search

Speyedr / socialclub-notification-blocker

Next-generation firewall (NGFW) that supports blocking SocialClub Overlay notifications.
GNU General Public License v3.0
93 stars 14 forks source link

[Bug] Program crashes immediately if gethostbyname(CLIENT_POST_HOST) fails #25

Open Speyedr opened 2 years ago

Speyedr commented 2 years ago

Description When starting the program, FilterSettings.SERVER_IP attempts to resolve the IP address for the class attribute CLIENT_POST_HOST, which more specifically is the URL prs-gta5-prod.ros.rockstargames.com. This IP address is then used in two PyDivert filters, which can be found here. These initial filters help reduce the load on SCBlocker by allowing any packet which does not match the filter to be immediately let through, as these initial filters have been designed such that any packet which does not match these initial filters would always be allowed through anyways.

If this IP address cannot be resolved, the initial filters could not be constructed as they currently are. However, as there is currently no error handling for the method mentioned above, the program crashes immediately and without any error message, and the error isn't even added to a log file as the crash happens before SCBlocker even reaches main().

Although under normal circumstances this method should never fail, very strict firewalls or attempting to run SCBlocker without an internet connection can trigger this behaviour.

How to reproduce Steps to reproduce the behavior:

  1. Disable your internet connection / block access to prs-gta5-prod.ros.rockstargames.com
  2. Run SCBlocker.exe as Administrator
  3. Window opens, then closes immediately
  4. In order to see the full error message, you need to run SCBlocker.exe from an elevated command prompt.

Screenshots / Debug.log messages image

System Information

Additional context DROP_INC_80 will still work even if SERVER_IP cannot be resolved. The program could keep attempting to resolve SERVER_IP until it is successful. The IP that is resolved seems to be static and within R* / T2 IP-space, so an alternative would be to set the filters to use a regex (I think Guardian 3.0 did this?) instead of the 1 IP address.

Speyedr commented 2 years ago

This is what I was talking about by just filtering the malicious traffic. You're either going to be playting circle jerk trying to find all the edge cases that causes the game to crash by doing this and allow it, or you can stop it now and just filter malicious traffic. I been down this road before when I tried to spoof SCIDs in lobbies to stop Join by SCID, but it fucked up my garage and all my businesses. The SCID API is gay.

Perhaps the Issue description was a bit confusing, however this is not affecting the game / causing the game to crash. It's an unhandled exception in SCBlocker itself, which causes SCBlocker to instantly close.

Properly spoofing TCP is still planned, will probably be part of v0.3.

I've been thinking more and more about how I could "attack" encryption without modifying the game directly and I have some ideas, but it's still not going to be used in this project specifically unless it becomes absolutely necessary.