JediDog Fix

It'd be lazy to just quote the previous version reviews, wouldn't it? It's tempting, though. Don't think anyone has ever done triple-nested...

Download

Uploading...
Do not refresh or leave this page!

File Description

It'd be lazy to just quote the previous version reviews, wouldn't it? It's tempting, though. Don't think anyone has ever done triple-nested quotes within a review on the site since it's birth. Let's make history!

This small utility is designed to prevent the use of various exploits that unsavory users might use to crash your JK2 1.04 server. There is a detailed list of the exploits that are now prevented, and the author goes so far as to say your server will now be uncrashable. I'd not go that far, since people can always cleverly find new ways to make your life miserable, but in any case it should certainly help. Unfortunately according to the author this fix is not compatible with other server mods, which is a shame. Be sure to check the read-me for information on the specifics of what this mod fixes.
Version two of this fix introduces a few more exploit fixes, including a bunch of crash fixes as well as some improved logging. Make sure to check out the read-me for a full description of the features and updates of this mod as well as how to use it!

Version three is here with some more updates! It also seems to fix some bugs introduced in the earlier two versions, so if you've already been using this fix make sure to get this new version. Check the read-me for a list of new updates in this version.

~Inyri

So, what's new since v3?

Updated anti-flood and anti-force crash protection, removed features relating to the name crash, new client message identifying the mod to new clients (and an rcon/config parameter to disable those), and the addition of a brand new anti name crash feature; I'm guessing the old one was flawed and it was simpler to rebuild than fix. There's also an "enhanced" defense against the 'fake clients' denial of service attack, which oughtta be enough to stop most attempts at server crashing dead in their tracks. I ran five seperate attacks and none of them worked, could've tried something a little more.... 'intensive', but chances are anyone who'd waste their time attacking a JK2 server doesn't have that kind of firepower anyway. It's more than sufficient for everyday usage.

If you've been looking for a small security-themed server mod for baseJK2, then this means no worries for the rest of your days- wait, no, sorry, that's Timon & Puumba. But the point still stands.

~ Kouen

hakuna matata! *runs away*

Read More

Download 'jedidog_fix_v4a.zip' (263KB)

Readme
*****************************************

Jedi Knight II: Jedi Outcast MODIFICATION

*****************************************

~!~ JediDog Fix™ v4a ~!~

~For JK2 1.04

Note: if you are reading this windowed in a notepad, I recommend maximizing it and going to format and checking word wrap, so it is easier to read.


*~~~~~~=~~~~~~=~~~~~~=~~~~~~=~~~~~~=~~~~~~*
Modification contains:
Patches & fixes:
-Anti Model Flood
-Anti Saber Flood
-Anti Name  Flood
-Anti Force Crash
-Anti MSG Boom
-Anti Name  Crash
-Anti Fake players
-Other Minor Fixes/Patches
Server Extras & Commands:
-RCon Command, Slap
-RCon Command, Sleep
-RCon Command, CSay
-RCon Command, jd_CloseServer
-RCon Command, jd_Messages
Client Extras & Commands:
-Sit emote command for clients
-Help Command


*~~~~~=~~~~~*
v4a Version Info:
-Added rcon command, jd_Messages, which enables or disables the messages like when the client enters the game and it says "JediDog's Fix v4. Type /help for more information." Some others it disables like when the server is closed the msg will not appear. When a client is slapped that message will not appear. When a client is put to sleep it wont show that message either. It'll still show if it's on, if it's off these messages are disabled.


*~~~~~=~~~~~*
v4 Version Info:
-Fixed Anti Flood
-Fixed Anti Force Crash
-Added a New Enhanced version of Anti Name Crash
-Added a MSG for when client enters game, saying "JediDog's Fix v4. Type /help for more information."
-Enhanced Anti Fake Players
-Removed old Anti Name Crash
-Removed Anti Name Crash, Anti Force Crash, and Anti MSGBoom Messages & Logs


*~~~~~~=~~~~~~=~~~~~~=~~~~~~=~~~~~~=~~~~~~*
Installation:
Put it in your base. After testing it appears you cannot run this mod with another mod. It is lame, I know, but I guess for those of you who do not have any mods in your server this will be fine. It does not take the server off the list when you press Game Version: All/JK2... when it is on Jedi Knight II it'll still appear on the list.


*~~~~~~=~~~~~~=~~~~~~=~~~~~~=~~~~~~=~~~~~~*
Commands:
-jd_CloseServer = Closes and opens the server whenever you turn it on. (0 = off, 1 = on) Default for command is "0" which is off so players can enter.
-jd_Messages = Disables or enables the messages that automatically print when triggered, like when client enter games, when admin slaps or sleeps another client. So they will no longer show on your screen if it is on off (0). (0 = off, 1 = on)
-Slap = /rcon slap #clientNumber# and the client will be slapped up. Can only be used in FFA game type. (So people wouldn't cheat if it's in duel game type... or if it was in CTF and they had flag it wouldn't ruin it.)
-Sleep = /rcon sleep #clientNumber# and the client will be put to sleep and will not be able to move. Can only be used in FFA game type. (So people wouldn't cheat if it's in duel game type... or if it was in CTF and they had flag it wouldn't ruin it.)
-CSay = /rcon csay <msg> and the message you type will appear in the middle of all client's screens.
-Sit = lets client sit down with their legs crossed.
-Help = displays helpful info, including mod & contact information and lists the Fix's commands.


