[hlds] New TF2 server exploit?
I just saw this on Reddit: http://www.reddit.com/r/tf2/comments/15dacx/psamajor_mann_vs_machine_exploit/ Apparently it's possible for clients to alter tournament settings that they shouldn't be able to change in MvM mode. ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds
Re: [hlds] New TF2 server exploit?
I don't understand how a client can change a server-side convar, I thought they could only execute FCVAR_GAMEDLL commands? Sounds like a very strange bug on Valve's part. Kind regards, Saul Rennison On 24 December 2012 21:15, infiniteloop infinitel...@cox.net wrote: Confirmed, it has something to do with these 2 vars: mp_tournament_allow_non_admin_**restart and mp_tournament_restart Tried on my own server, and I can toggle the non_admin_restart back and forth, even if I don't have admin privs in the first place. But the real kicker is the mp_tournament_restart. Just as the reddit thread states, when exec'd during setup phase, everyone gets unreadied and timer resets. If exec'd during a wave, when a bot with the bomb gets killed + drops it, no other bot can pick it up for the rest of the wave. On 12/24/2012 1:55 PM, Ross Bemrose wrote: I just saw this on Reddit: http://www.reddit.com/r/tf2/** comments/15dacx/psamajor_mann_**vs_machine_exploit/http://www.reddit.com/r/tf2/comments/15dacx/psamajor_mann_vs_machine_exploit/ Apparently it's possible for clients to alter tournament settings that they shouldn't be able to change in MvM mode. __**_ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.**com/cgi-bin/mailman/listinfo/**hldshttps://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds __**_ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.**com/cgi-bin/mailman/listinfo/**hldshttps://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds
Re: [hlds] New TF2 server exploit?
looks like a simple solution would be to set up overrides with sourcemod. set the known cvars to the root override, wonder if this would work or not? scott biszmaier -Original Message- From: infiniteloop infinitel...@cox.net To: Half-Life dedicated Win32 server mailing list hlds@list.valvesoftware.com Sent: Mon, Dec 24, 2012 1:16 pm Subject: Re: [hlds] New TF2 server exploit? Confirmed, it has something to do with these 2 vars: mp_tournament_allow_non_admin_restart and mp_tournament_restart Tried on my own server, and I can toggle the non_admin_restart back and forth, even if I don't have admin privs in the first place. But the real kicker is the mp_tournament_restart. Just as the reddit thread states, when exec'd during setup phase, everyone gets unreadied and timer resets. If exec'd during a wave, when a bot with the bomb gets killed + drops it, no other bot can pick it up for the rest of the wave. On 12/24/2012 1:55 PM, Ross Bemrose wrote: I just saw this on Reddit: http://www.reddit.com/r/tf2/comments/15dacx/psamajor_mann_vs_machine_exploit/ Apparently it's possible for clients to alter tournament settings that they shouldn't be able to change in MvM mode. ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds