This plugin removes the possibility to change or read rcon_password. This may turn out to be useful. In some cases. Well, against point_servercommand (not a concern on CS:GO though, and only if you don't want to completely remove it). Or maybe if someone brute forces or gets to know your password by any means, they won't be able to change it. Or if you're just as paranoid as me.
Initially this plugin consisted of: custom package (so that it would never be unloaded); loader for that custom package; and protection from unloading any Valve Server Plugins, inluding Source.Python itself. The thing I got stuck on is a signature for the CRConServer::SetPassword. I couldn't find it. Finding that signature would allow me to hook any attempts to change RCON password while being able to set rcon_password to whatever fake random value I would want.
However, that approach didn't quite work, so I came up with another one. The one I actually feel a bit bad posting.
The trick there is that rcon_password handles passwords only when created by RCONServer class, and that happens only once during the server startup. Why not remove this cvar then? It won't be recreated. Even creating a new one with setinfo rcon_password darkside won't actually do anything.
Here's the script http://pastebin.com/zxx29aN4 (download)
Save it as <mod dir>/addons/source-python/plugins/rcon_guard/rcon_guard.py and add the following line to your autoexec.cfg:
Code: Select all
sp plugin load rcon_guard
Be sure to set your RCON password before loading this plugin! Either set your RCON password one line above sp plugin load rcon_guard in the autoexec.cfg, or in your command string:
Code: Select all
+rcon_password <your rcon password>