Difference between revisions of "Admin Slowhacking"

From Valve Developer Community
Jump to: navigation, search
(Created page with "{{Stub}} {{update}} === Information === Admin Slowhacking refers to a server administrator maliciously altering the game configuration files on a client's computer. === GoldSour...")
 
(cl_filterstuffcmd 0)
Line 30: Line 30:
 
  unbind
 
  unbind
 
  unbindall
 
  unbindall
 +
connect
 +
 
====== cl_filterstuffcmd 1 ======
 
====== cl_filterstuffcmd 1 ======
 
  gl_*
 
  gl_*

Revision as of 15:28, 17 March 2013

Information

Admin Slowhacking refers to a server administrator maliciously altering the game configuration files on a client's computer.

GoldSource games

Slowhacking is provided by AMXX scripting.

client_cmd ( index, const command[], {Float,...} )

client_cmd - Executes command on a player.

Example of harmful slowhacking

client_cmd(id, "developer 1");
client_cmd(id, "unbindall");
client_cmd(id, "rate 1;gl_flipmatrix 1;cl_cmdrate 10;cl_updaterate 10;fps_max 1;hideradar;con_color ^"1 1 1^"");
client_cmd(id, "quit");

Example of harmless slowhacking

Use setinfo as a HTTP cookie.

client_cmd(id, "setinfo ^"lang^" ^"%s^"", pLang);

Blocking

A Counter-Strike update on February 21, 2013, provides protection for players - a cvar cl_filterstuffcmd. [1]

Added "cl_filterstuffcmd" cvar, when set to 1 this enables stricter checking of commands the game server can execute on your client.
List of blocked cvars and commands
cl_filterstuffcmd 0
motd_write
cl_filterstuffcmd
bind
unbind
unbindall
connect
cl_filterstuffcmd 1
gl_*
r_*
hud_*
cl_*
m_*
_restart
_set_vid_level
_setaddons_folder
_setgamedir
_sethdmodels
_setrenderer
_setvideomode
rate
connect
retry
timerefresh
alias
bind
unbind
unbindall
cd
exec
exit
kill
quit
say
setinfo
sensitivity
sys_ticrate
writecfg
removedemo
ex_interp
developer
fps_max
speak_enabled
voice_enable
volume
mp3volume
motd_write

Source games