⚠️ Is CS2 Safe To Play Again?
HTML-код
- Опубликовано: 19 окт 2024
- A couple of days ago, CS2 players woke up to countless posts urging them not to play the game. Why? Because massive exploits were found.
Ones that could involuntarily show you material you didn't want to see, remove items from your inventory, or even literally doxx you.
It's supposedly been fixed but is it really safe to play again?
Written & Hosted by: Devil Coull (@Fake_DevinCoull)
Edited by: Connor Dunn (@connordunn_)
Produced by: Danny Burke (@lurkeyburke)
All footage courtesy of: pastebin.com/W...
Music used under license from Associated Production Music LLC (”APM”).
Follow us on Twitch: / thescoreesports
Follow us on Twitter: / thescoreesports
Follow us on Facebook: / thescoreesports
Follow us on TikTok: / thescoreesports
Follow us on Instagram: / thescoreesports
Valve definitely needs to let it’s community know. If there is things as bad as xss that could possibly hack your computer. Valve needs to let people know if it’s safe to play there game instead of fixing it in silence and letting users be unaware
expecting anything of valve when they've given a free pass to cheaters to run rampant for yrs now
Its surprising they even fixed it and you expect them to do any more 😂😂😂😂
As bad as it is in a case like this, Valve doesn’t communicate. But they listen and work. And they do it well.
Their motto is ‘no communication is better than bad communication’.
Critical cases like this should be communicated in my opinion tho
@@starstencahl8985 there is also a possibility of good communication. They should try it sometimes.
check the newest patch notes.
I love the fact that I can no search through social media to find out if my favourite game is even safe to play without the devs mentioning any word about this. Way to go Valve!
The thing that pisses me off about steam and their CS2 dev team is not that these issues are happening, shit happens all the time with every single game and I would argue something like this isn't new. The thing that really pisses me off is how quiet they are, everyone is demanding that they communicate and work with the community. They don't. They have zero desire to communicate or announce to anyone publicly.
twitter moment
Announcing security issues is a double edged sword, especially if they don't have a fix ready to go.
Which is exactly what they’ve consistently communicated to players for over a decade. They don’t want player feedback to influence the development of their games. It’s a big part of why their games are so successful. It’s why games developed prior to social media are still so good, and why every modern live service game is one bad content release away from being abandoned by its fickle, entitled payer base.
I'm really disappointed of valve since they don't ban cheaters but people with high dpi.. I lost 20k in skins
@@snareplug3872 Yeah I was warned by friends not to joke around with high sensitivity for a false positive. Although surely it'll get reversed? I heard that Valve is pretty good with reversing falsely given VACs?
As a web developer you deal with the chance of XSS often. But these days it's very uncommon due to how robust input processing has become. So it's honestly quite embarassing for Valve to have such a simple exploit manifest in their game code, if SLIGHTLY understandable due to how they build everything bespoke.
It wasnt XSS
@@okiabetter okay, what was it?
@@nisem0no just display of html code but no script can be run
@@ashadowintime7305 an image tag that gets rendered on other clients is XSS. You can cause havoc with just an image. It's still injected code. Not sure what you mean.
@@ashadowintime7305 How would you know?
People are fkn crazy. To go out if your way to ddos a strangers internet should be punishable with jail time and huge fines. I got DDOS back in csgo amd it lasted 2 weeks ffs. Had to get all new internet lines and the whole 9. I was pissed but i was more mad that these unhinged lunatics can go around doing it freely to whomever they cross paths with
In most areas, it is highly illegal
It's highly illegal, and if your smart, hard to track. The internet is a really hard place to monetize and control.
They're not saying anything because 100% Valve are embarrassed. This is an elementary concept taught to anybody learning about anything involving APIs: sanitize your inputs. Not surprising they didn't want to acknowledge that this even was a problem and that they just want this to blow over.
Either that or they pulled a gigantic brain move and allowed this on purpose to make us believe that they can't be trusted with kernel access so they don't have to make a proper anticheat, when they're just too lazy to do so.
A kernel anticheat wouldn't do anything. Valve's mantra is to avoid the "treadmill" of work and this kernel thing wouldn't work for every machine (eg: Steam Deck/Linux) . You're also putting a potential security hole in your system, and people can just make kernel-level cheats. And on top of that, the "current" anticheat (is there even one?) is easily broken, and you're just taking the fight from somewhere that the OS and the like can reasonably guard against to something where you can brick someone's PC if there's a single exploit.
