Open GoogleCodeExporter opened 9 years ago
Pretty much impossible for us to fix without more specific information, no-one
else has reported anything, are you absolutely sure it's not an admin
(accidentally?) giving out money?
Original comment by drakehawke@gmail.com
on 4 Nov 2011 at 5:43
No admin other than me gets access to rp_setmoney (infact the command is
changed, and locked to my steamid).
I looked within sv.db, and found him, not much more to say.
But there's definately an exploit somewhere.
(Nobody can change their money adminwise except for me)
Original comment by joshbrea...@gmail.com
on 4 Nov 2011 at 9:06
What about setting the print amount of a money printer? Or changing the max
amount of money printers? Or rp_npckillpay? What about anyone with rcon/ftp
access? Or (if you use ULX), the ulx ent, ulx rcon and ulx luarun commands?
Or if you're servers been going for a while, are you sure it isn't someone with
money from a previous exploit that's now been fixed?
Even if there is an exploit, as I said before it's virtually impossible for us
to fix it without knowing the method used.
Original comment by drakehawke@gmail.com
on 4 Nov 2011 at 9:32
The exploit is with the new refund system Drake.
Original comment by rokro...@gmail.com
on 5 Nov 2011 at 9:34
Original comment by fpeijnen...@gmail.com
on 5 Nov 2011 at 11:17
Original issue reported on code.google.com by
joshbrea...@gmail.com
on 4 Nov 2011 at 2:02