Post subject: dproto [0.9.356] - HLDS serverside crack (13/11/2013)
Posted: Wednesday, 14 Apr 2010, 10:13
Forum ghost Местное привидение
Joined: Thursday, 18 Dec 2008, 02:40 Posts: 294
dproto is a plugin for metamod that allows protocol 47 and 48 no-steam clients to join the server.
! dproto is now maintained by Lev (profile on cs.rin.ru) ([[Please login to see this link.]]). I'm out of business for now.
! This topic is about dproto. Please discuss HLDS problems which is not related to dproto there
! I have troubles with server monitoring in GMBans!!11
These troubles are caused by hybrid serverinfo type and bad response handling code in GMBans. Challenge checking code in newest versions of dproto has broken GMBans's server communication layer.
To fix that, you can either disable hybrid serverinfo answer or download fixed file below, extract it and place to the 'include' directory of your web part of GMBans.
- Server accepts all known clients based on 47 and 48 protocols; - Customizable SteamIDs for clients; - Works with latest version of hlds; - built-in server-side emulation support.
Current version: 0.9.391
- added quick fix against net_message overflow @ Netchan_CopyNormalFragments - Fixed bug with HLTV SteamID in connect string set as BOT if cid_HLTV is 5. - Added SteamIdHashSalt config parameter. Added emulator generated SteamIDs hashing. - Fixed overflow file name format. - Be lenient to the mod. Do not crash in PEntityOfEntIndex. - PEntityOfEntIndex bugfix (thanks to PRoSToTeM@). Cleanup. - Deltas processing bugfix (thanks to PRoSToTeM@). Cleanup. - Option to log threat details. New config parameter: ThreatsLoggingMode. Spectate command rate limit to 1 per sec. - Fixed utf8 checking function. Check whole userinfo for utf8 validity. - Check requested customization in OnHandResources list too. - Clear downloaded customizations on reconnect (actually on sendres command). - Fixed bug with RequestedCustomizations cleanup on new connections. - Increased connection flood burst level a bit to handle multi-protocol clients - Fixed IsSafeFileToDownload on new builds to allow customizations downloads. Fixed CheckRequestedDlAgainstCustomizations code. - Fixed custom reject message output for SteamEmu clients. - Checking customization downloads against client resources. Allow to download existing resources only once. Fixes for client_t structure.
- Added support of upcoming voice transcoding module - Better HLTV client handling to prevent banning. - Increased sprite replacer storage capacity. Should prevent "Running out of free nodes" server error. - Security fixes and improvments. Closed one more way of lag out the server. - Fallback to the server realtime on Windows if there is no QPC. - Fixed missing skip for bots in fake players check. - Fixed amxx kick for slot reservation. - Fixed server-side game bots identification. - Clearing entity flags on disconnect. This fixes bug when client identified as bot if connects on slot previously occupied by a bot. (Thanks to Turanga_Leela)
Chengelog for older versions:
0.9.187 - 0.9.330:
- Added support for latest HLDS builds - If EnableSXEIdGeneration = 1, then sXe Injected is used for the generation of SteamID for everyone except steam clients. - cid_SXEI works correctly now, and it is only used if EnableSXEIdGeneration = 1. - Added support of RevEmu2013 clients. - Added dp_rejmsg_sxei and dp_rejmsg_revemu2013 cvars. - AMXX plugins were updated and now include support for SXEI and RevEmu2013. - Removed messages like: Unable to load strings pool from file './cstrike/estrpool/estrpool_main.dat'. - Added fixes for flood with commands like 'new', 'dlfile', 'sendres', 'fullupdate'. - Check for initial commands order on connect. New FakePlayers_CommandsOrderCheck config option. - Added checking of requested downloads against precached resources. New Exploits_CheckDownloads config option. - Added block of file uploads to the server. Added Exploits_DisableUploads config option. - Ban for repeating connection attempts from same IP. - Ban for violations in connection protocol. - Send VoiceInit on new server builds (initializes voice for old clients) (thanks to Chuvi). - Fixed average PPS calculation. This solves problem with HLSW. - Loading steam server ID and version from steam.inf and steam_appid.txt files. - Fixed server info answer: setting proper steam server ID, version, bots count, correct lock status when password set to "none". - Fixed steam ID generation function to return "BOT" for bots. - Fixed AY&SY and svc_bad error on new Linux builds. - Refactored IPRateFilter to not block HLSW.
