to block channel overflow exploit') es.regclientcmd('ma_nextmap', 'block_crash/watch_console', 'test to block channel overflow exploit') es.regclientcmd('listmaps', 'block_crash/watch_console', 'test to block channel overflow exploit') def player_connect(event_var): #add users to the dictionary on connect users[event_var['userid']] = 0 def watch_console(): userid = str(es.getcmduserid()) #just some debugging commands for diagnostics, you can uncomment these to see who executes one of the above commands (it will only show their session id) #es.msg('%s called a restricted command' % userid) #es.msg('%i is the count' % users[userid]) #each time a user calls one of the above commands, increment a count in the users dictionary users[userid] += 1 #if they try to call it too often, boot them and print a warning message if users[userid] >= 5: #******************************************************* #The next line is the kick functionality, you can also change this to 'banid 0 %s kick' to ban es.ServerCommand('kickid %s pwnd n00b' % userid) #******************************************************* #you may also want to change kicked to banned if you modify functionality at all es.msg('user %s was kicked for attempting to use the channel overflow exploit' % es.getplayername(userid)) #wait 5 secs then reset their count - you can change this if you want but players shouldn't need to execute one of the above commands more than once every 5 seconds gamethread.delayed(5, reset, userid) def reset(sessionid): users[sessionid] = 0 #cleanup below here def player_disconnect(event_var): del users[event_var['userid']] def unload(): es.unregclientcmd('timeleft') es.unregclientcmd('ma_timeleft') es.unregclientcmd('nextmap') es.unregclientcmd('ma_nextmap') es.unregclientcmd('listmaps')