SA-MP Forums

Go Back   SA-MP Forums > SA-MP Server > Server Support

Reply
 
Thread Tools Display Modes
Old 19/06/2019, 04:24 AM   #1
Variable™
Gangsta
 
Join Date: Jul 2015
Posts: 796
Reputation: 175
Default Server exploit?

It appears someone was able to find an exploit in the SA-MP server that makes it stop working. I tried checking crashdetect, it doesn't report anything (having -d3 in pawn.cfg).

The attacker joins the server and hangs it somehow. I checked the RAM and CPU usage of the server and they aren't increasing nor decreasing at all. Server then appears offline and no one can join the server, and it doesn't show anything useful in the server log, just stops working out of a sudden and needs someone to restart it in order to work again.

Their IPs are changing but they come with the same nickname.


(staff member talking to them on discord)


(player took a screenshot once the attacker joined)


(staff member took the screenshot, once the attacker joined, server stopped working)

The attacker joins with random IPs but mostly from Ukraine. They demanded $17 in order to stop attacking, I tried disabling some plugins and yet they're still able to hang the server, and I don't see the server crashing nor printing anything in the server log, just hangs till someone restarts it.


(here's the attacker demanding $17 to stop attacking)


(the attacker confirming they never joined with their real IP address, but probably they did as the first IP from Ukraine was not VPN, other IPs are)

Is this a new SA-MP server exploit? That's what the attacker is saying.
__________________
SWAT vs Terrorists
Discord | Website

Variable™ is offline   Reply With Quote
Old 19/06/2019, 07:25 AM   #2
Autorojo
Little Clucker
 
Join Date: Mar 2015
Location: Santa Fe, Argentina
Posts: 14
Reputation: 0
Default Re: Server exploit?

Where do you have your server hosted? If you are using an OVH game and the problem still exists, I am interested in helping you. Contact me by MP.
Autorojo is offline   Reply With Quote
Old 19/06/2019, 07:48 AM   #3
][Noname][
Gangsta
 
][Noname]['s Avatar
 
Join Date: Dec 2010
Posts: 626
Reputation: 92
Default Re: Server exploit?

Did server main thread work? try to write every 10 sec text to serverlog
__________________
Owner of Absolute Play and SAMP Addon
][Noname][ is offline   Reply With Quote
Old 19/06/2019, 08:31 AM   #4
Variable™
Gangsta
 
Join Date: Jul 2015
Posts: 796
Reputation: 175
Default Re: Server exploit?

Quote:
Originally Posted by Autorojo View Post
Where do you have your server hosted? If you are using an OVH game and the problem still exists, I am interested in helping you. Contact me by MP.
I use a VPS from Evolution Host

Quote:
Originally Posted by ][Noname][ View Post
Did server main thread work? try to write every 10 sec text to serverlog
The server hangs and nothing works till it gets restarted, also I print many messages to the server log for debugging but nothing show in the log after the attacker joins the game...
__________________
SWAT vs Terrorists
Discord | Website

Variable™ is offline   Reply With Quote
Old 19/06/2019, 08:48 AM   #5
Ubi
Little Clucker
 
Join Date: Sep 2011
Location: Poland
Posts: 36
Reputation: 19
Default Re: Server exploit?

Yeah, there is a some kind of new exploit and it has NOTHING to "OVH Game" etc. Please check yours PM.
__________________
Co-owner of the game server hosting: https://liveserver.pl/
Retired maintainer of the oldests Polish DM server: https://server-pps.com
Ubi is offline   Reply With Quote
Old 19/06/2019, 10:53 AM   #6
][Noname][
Gangsta
 
][Noname]['s Avatar
 
Join Date: Dec 2010
Posts: 626
Reputation: 92
Default Re: Server exploit?

Quote:
Originally Posted by Variable™ View Post
The server hangs and nothing works till it gets restarted, also I print many messages to the server log for debugging but nothing show in the log after the attacker joins the game...
you should create 10 sec timer for printf
__________________
Owner of Absolute Play and SAMP Addon
][Noname][ is offline   Reply With Quote
Old 19/06/2019, 06:46 PM   #7
Markski
Little Clucker
 
Markski's Avatar
 
Join Date: Apr 2015
Location: La Plata, Argentina
Posts: 40
Reputation: 11
Default Re: Server exploit?

This exploit has been fixed months ago by users who were banned from this community, who provided Zhao the fix.

Update your SKY plugin. https://github.com/oscar-broman/SKY

If you want to recieve help from competent people in the future, join the SAMP Discord. https://discord.me/samp
__________________
mashallah
Markski is offline   Reply With Quote
Old 19/06/2019, 07:20 PM   #8
Variable™
Gangsta
 
Join Date: Jul 2015
Posts: 796
Reputation: 175
Default Re: Server exploit?

Quote:
Originally Posted by Markski View Post
This exploit has been fixed months ago by users who were banned from this community, who provided Zhao the fix.

Update your SKY plugin. https://github.com/oscar-broman/SKY

If you want to recieve help from competent people in the future, join the SAMP Discord. https://discord.me/samp
This did the trick, thanks!

As some others had this problem, for those who need the latest SKY.so (compiled on Debian 8 amd64), you can get it from here https://h2omultiplayer.com/server/SKY.so
__________________
SWAT vs Terrorists
Discord | Website


Last edited by Variable™; 19/06/2019 at 07:51 PM.
Variable™ is offline   Reply With Quote
Old 24/06/2019, 05:44 PM   #9
cziken
Little Clucker
 
Join Date: Jul 2017
Posts: 1
Reputation: 0
Default Re: Server exploit?

Quote:
Originally Posted by Variable™ View Post
This did the trick, thanks!

As some others had this problem, for those who need the latest SKY.so (compiled on Debian 8 amd64), you can get it from here https://h2omultiplayer.com/server/SKY.so
KEY_YES and KEY_NO not working on this build.
cziken is offline   Reply With Quote
Old 25/06/2019, 03:43 PM   #10
Variable™
Gangsta
 
Join Date: Jul 2015
Posts: 796
Reputation: 175
Default Re: Server exploit?

Quote:
Originally Posted by cziken View Post
KEY_YES and KEY_NO not working on this build.
Think this should do it
https://github.com/BrunoBM16/SKY/tree/patch-1

I'll try compiling it and see if it makes a difference, I also had the same problem with keys.
__________________
SWAT vs Terrorists
Discord | Website

Variable™ is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
New server exploit 0.3z nGen.SoNNy Server Support 33 12/04/2014 09:17 PM
Solution exploit server SA-MP R2 IvanAyuso Server Support 5 06/01/2014 08:07 PM
Significant server exploit Pottus Bug Reports 21 07/12/2013 09:41 PM
sa-mp server exploit / crasher deuszor Server Support 2 04/11/2013 12:31 AM
samp server exploit? hipy Server Support 7 09/12/2009 03:27 AM


All times are GMT. The time now is 05:23 AM.


Powered by vBulletin® Version 3.8.6
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.