- Fixed vulnerability used by "FVU" exploit
- fixed "STEAM userid keysize is bogus" error on SteamEmu clients
- fixed "Invalid challenge format" warning when client joins server
- Some bugs fixed (I don't remember what bugs ) - Removed subserver and master-client as they are not needed now - Added challenge checking code to "rules" and "players list" requests handlers
- Fixed steamid generation for Steamclient 2009
- Fixed: VAC Status was always "protected" on Windows servers. - Moved all options to configure fakeplayers detector to dproto.cfg - Update sample amxx plugins.
- Added quick fix for vulnerability in netchan's fragment parser - Enhanced detection of fakeplayers (against Argentinian haxxxorz)
- Improvements/bugfixes in fakeplayers/packet flood detection code - AMXX API and example plugins updated - Fixed bug with cid_AVSMP, it was always 1 - Added useful commands for threats monitoring, check Readme.txt
- bugfix, bugfix, bugfix, bugfix.... - Added support for AVSMP clients
- fix for random svc_bads on connect
- proper bots detection method in fakeplayers detector
- fixed problems with AMD engines - fixed hybrid answer mode - fakeplayers detector won't kick and ban bots anymore
- fixed crash when working with bans DB (banid) - fix in new revEmu auth code
- project moved to new versioning system; version format for now is MAJOR.MINOR.REVISION - added support for latest linux engine. - added support for new revEmu/SteamClient2009 clients - added config options to set first prefix of steamid for clients. For example, revEmu clients may be marked as STEAM_4_0_xx - added 2-level protection against all kinds of fake players - added protection against flooding server with connectionless (PlayerList, ServerInfo, Rules) queries. - added option (HLTVExcept_IP) to allow HLTVs from specified address to join the server even if cid_HLTV is 5 (deprectated). May be useful if you using HLTVReport plugin, but you dont want to allow another HLTVs to join your server. - Source code will not be available anymore. - (untested) "The VAC problem" (when VAC banned clients are able to join server) should be fixed.
- fixed buffer overflow vulnerability in SV_ParseCvarValue2() - fixed crash for linux servers, when server started as unprivileged user that not able to write to server root directory.
- fixed problem with dropping clients with "Unknown HLTV Type" message - fix in anti-svc_bad code, it should work fine now
- fixed: old WON clients (CS patch 21 and lower) unable to join server
- fixed NET_SendPacket error that appears when server tried to drop deprecated client
- implemented fix for "Server failed to transmit file AY&SY" kind of svc_bad's - UTF8 Chat/Nicknames support completely removed (will add it to another plugin) - Userinfo filter removed because it does not needed anymore (it was a temporary fix for svc_bad's) - added separate AuthProvider (dp_r_id_provider cvar) constant for HLTV (check amxx/dp_test.sma) - fixed GameNameChanger plugins under Windows. - There are a lot of changes in dproto.cfg. Old configs won't work with this version.
- Using on-the-fly offsets searching for patching. - dproto now supports all existing (and hopefully future) p48 engines for Windows and Linux (including engine_amd.so/engine_i486.so). - Fixed vulnerability in SV_ParseVoiceData() used by hlds_vcrash exploit.
- hlds_fuck exploit fixed. - temporary fix for hlds_vcrash exploit: Patched swds.dll/engine_i686.so, uploaded [[Please login to see this link.]] and [[Please login to see this link.]].
- possible DoS exploit fixed - added Subserver_IP option in dproto.cfg, used to set interface for subserver; subserver code will be rewrititten in next versions.
