Open lDrDooml opened 3 months ago
agreed , this should be top priority IMO, its dumb that some nasty players can still load custom content on competitive gamemodes to gain massive advantages over the rest of players with the excuse of "i just want my favorite mods on versus", knowing that you can literally host a local server to allow mods if thats the case, but right now this method is just so popular on the official server to the point were is just hard to tell which player is legit or either abusing this method to had better "vision" , "less distractions" etc. -no boomer vomit screen. -brighter infecteds -traslucent stuff. -quieter / louder sounds. -bigger models or traslucent models like foliage and stuff
Hi again, days after trying my possible solution I can confirm that it works, if the player has the gameinfo.txt
file modified, it does not let him enter the server.
This is what my whitelist.cfg
file looks like:
whitelist
{
//
// 4 modifiers are allowed on file specifications:
//
// allow_in_coop - these files can be loaded from addon vpks when in coop mode
// allow_in_addon - these files can be loaded from addon vpks when playing an addon.
// check_crc - these files will always be CRC checked.
// check_every_map - these files will be checked every map
//
//
// Five types of file specifications:
//
// 1. directory\*.* - refers to all files under the directory
// 2. directory\... - refers to all files under the directory and all directories under that (recursively)
// 3. directory\*.*+.ext - refers to all files under the directory with extension .ext
// 4. directory\...+.ext - refers to all files under the directory and all directories under that (recursively) with extension .ext
// 5. directory\filename - refers to a single file
//
// Files to be checked:
//
left4dead2\pak01_dir.vpk check_crc
left4dead2\steam.inf check_crc
left4dead2\gameinfo.txt check_crc
left4dead2_dlc1\pak01_dir.vpk check_crc
left4dead2_dlc2\pak01_dir.vpk check_crc
left4dead2_dlc3\pak01_dir.vpk check_crc
update\pak01_dir.vpk check_crc
}
Unfortunately, the solution presented above can be trivially bypassed, so this will require a C++ fix from Valve.
Unfortunately, the solution presented above can be trivially bypassed, so this will require a C++ fix from Valve.
You should explain how this can be bypassed, I just tried this method with my servers and after connecting I was kicked out with the following reason:
The only thing I can think of on my part would be the player trying to force variables like sv_consistency
to 0
but this problem would only occur on official servers. Valve should implement something that checks player variables before entering the server.
Description
Hi, this has been known for quite some time around the community, adding a directory to gameinfo.txt allowing the loading of mods and bypassing any server-side security methods.
Reproduction steps
Step 1: Create a folder with the name you want within the main game folder.
Step 2: Place the mod you want to install inside the folder you created. Then change the name of the mod to
pak01_dir
, otherwise it won't work.Step 3: Open the
gameinfo.txt
file located in theleft4dead2
folderStep 4: Create a new line in
SearchPaths
Step 5: once all the steps have been completed you can play with the mods you want without any restrictions.
Possible solution:
Add
gameinfo.txt
by default to thewhitelist.cfg
file (located in the left4dead2 folder) so that it performs checks before entering an official or third-party server. In case thegameinfo.txt
does not match the server, the player will be kicked.Additional files
No response