Keep in mind that this is the same game whose client-update-handshake-dance largely consisted of an enormous JSON of all the updates that had ever been done to the gamestate, which then got parsed naively. This situation was recognized and patched [0] by an interested third party [1].<p>Not a slight against the code monkey that implemented it that way, because they surely didn't bother to think about complexity consequences when the gamestate was new and the JSON wasn't 10MB yet, but a slight on Rockstar, because the cash cow that GTA:O turned out to be deserves some fuckin' maintenance, doesn't it? Then again, the eye-popping abilities (and prevalence!) of hax0rs in Rockstar games probably ought to signify priorities to even the most casual observer. As others in these comments observe, with what those hackers can achieve, it's not surprising to learn there's RCEs too.<p>[0] <a href="https://github.com/tostercx/GTAO_Booster_PoC">https://github.com/tostercx/GTAO_Booster_PoC</a><p>[1] <a href="https://nee.lv/2021/02/28/How-I-cut-GTA-Online-loading-times-by-70/" rel="nofollow">https://nee.lv/2021/02/28/How-I-cut-GTA-Online-loading-times...</a>
A remote code execution exploit in GTA 5 Online should not a surprise to anybody who has played GTA 5 Online.<p>Cheaters have been rampant for many years, with people using apparently purchased cheat tools that allow them to choose to do server-side things like drop unlimited money and spawn vehicles anywhere, rapidly cycling through weather changes, and locking people permanently in cages.<p>But get on the bad side of a cheater and they can crash the games of people in the server they want to kick.<p>It's very sad, because despite the immense flaws of the game, the game play loop can be very engaging.
I've played with and studied netcode and I'm unsure what GTA netcode would even look like. I've seen cheats to the point where everyone is just teleported to the cheater, the cheater spawning millions of dollars, cheaters taking away millions of dollars from people, the cheater unlocking all the online collectables for everyone in the lobby at the same time, people screwing with singleplayer sessions, cheaters crashing games, and much more.<p>This doesn't surprise me at all. There seems to be zero validation that other people's actions. How was netcode even designed to players allowed to teleport and unlock collectable for one another? How does the client accept actions from other players in a singleplayer game?<p>This doesn't seem to be just standard peer2peer issues, it seems like Rockstar went out of their way to design the least secure netcode possible.
Rockstar Games only seem to "guarantee" a $2,500 payment for RCE vulnerabilities, despite making billions off their properties. They claim to provide a bounty of up to $25k, but I couldn't find evidence of them ever paying a bounty close to that amount. It shows how much they value their customers' privacy and security.<p><a href="https://hackerone.com/rockstargames" rel="nofollow">https://hackerone.com/rockstargames</a>
The rumors are correct. This is an out-of-bounds array read/write vulnerability in the multiplayer scripting engine. Even if they patch this one, there are about half a dozen others known already. The only reason why this hasn't yet been turned into an exploit that runs arbitrary code outside of GTA on your computer is that no-one has bothered to do the extra work required for that. Not as far as I know anyway.
Almost every single online game out there that relies on players connecting to each other instead of only a central server is vulnerable to these types of exploits, it's often just a question of finding them.<p>Every once in a while I feel like playing one of the older Call of Duty games on my steam library again, but then I remember that they all have known unfixed RCE exploits.
Is it just me or is it impossible to find from this source link any _real details_ about the actual RCE?<p>* This post claims an RCE being exploited and warns people not to play.<p>* It links to Rockstar forums where people are warning about the game being exploited but provide no details on the attack vector or indicators of compromise.<p>* It links to a screenshot of a tweet of some random person again warning not to play but doesn't provide any useful detail.<p>* The _original source_ linked in this post is a tweet with some screenshots of a mod that clearly indicates some game modifications but says nothing about an RCE.<p>Can anyone point to an authoritative source with real technical details?
Whilst an issue like this can occur with any network architecture, going with Peer-to-peer looks like a terrible decision. 'Never trust the client' and all that. The in-game money cost real money, but the client is trusted so anyone can edit their balance in memory as the game is running. Ridiculous.
Hopefully this doesn’t affect ScriptHookV and their like for single player. Enjoy playing LSPDFR once in a while. GTA:V is just a treasure trove for modders.