[All][SRCDS][Critical] Spray Exploit

[RoonMoonlight]

Hello,

I found a bug regarding the spray exploit on All Source 1 Games. This time it is different with Crash Bot Issue. The others could crash the server by abusing Spray features using invalid spray.

[Pinsplash]

apparently this was just fixed, but only for tf2..?

[RoonMoonlight]

Yeah the other games is not fixed. Hopefully valve should patch the exploit on all games.
EDIT: Negative, they should patch all Source Engine branch to avoid malformed spray crash exploit.

[CanadianJeff]

sourcemod offers a plugin that will scan detect and remove all invalid sprays from a server look on alliedmodders forums

[destoer]

This is still broken on css

[CanadianJeff]

valve should just open source all source engine 1

[CanadianJeff]

this bug also posted here too

Tsuey/L4D2-Community-Update#115

[destoer]

a fix was attempted but setting the "unknown bit" inside the header flags is enough to get around it

[CanadianJeff]

because the Tsuey issues pages removed all video links demoing the crash I thought I would put them back here

https://www.youtube.com/watch?v=rhzaKbmDg0Q
https://streamable.com/pi8jus

these 2 videos are demos of L4D2 however several other games are also vuln using the same method

[CanadianJeff]

razzy — Today at 12:30 AM
a 128x128 render target with that is a depth buffer that doesnt have a depth buffer doesnt seem to make any sense, but it's the source code engine so :anything goes:™️

[alexiscoutinho]

because the Tsuey issues pages removed all video links demoing the crash I thought I would put them back here

https://www.youtube.com/watch?v=rhzaKbmDg0Q https://streamable.com/pi8jus

these 2 videos are demos of L4D2 however several other games are also vuln using the same method

They can still be found in the comments' history though.

[CanadianJeff]

still cringe that Tsuey would remove the video links from his github I mean it is within his right todo so but if no one knows how this crash is done it will most likely never get fixed

[CanadianJeff]

can anyone confirm if garrys mod is vuln to this crashing spray?

[CanadianJeff]

pretty sure just like the official forums steam/valve does not care anymore

its been well over 1 year and still not patched

https://www.youtube.com/watch?v=yzbkUYvKOmg
https://streamable.com/h5uzwg

[CanadianJeff]

I guess this is now patched in L4D2 still not confirmed if this is patched if any of the other source 1 based games I have personally notified to the Goldeneye Source devs about the sourcemod plugin and they have applied the fix

[ghost]

The issue is not fixed yet, today a new exploit is released and doing the same thing, crash players games...tested this exploit in left 4 dead 2.
spray.zip

[AshThe9thSurvivor]

I just saw a publication referring to L4D1, where it mentions this exploit, and as they always marked it as repeated, what's the point of doing this if they're not going to fix it, besides they always forget about L4D1, I've been reporting errors here several times and never I have been heard, the errors are still there, even requests that are not even reviewed, it seems to me.

[CanadianJeff]

has this crap ever been reported to hacker one???????

[CanadianJeff]

looks like Tsuey on the L4D2 thread has considered this issue closed but that does not mean it is not still an issue with other source based games so I will leave this issue open