Garry's Mod

Garry's Mod

No Collide World
Thomas 2017 年 8 月 7 日 下午 2:41
Dupe stealing/removing/unfreezing exploit
Hi,

It was brought to my attention that your tool allows players to essentially assume ownership over others' entities regardless of prop protection.

In your script, you aren't doing any checks with the "Nocollide within Sphere/Box" options (#6, 7, 8, and 9) to see if the player using the tool actually owns the entities before applying the constraint between them.

Typically you would check if the server has the Common Prop Protection Interface (CPPI) and that the entities have the ENTITY:CPPICanTool method implemented, or just do a normal hook.Run( "CanTool", ... ) call and see if the server allows or prevents the action.

Without the checks, players are currently able to constrain other players' entities to their own, thus allowing them to use Advanced Duplicator 1 and the generic Duplicator tool to steal the entire contraption. Similarly, since the entities are now constrained, players can press R to unfreeze the dupe, breaking it entirely and potentially crashing the server. Players can also undo their entities and coincidentally delete the constrained entities that don't belond to them.


This is a serious concern for any building server, and I strongly urge you to patch this exploit.
< >
正在显示第 1 - 4 条,共 4 条留言
greda u svemiru™ 2019 年 1 月 10 日 上午 7:56 
get better at PvP
Limestar 2022 年 2 月 23 日 上午 3:25 
who cares bro
ilovepancakes1012 2022 年 7 月 13 日 下午 5:25 
add it urself if it matters this much
ÆK47 2023 年 5 月 24 日 下午 3:26 
i found an exploit too. it lags servers, HARD.
< >
正在显示第 1 - 4 条,共 4 条留言
每页显示数: 1530 50