mikeisastar / counter-strike-remote-code-execution Goto Github PK
View Code? Open in Web Editor NEWInjects arbitrary code into a client's game.
License: GNU General Public License v2.0
Injects arbitrary code into a client's game.
License: GNU General Public License v2.0
Patch for CVE-2023-35855, Windows build 8684 (pre-HL25 Anniversary, aka "steam_legacy" branch) for all mods.
By the way, this exploit is not only for Counter-Strike but works for other Half-Life mods too.
Original 8684 hw.dll
File: hw.dll
CRC-32: f7dcffd9
MD4: 3db85c7df94b2e5bddbbbeb0d741999b
MD5: a74c64de593e2533c04200c5417bd9e9
SHA-1: f0f7372692f285154c76be35fc50b89ed0ea2d18
Patched 8684 hw.dll
File: hw.dll
CRC-32: eca35f3d
MD4: 1be4615a18dd7051f68ce2d98ba46e50
MD5: a121c926bc1dd90d0a8632766d228c4d
SHA-1: 51c2ecb1ab8241b6afeae535a6a66dbd73a00a65
Prepatched
hw_dll_8684_patched.zip
Manual patch
https://gist.github.com/anzz1/71689275ed722492da7ec7c02a41b867
Info
Instead of patching the underlying overflow, which is the use of unbounded sprintf
instead of snprintf
in the mod dlls (mp.dll/hl.dll/opfor.dll/etc.), and having to do it for each mod separately, the better way is to block server from sending the lservercfgfile
to a client at all. It's clearly an oversight, since it's not a cvar that server should be able to set on a client.
After patching:
Server tried to send invalid command:"lservercfgfile "MikeStarMikeStarMikeStarMikeStarMikeStarMikeStarMikeStarMikeStarMikeStarMikeStarMikeStarMikeStarMikeStarMikeStarMikeStarMikeStarMikeStarMikeStarMikeStarMikeStarMikeStarMikeStarMikeStarMikeStarMikeStarMikeStarMikeStarMikeStarMikeStarMikeStarMikeStarMikAAAA";map de_nuke
"
No more crash ๐
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.