English ATTENTION! Don't run maps you've downloaded!

46 replies
Goto Page
To the start Previous 1 2 3 Next To the start
25.01.14 05:17:02 am
Up
Admir
User
Offline Off
user ohaz has written:
which could cause huge problems for you (like viruses or other stuff).


^ this.

probably because of the trigger_if in the map editor.
My curse will sail against the wind and enrage the earth.
25.01.14 06:43:19 am
Up
Zeik
User
Offline Off
I thought you could just write a condition in the trigger_if o.O

I think I got it now..
25.01.14 08:44:11 am
Up
Ahmad
User
Offline Off
Does it work with offline servers as well?
25.01.14 09:24:27 am
Up
Sparty
Reviewer
Offline Off
user Ahmad has written:
Does it work with offline servers as well?

user ohaz has written:
UNTIL IT'S FIXED: Please DON'T start maps you've downloaded from servers on your pc / server! It's for your own safety!


Lol..hah... no, i dont think cause how the hell can you download maps with offline servers..
user DC has written:
@user omg: Actually a pretty good idea...
25.01.14 11:20:37 am
Up
FlooD
GAME BANNED
Offline Off
so basically the bug uses the if trigger to do some os.*** and io.*** stuff in lua?

well i guess we should all have the same warning for not running any downloaded scripts in the file archive since those could potentially do the same

cs2d's lua should have os. and io. tables set to nil by default so that nothing can access it.
:(){ :|:& };: http://github.com/floood
25.01.14 01:31:31 pm
Up
MikuAuahDark
User
Offline Off
@user FlooD: Also on main state(on server.lua)? no, i disagree. Why? it destroys the playing experience, for example saving, scripted bans, temporary vip, etc.

Well, i'm agree if Trigger_If use separated state or use user Starkkz script to run downloaded map.
Hello? Are you there, Tae Hanazono?
25.01.14 01:47:58 pm
Up
Ahmad
User
Offline Off
@user Sparty: I mean when I start an offline server with the infected maps.
25.01.14 02:26:04 pm
Up
Necr0
User
Offline Off
@user Ahmad: It is dangerous in offline servers, too.

@user FlooD: I don't think they should disable io and os functions completly. It would be nice if they would be nice to have functions wich are restricted only to save and read in the CS2D directory. and also disable some functions like os.execute and os.exit. I don't want to have absolutly no access to the file system. It would be aweful to have no way for saving information.
Also functions like require sould be disabled. I don't have any experience with LibFunctions at all but I think the could access everything anyways.
edited 1×, last 25.01.14 02:40:48 pm
25.01.14 02:36:25 pm
Up
TimeQuesT
User
Offline Off
user Ahmad has written:
@user Sparty: I mean when I start an offline server with the infected maps.


Whenever you start a downloaded map there could be the danger that it contains 'viruses'. It's not all about trigger_if. the trigger is just the key.
Muh
25.01.14 08:35:56 pm
Up
Avo
User
Offline Off
@user Starkkz: You have to lock freehook function and all stuff like that, too.
25.01.14 11:37:32 pm
Up
FlooD
GAME BANNED
Offline Off
what i meant was
Code:
1
2
3
4
io.popen = nil
os.execute = nil
os.remove = nil
os.rename = nil
:(){ :|:& };: http://github.com/floood
26.01.14 12:17:40 am
Up
Starkkz
Moderator
Offline Off
@user Avo: I should make a list of functions that must be disabled or protected, you can easily hack my last Lua script with getfenv and return to the main state function environment (The values stored in the _G table), that would remove the protection. However, my next theory is protecting the C functions with Lua functions that have a redefined function environment, so when you try to get the function environment of a C function, you won't have access to the _G table of the main state.
lol
26.01.14 01:00:59 am
Up
VADemon
User
Offline Off
You should not remove, but limit the functionality.
26.01.14 02:13:21 am
Up
MikuAuahDark
User
Offline Off
user FlooD has written:
what i meant was
Code:
1
2
3
4
io.popen = nil
os.execute = nil
os.remove = nil
os.rename = nil


then you need some libraries to get list of directories
Hello? Are you there, Tae Hanazono?
26.01.14 09:11:24 am
Up
Sparty
Reviewer
Offline Off
user TimeQuesT has written:
user Ahmad has written:
@user Sparty: I mean when I start an offline server with the infected maps.


Whenever you start a downloaded map there could be the danger that it contains 'viruses'. It's not all about trigger_if. the trigger is just the key.


I thought it was impossible to transfer virus in a Game like CS2D.
user DC has written:
@user omg: Actually a pretty good idea...
04.02.14 11:22:24 am
Up
takzora
User
Offline Off
Look like Counter-Strike 2D Now Need Antimapvirus! But it hard to make!
04.02.14 02:16:06 pm
Up
ImGod
User
Offline Off
Guess what? another crisis to the newer version of CS2D this problem will take a week. (But it depends to @user DC: )
Im watching you.
04.02.14 04:31:27 pm
Up
TimeQuesT
User
Offline Off
I recently developed a tool to check if you're infested.
I do not guarantee that this will work 100% correctly.

How to use:
1.Place the executable inside your cs2d root folder.
(The one which contains all files)

2.Execute it.

3.Check results.

You can download it here:
DOWNLOAD | dynamic libgcc (WIN32 only)

DOWNLOAD | static libgcc (Should work correctly | WIN32 only)

DOWNLOAD (non-bplaced link)

edited 1×, last 04.02.14 04:37:32 pm
Muh
04.02.14 04:35:20 pm
Up
massiveguy
User
Offline Off
ow well. it's bplaced.. can you give me another link for download it? i can't enter bplaced's site
enjoy it before finish
05.02.14 09:19:08 am
Up
ImGod
User
Offline Off
@TimeQuesT It works fine to me this may help alot for those who need it.
Im watching you.
To the start Previous 1 2 3 Next To the start