I think the reasonable system would be to properly return the Overwatch system, or really just how CSGO handled it; If the cheaters aren't banned, they'd at least be in low trust factor and would therefore end up away from most of the playerbase. Their AI ban thing (VACNet) is doing absolutely terrible at banning actual cheaters (look at all the false bans you can make) and they currently seem to just only be running that and the usual VAC stuff that games like TF2 ran (which can also be very easily bypassed).
Really, the entire state of CS2 is all on fault of Valve. They replaced a working game with a game that doesn't work as well (in this case, the anticheat side) and it's suffering hard. And the rushed as hell development makes it all the worse. Nothing else killed CS2 more than Valve themselves. The cheaters are always a problem, but Valve is seemingly done playing the fateful cat and mouse game, and the game's suffering as a result. If a kernel anticheat did come with CS2, it'd be bypassed, broke, and possibly exploited quickly if Valve doesn't stay at the ready. And it seems like TF2 was the writing on the wall for this. That game is more cheater infested than ever at the minute, and CS2 is seemingly right up there with it, with both games having a not very good outlook on being cheater-free anytime soon.
I've had this happen to me in CSGO as well. A hacker that landed up in my team got annoyed cause we team reported him and told me the exact location of my home somehow.
It’s impossible to get your full address from any steam information unless they had access to your shipping address. You were most likely doxxed in the past and didn’t know it.
@@DaBigSkidd By exact I meant within a 100m radius.
@@ShinAkuma 100 mile radius, so he grabbed your ip? If they joined your lobby that’s a known exploit that was patched in the last remaining year of CSGO
@@ShinAkuma csgo isnt p2p so I’m not too sure how he could have done it if it was in match
@@DaBigSkidd Meter, not mile.
the mmo "new world" had this problem on release, though it was restricted to things native to the installed folder. but people found that you can crash peoples games by pointing to an image or file that just doesn't exist if they moused over the item.
The more entertaining part was that people used it to spam a GIANT version of the sausage item from the game.
CS2 moment after CS2 moment :(
You used OWASP to explain XSS.... i am impressed.
Good work theScore esports!
A statement from valve would have been necessary tbh.
Literally had TODAY a guy using the script bruh
2german guys were acting as if they hated each other, kept tryna vote kick each other, then i realised what their nicks were showing on the leaderboard and in the kick meniu were different, bro i dont think its fixed fully, on the kick screen it said txt something… and their nicks was different…
It's only showing a plain string. But that's literally it - anything else is fixed
At this point I'm just gonna quit. I'm tired of having to be paranoid every time I launch the game. It's been a fun 20 years, but I'm out.
Let's be honest, you aren't, and neither am I. This game is too fucking addicting. Valve probably is calling our bluff but real talk the community needs to actually stop playing this shit until it becomes playable
Man its hard, but until this game is fixed, im just playing valorant from time to time, it helps me to stay away from cs during this shitshow
@@jdyeetyawwthe game is playable though idk what you on about
@@qwertyrewtywyterty premier and faceit rank?
@@jdyeetyaww just official premier 19k
Valorant didn’t kill cs cs 2 kill itself
This is like the Chicken incident in R6 Siege.
in recent patch notes they said "Fixed multiple exploits that allowed adding non-text data into UI labels". very cryptic way to say its patched
sounds cristal clear to me..
say something is cs2 fucking playable again? !!!!!!!! Yes or NO
I think the inventory thing is impossible, unless you gain access with the valve database first then sure the inventory delete is possible
It's a hugely overblown issue, that didn't do much except giving random dudes your ip - oh no, how scary 😂
The real problem was the Workshop map issue, not the one we're discussing here.
Both got fixed within a day.
this game will never be safe
Valve is making riots spaghetti look good
Yeah, the XSS is not that bad of a vulnerability, that's actually a sane take. 10 years ago nobody would've taken it seriously. Same as IP adresses, many hosts know your IP. But don't get me wrong, it's a good thing people are finally getting more sensitized. And this one caught me really off guard when I heard it the first time because that was the last place I'd ever expect to render HTML. But I guess everything is a webapp nowadays. EVERYTHING. I could imagine there aren't a lot of people who are good at gamedev and security at the same time but unfortunately they intersect in multiplayer games.
literally just had a hacker in death match lmao
no regrets grinding valorant, I completely give up on cs2
Why do people think that having their IP revealed is dangerous? You share it with every single website you visit and can change it in 5 seconds.