*~~~~~~=~~~~~~=~~~~~~=~~~~~~=~~~~~~=~~~~~~*
Extras:
-Logs that show IP & info when a client connects, whether they are a fake player or a client with illegal characters.
-Fixed /rcon <msg> & /rcon say <msg> next line bug. Also made it with a few colors. It appears as ^5[^7Server^5]^7:


*~~~~~~=~~~~~~=~~~~~~=~~~~~~=~~~~~~=~~~~~~*
Descriptions of how the exploits work in JK2 1.04:

--Model, Saber & Name Flood - the reason this lags you, lags you out, slows you down or doesn't harm you at all is quite simple. It lags you because the overflow you are loading onto your client, in front of some one is more vulnerable because you have to visually see the changes. If you have higher ping you are more vulnerable because it overflows the amount you have and since you have low connection to the server it's more dangerous. The reason(s) it doesn't harm you is because you have very low ping (around 50 ping) or your rate is too low. Change your rate by /rate 75000 that'll stop it if your ping is <100. If your ping is 150+ you're quite screwed. :)

--Force Crash - OK, the reason this works is also simple and sort of logical. If you change your force powers into a number that is not in the calculations of what is set to a proper amount of force (forcepowers 7-2-3333333333333333) it sort of glitches itself since it is not the correct number in the calculations of the force powers. Thus meaning since it is not in the correct calculations, it errors and messes up and causes the server to crash.

--MSGBoom Exploit - MSGBoom in JK2 1.04 is similar to a flood. It sends a large message to the server overflowing it and acting as a flood to client(s) possibly lagging you out. Usually when you are flooded or msgboom'd you will either get "Connection Interrupted" message or be sent to your main menu.

--Illegal Characters Crash(IN THEORY) - I'm not really sure 100% why this works either but I have a theory. The reason I said "illegal characters crash" is because JK2 doesn't support the ASCII characters. In the source code there’s this little line right here (example): trap_SendServerCommand( -1, va("print"anything can go here but if it has illegal characters in it like º¿§ï¡â it'll create the bug"));. Some times just having that in your name and talking will make you bug but not crash from my tests. That is how I fixed the crash using a hex editor in JK2 1.02. If that message isn't there and there is no "SendServerCommand of their name" the server can't be sent a message from that part which prevents it. Thus meaning that it 'implodes' itself by having it being sent the illegal characters ending up in a crash like force crash.

--Fake Players - Fills up server so that no one can join, it is more of an annoyance than a problem. In rare cases, it can cause the server to crash.


*~~~~~*
The fixes in this mod that prevent those bugs above in JK2 1.04.

--Model, Saber & Name Flood - I tried making this blend in so it wouldn't be too noticeable unless you actually tried to flood. It prevents UserInfoChanges from changing within .50 of a second. That's "wait 50;" is the max you can go in a UserInfoChange (model, saber, name, force). I used to have it as you have to wait three seconds in between changes but that was just too annoying, so I put it as .50 so it's nearly normal and less annoying.

--Force Crash - This fix is a work-around using Gamall's fix for it. The fix does not allow any force string that is not within the field of "#-#-################" the first # is what g_maxforcerank is on, 7 is Jedi Master. The second one can only be two numbers, either 1 or 2. One stands for light side of the force and two stands for dark side of the force. The last 16 numbers stand for whatever you chose. So the string should look like 7-1-332003023030303213.

--MSGBoom Exploit - It will not flood out anyone nor crash the server with this mod. It basically drops any large msg coming to the server and doesn't allow it to be shared. There four Anti MSGBoom in this fix. :D

--Illegal Characters Crash - parses userinfo so that if they have illegal characters, they appear as a period.

--Fake Players - Denies fake players connection by checking userinfo if it is correct, if it isn't they will be denied access into entering the server.


*~~~~~~=~~~~~~=~~~~~~=~~~~~~=~~~~~~=~~~~~~*
Comments & Notes:
-This should result in your JK2 1.04 server being uncrashable. I say that because these are the only known crashes. So if there is any new crashes there will be another version fixing it from this.
-Some of the most popular mods aren't fully protected:
--DS-Online v1.32 is vulnerable to name crash/glitch.
--DC Mod v1.2 is vulnerable to flood.
--Jedi Academy Mod 1.6 is vulnerable to flood, name crash, force crash and fake players.(That was a horrible mistake not to patch against any of those for JAMod.)
---DS-Online v2 has fixed all these bugs that this mod has fixed. But it appears it is still in the Beta testing.
---Clan Mod v2.04 has the main fixes that this mod has. The same ones though because I put them in the Clan Mod.
-This is still a basejk2 fix. I added the extras so that people would have more fun. If I wanted this to be a bigger mod, trust me it would. :)
-Version 4 is the best one yet, compared to 1, 2 and 3... they suck. :)
-Above all, everyone have fun playing JK2 on any version that you play on.


*~~~~~~=~~~~~~=~~~~~~=~~~~~~=~~~~~~=~~~~~~*
BUGS: None that I am aware of.


*~~~~~~=~~~~~~=~~~~~~=~~~~~~=~~~~~~=~~~~~~*
To Contact me & find more fixes and future updates go to
http://jedidog.freeforums.org/


----------------------------------------------------------
~*Credits for helping, creating & testing:
Dark (creating/helping)
Killa (helping)
Luigi (helping)
Gamall (using his anti force crash)
Falassion (testing)
Ninn (testing and providing a server for me)
Anarchy (testing)
BigRob (testing)


=========================================================
THIS MODIFICATION IS NOT MADE, DISTRIBUTED, OR SUPPORTED BY ACTIVISION, RAVEN, OR
LUCASARTS ENTERTAINMENT COMPANY LLC. ELEMENTS TM & © LUCASARTS
ENTERTAINMENT COMPANY LLC AND/OR ITS LICENSOR

Read More

Comments on this File

There are no comments yet. Be the first!

JediDog


50 XP


Registered 18th January 2008

4 Files Uploaded

Share This File
Embed File