- implemented cid_Setti clientid type (for Setti server scanner). Default value is 3 (STEAM_x:x:x generated by ip). This is workaround for situation when server disappears from Setti's serverlist (because Setti scanner can't join the server) when cid_NoSteam47=5 is used. - Plugins changing game description (adding timeleft for example) should work correctly now.
- Fixed server response for very old clients (thx to Rulzy) - Fixed bug when server drops HLTV if cid_NoSteam47/48 is deprecated(5)
- Added server-side emulation support. Currently supported emus are: revEmu, old revEmu ( <= 9.73), hCupa's SteamEmu - eSTEAMATiON support removed - local banlist should work correctly - completely rewritten client authorization code. All problems with UNKNOWN steamids and not working "deprecated" clientids may be fixed. - there are a lot of changes in dproto.cfg. Old configs won't work with this version
- Fixed: "deprecated" (5) ClientID did not work on cid_SteamPending (STEAM_0:0:0) clients - Added: Various cvars for customizing reject messages for deprecated clients. Check the "HOW TO CHANGE REJECT MESSAGES WHEN CLIENTID IS 5 (DEPRECATED)" section of Readme for more details. - Added: dp_version cvar that keeps current dproto version. It is exported to server rules by default, but you can turn the exporting off using ExportVesion option in dproto.cfg - Added: Capability mode for steamIds generated by eST (to make it as in <= 0.3.0) versions, option OldEstCompatMode in dproto.cfg
- Fixed: "STEAM userid keysize is bogus" on build 4554 (May, 2009) under windows (broken in 0.3.1 version) - Fixed: Annoying #18 and #19 warnings under windows
- Fixed: dproto gets wrong steamids from eSTEAMATiON.
- Fixed bug with steamid corruption for some no-steam clients
- Added dp_clientinfo command which can be used to get inforamtion about client's protocol. Check the Readme.txt and amxx directory for more info.
- Added support for new engines: 4617 for Linux and 4554 (15 Jun 2009) for Windows.
- Redirection fixed for subserver (thx to GoD2.0); - Subserver now correctly works with broadcast queries; - Hybrid serverinfo answer type discovered by ineya, fixes visibility for all clients. Check dproto.cfg
- some compilation problems for linux fixed
FAQ (in development)
Q: What is dproto? A: Dproto was made as replace for cbooster on double-protocoling solutions area. dproto designed to work for new p.48 HLDS, so all steam features can be used with it. Dproto has one primary goal - to allow old clients to join new servers, all another features are secondary and they were added by users requests.
Q: How to install dproto? A:
1. Go to <gamedir>/addons/ and make new directory named dproto <gamedir> - its a game directory; cstrike for Counter-Strike, valve for Half-Life, etc 2. Copy dproto.dll or dproto_i386.so to <gamedir>/addons/dproto/ 3. Go to metamod installation directory (usually its <gamedir>/addons/metamod/) and edit plugins.ini: add this line for windows win32 addons\dproto\dproto.dll or this for linux linux addons/dproto/dproto_i386.so at the beginning of the file 4. Copy dproto.cfg to server root or gamedir. 5. Start the server. You should use this command on linux: ./hlds_run -binary ./hlds_i686
when server loads, type "meta list" in console. You'll see something like this: Currently loaded plugins: description stat pend file vers src load unlod [ 1] dproto RUN - dproto_i386.so v0.4.3 ini Start Never [ 2] AMX Mod X RUN - amxmodx_mm_i386. v184.108.40.206 ini Start ANY 2 plugins, 2 running 6. Enjoy
Q: I installed dproto, but it does not work. meta list says this:
Q: I dont see my server in steam favorites! A: Set ServerInfoAnswerType to 0 or 2 in dproto.cfg
Q: My server is invisible in favorites in cs v24! A: Set ServerInfoAnswerType to 1 or 2 in dproto.cfg
Q: How to make my server visible both in old no steam clients and steam? A: Set ServerInfoAnswerType to 2 in dproto.cfg
Q: I'm getting "Error verifying STEAM UserID Ticket(server was unable to contact the authentication server)" error when playing on legit client. Q: Bans for legit SteamID do not work. Users with banned IDs are able to play on server. A: Your server can't conect/lost connection to steam servers. I dont know universal method to check connection to steam servers (if someone know it - pls tell me). If you have VAC secured server, use stat command. If it shows version as "insecure" or "insecure (secure mode enabled, disconnected from Steam3)" it means that connection to steam servers lost. This problem is not related to dproto, but i can give some tips to fix it: 1. Check if outgoing TCP connections are allowed to destination port 27030 2. Check if outgoing UDP datagrams are allowed from local ports 2690x 3. If you using linux, you should add +ip <server ip> parameter to command line. I'm using +ip 0.0.0.0 for example and it works fine.