You do know that random people on the internet having my ip could cause problems? Most websites encrypt this kind of thing behind several layers.
@@speedforce8970 no they dont what are you talking about, yes in most modern games (except gta because they are stupid) players do not have access to your ip address but every website you access does and that is not encrypted. however someone having ur ip address isnt usually a big deal since most ips are dynamic so even if someone tries to ddos you, you can change ur ip pretty quick with a router restart. if you have a static ip you might wanna consider using a vpn
They did release patch notes on 13.12.2023. Check them out
CS2 went from the long expected Source 2 upgrade, to the most disappointing release in a long time to litteral malware in less than a year!...
is right next to Overwatch 2 at this point
It is slightly better than overwatch 2 still.
Csgo had a couple days once where a security exploit was found and we all didn't play for a few days lol, can't remember what it was tho
They're releasing patch notes late for some reason. The ones for the fix are out, but there's just been a 1+ gb update and no patch notes yet
I wasn't playing yesterday because i had no idea it's patched. Now that i read update notes i could play with relief
If your computer sends a plain request to any server or device; it is extremely like if not guaranteed for most users that your IP will be available to the receiving party of the request. A request can be for almost anything, ranging from text, ext assets, pictures, to your pc just pinging a server.
The thing of items being removed from an inventory is straight up incorrect and not possible the most they can do is force you to trade the items out.
How come Valve got away with making a "sequel" that was just a graphics update, but Blizzard didn't?
Ever worked with ppl who stays silent when they make a mistake?
I work with this kind of ppl every day
Same energy
Ive been playing this whole week and ive nothing seen out of the ordinary. Vote screens just looked normal and beside that the Ip adress they will probably gather is the location of the city my provider is based on. So i wish them goodluck.
"i already changed it", Yes the public ip adress changes alot, because your isp does that, because most times you borrow ip adressen from your isp, if you have not bought or rented one actively. your private ip adress cant be changed, so this (i know it is a joke) statement is not true.
how can riot do such a good job and valve can't? I am not comparing the game, I am comparing the backend, how are 2 games so similar so different in terms of security and playability?
Because Riot believe it or not knows how to take care of their games, their community and everything else. VALVE on the other hand is like the father that goes for a pack of cigarettes and never comes back
Damn CS 2, what is HAPPENING?! 😮
to be fair at this point I understand why valve does not want a kernel level anti cheat. they simply cannot handle the responsibility.
"I started playing The Finals and that was more fun."
WELP, that aged like friggin milk my guy 😂
"thousands of innocent ppl banned" they are called cheaters and that game is filled with them thats why ppl dont wanna play its 70% cheaters and teams with wallhacker
That has nothing to do with his statement. It is a fact that thousands of non cheaters got banned
Your IP address is basically public, non-issue. The RCE on the other hand...
Worst they can do is DDOS and try to extort you for money. The geolocation for my IP address ain't anywhere close to where I live.
Unfinished game with security exploits and bugs?
I think I can wait until this fiasko is completely over maybe next year.
When are people going to admit that CS2's launch has been one of the most disastrous in history?
.... they are
the thing that grinds my gears the most is the premier matchmaking. 5k against 13k? 5 matches in a row?? now thats some bs.
GTA V had the same problem but Valve cares unlike Rockstar. Also such problems (malicious exploit) has been common in Valve games due to open modding support and it's patched almost regularly after it was reported.
You guys are the GOATS
Valve attempting the Make a polished game challenge (They will never do it)
valve is a billion dollar company how tf is this possible
Good thing I blocked avatars since day 1 😂
This is why I just do private server by myself. Just having fun with own workshop and stuff
Wait what? i have been playing without knowing anything about it till now 💀
And I thought I was crazy that my stickers were scraped..... this is insane. I'm guessing valve won't compensate for that . bullcrap company
I wonder if any ip grabbers were smart and make the picture look like it was just a normal vote to not arouse suspicion
Short answer "NO"
So is it safe to play right now or not? Or should we just wait until an official announcement from valve? Somone tell me please
if you know nothing about computers then i guess getting your IP leaked is super scary in reality it doesn't matter
a small indie company couldn't sanitise inputs haha
Lol, they just dropped the update to fix multiple ways to implement stuff in their UI.
