The Dice Plugin Exploit (US)

[Mad_Father 295 / 6,918]

For some of those who are not aware of the issue, currently there is an exploit roaming around in US RPG Surf DM.

 

Players are using this exploit to gain unfair advantage over other players.

 

For example***:

[Nep4Lyfe] Mad Father :  !rtd 16

Mad Father rolls the dice... diced a 16 and... gets infinite ammo!

[AltAcc] Padre Enojador : omg y u kept gitting infinite ammo

[Nep4Lyfe] Mad Father :  The RNG is on my side my friend.

 

*** This conversation does NOT exist, please do NOT use this against me.

 

To reproduce this exploit, type !rtd with a number after it.

 

My proposed resolution is to limit this option for Admin+ only.

Some may say "OMG, remove this exploit or I will quit the server", well okay sir that is your decision not mine while some may say "Please don't remove the plugin because of one exploit, because the new dice plugin is more fun than the previous one but without long jump".

These two opinions from the players are self contradictory so I proposed my solution which lands some where in the middle, removed the exploit half way. This way we can also catch the abusing admins and demote them.

 

Therefore, please limit this option for Admin+ only.

 

Thanks.

[Dreae 33 / 2,726]

So is the suggestion to limit the '!rtd 16' to admins only or the entire rtd plugin?

[Roy 10,832 / 0]

Looking into this now. I will post back with the results once done testing.

 

Edit:

From a quick look at the plugin's source code, it looks like the developer doesn't know how to properly check if the user is an admin.

 

Thanks.

[Roy 10,832 / 0]

Update:

 

Alright, I have applied a modified version of the plugin to CS:GO Surf RPG DM (US). Basically, before, the plugin would check if the user had any admin flags (this includes players with Member, Supporter, VIP, etc). Therefore, anybody in a group (besides default) could type "!rtd <rollID>" and receive a specific roll.

 

I have restricted the use of the Roll ID argument to players with root (includes Server Managers, Division Leaders, etc).

 

If you have any problems after the update, please let me know! The plugin works fine on my home CS:GO server.

 

Thanks.

[Mad_Father 295 / 6,918]

Quote

 

If I remember correctly, CS:S RPG Surf DM uses the same plugin also.

 

I just went to CS:S and check and it has the same issue but no one there seemed to know about the exploitable part of it.

 

 

NEVERMIND it had been fixed.

 

On topic, everything seemed to work as intended.

I thank you @Roy for modding the dice plugin once again to save the server from imminent exploits.

Edited July 28, 2016 by Mad_Father

[Thomasdavid097 533 / 8,791]

if you do see an exploit do not use it, or tell others how to use it or I will be upset.

 

thanks for reporting it