Q: My server could not be displayed in monitoring system. A: It's because of hybrid answer type, some monitoring scripts cannot handle it correctly. There is 3 way to solve the problem: use standart answers (ServerInfoAnswerType = 1 or 0) or try to fix it by yourself, or write to script developers.I dont guarantee correct work of third-party stuff.
Q: I'm using latest engine and my server is not visible in internet list. A: Forward this question to Valve
Q: I'm using latest engine and my server is not visible in Setti serverlist. A: Register your server [[Please login to see this link.]]
Q: My server crashes sometimes after N days of work... A: Forward this question to Valve
Q: My server crashes when i installed mod X on it. A: Forward this question to mod X developers and check if you haven't missed something.
Q: I have players with same steamids on my server. They're recognized as SteamEmu (dp_SteamEmu) A: Steamid could be easily spoofed in SteamEmu auth algorithm. Deprecate these clients or set not-numeric id to them (STEAM_ID_LAN for example)
Before posting bugreports and questions...
Make sure that dproto is reason of the bug. You can check it by disabling dproto.
Please, don't post there questions about HLDS engine bugs that were known before release of dproto. I'm not going to spend my time for analyzing engine for free.
Post all "My server does not displayed in internet list" questions in Valve's forums. Native Master-Client located in steamclient.dll (steamclient.so) and dproto could not be a reason because it does not patch this library.
Bugreport MUST contain:
Detailed explanation of bug.
A way how to reproduce it (if possible)
Full startup log from server console; server should be started with "+log on +mp_logecho 1" parameters
Contents of dproto.cfg
MD5 hashes of all files from server root directory (use [[Please login to see this link.]] for Windows or [[Please login to see this link.]] for Linux)
I won't consider bugreports without these points because I don't want to spend my time to search possible reasons of your problems. Thanks for understanding.
Post all problems/bugs you have found in this topic.
You do not have the required permissions to view the files attached to this post.
Last edited by Crock on Sunday, 08 Jun 2014, 23:05, edited 38 times in total.
Post subject: Re: dproto [0.4.8] - HLDS serverside crack
Posted: Wednesday, 14 Apr 2010, 12:20
Forum ghost Местное привидение
Joined: Tuesday, 09 Dec 2008, 17:46 Posts: 267
Sniperkiki, this problem should be solved by OS administrator. And I can't add this to FAQ because there is no universal solution to solve this, because different OSes uses different package managers and different package names. For example, on x64 Ubuntu package "lib32stdc++6" should be installed, but on debian x64 it's "ia32-libs"
Post subject: Re: dproto [0.4.8] - HLDS serverside crack
Posted: Friday, 16 Apr 2010, 20:17
Advanced forumer Завсегдатай
Joined: Saturday, 21 Mar 2009, 05:39 Posts: 140
Were talking about Valve here They don`t fix anything. Even the hlds_vcrash is fixed only on 4883 linux build. On windows is still 4554 (8 march build), without dproto every windows server (steam only) is vulnerable.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot post attachments in this forum