I think im getting ddosd but its ongoing… in my console i see random stuff that look like packeting.. i reinstalled steam and cs, and thought i was good but the 3rd match i played had up to 1.5k ping vs 9.. how do i fix this? Its been a couple days now maybe even a week
I'm just waiting for the new operation
I don't need posts to not play this game
What's sad is that if CSGO was left as a standalone game we would have massive exodus back right now... This is why I don't understand how zoomers let companies like Blizz and Valve get away with the fake sequel gimmick.
cant do shit with an IP... Until they route 100k packets...
There are patch notes mentioning this.
Valve addressed the patches in the latest patch notes. Video is inaccurate now.
There's one thing that'll never change about valve - they will never fix their goddamn game
Anomaly said something about applying stickers due to this exploit , is ok now ?
I was playing the game during this time. Do I need to reset all my passwords or something now?
Did you get falsely banned?
Yes - Sucks
No - Move on, topic doesn't concern you
Did you get your IP leaked or lose items?
Yes - Change it/VPN, sucks
No - Move on, topic doesn't concern you
It's funny from the community who talking about the security of anti cheat, but their game is the one who is the most not save
LOL
Ey look its me in the video
lmao i remember back in 2009 i would be playing CSS zombie mod when i was a kid, and i swear every single person would have like a naked pornstar as their Graffiti
does he answer the question is it safe now?
nah the other day buddy on my team litrally doxxer their top fragger. he admitted to it at the end of the game. all i could do was report him to steam 🤷🏼♂️
yesterday morning.. or 2 days ago not sure... in the middle of the game.. cs started to minimzed and goin full screen in secunds so fast... needed to close the game...
it was after i reported someone for cheating
Cant you just find their IP address using the ` key when they join a community server?
if someone gets your ip just restart your router
Update just fixed this just now
valve cant get an anti cheat for the game in 20 years. good luck to this one
That guy has been a hacker for 20 years? He looks like he’s 25
😎
Where are the documentaries...
nonsense, If nothing happened then this video was made for no reason. We all know that if it can actually be done, alot of people would of already been hacked. Not just in hypotheticals. It would of actually happened. Not "could" Happen.
If you think that's crazy I can get your real steam ID and copy it to a new account and be you and play with your skins without email and password and whatever I do is done under your ID so if I hack and get banned your main account will get the ban. I use to blackmail people in csgo for some of their skins. Also used it back in like Half Life deathmatch days to copy peoples accounts with lots of games so I had more stuff to play. You can still do this today even in CS2 when they add player hosted servers again. It's as easy as having someone connect to your server.
ok
Is the New World sausage all over again
i lost 160 euros by fake trades...my friend waiting like 10-15 mins to get the skins and when i look to trade history it say trade was declined and redirected to another user with same info like my friend account.....nice cs2 crappy game
sold my skins at a high, going back to valorant now. cs 2 is a re-skin, not a new game. they have made that very clear... with no additional updates to anti-cheat. waste of time.
Honest to God I dont like valorant's hero shooter style game but i respect them for kernel level anti cheat and the way they try to introduce new "agents with powers" to keep the game fresh, kudos to Valorant community whereas CS (the video summarises it 😢)
I don't remember most sprays being mostly porn, most where memes. Or pngs of player models
Looks like Valorant attacking CS2 relentlessly 😅
They are the worst development team of a major franchise, not even Blizzard destroyed ow2 as Valve cs2
Pls give back Dmitri, I can’t listen to this guy anymore. He‘s glazing all the time when it is about Valve, the only problem he sees with cs2 is the anticheat and now he says that the people who used this bug are childish like it’s the players fault and not Valve‘s job to fix it.
fun fact: u cant dox using ip
I’m glad almost everybody agrees cs2 shouldn’t have been released bc of how terrible it actually is
Cs is a dumpster fire rn won’t return until this fix the ping performance and cheating issues
Maby Valve should start invest in som ANTI-HACKS as we players said for centuries, i mean Faceit have better anti cheat than Valve, so we already know its possible
Lol ... Stupid hackers .... I allready know my IP adress . (Harvard called me )
It wasn't xss
You look like a young version of Gabe Newell
I can't believe anyone even plays Counter Strike 2. Play Counter Strike Source or 1.6 if you have to, but why on earth would you play that cheater infested mess that only exists to get children addicted to gambling.
nahhh this is hilarious. even riot has more communcation than valve.