How a 69 KB Photo Made TF2 Unplayable for 5 Days
Ойындар
/ discord shocord - main hangout
/ discord 24/7 100 player tf2 server (+ map testing) (shounic trenches: 45.62.160.71:27015)
/ discord join future experiments
/ shounic patreon
channel project status
trello.com/b/L3B65jUX
random feedback
forms.gle/bkuGF6attQrRPc6o9
custom files (hud / crosshairs / hitsound / killsound / gfx cfg)
pastebin.com/raw/e32aG4nP
Music: BananaSlug / user-426347780
big thanks to:
gabe/sunflower, bakugo & ficool2 for their contributions to the video!
FAQ:
Q: How did you make that? What editing software do you use?
A: I use Adobe Photoshop, Premiere Pro & After Effects. Photoshop for image editing and thumbnails. Premiere Pro for compositing and After Effects for motion graphics (the fancy animations).
Пікірлер: 644
yes video on the gordon freeman patch next
@hreckward
18 күн бұрын
gordon freeman in the flesh, or rather in the 2fort
@loopyslayer63
18 күн бұрын
what
@scarletshadowzz
18 күн бұрын
the what
@weaboo4444
18 күн бұрын
let’s goooo, I’m with the science team
@awesomeman3750
18 күн бұрын
thank you
The 20terabyte heavy photo is real..
@igorka5exe
18 күн бұрын
warior is real
@greenhead352
18 күн бұрын
warrior is real 1324
@Stookinator
18 күн бұрын
the warrior
@underpussy_
18 күн бұрын
warrior dot png is real
@ghostrider4109
18 күн бұрын
“Warrior”
" The Pornography has already breached our defenses. "
@Treblaine
18 күн бұрын
"Listen up boy, or 200 petabytes of raw images of your mother will be the second worst thing to happen to you today"
@someuser4166
18 күн бұрын
How am I going to stop some big mean mother hubbard from tearing me a structurally superfluous new behind? The answer? use his ram. And if that don't work, use more ram.
@Gooseytavo12official
18 күн бұрын
”Grass grows, birds fly, sun shines, and brotha? I crash people’s games.”
@Beckwourth
18 күн бұрын
Pyro: (*Lagging noises*)
@realdragon
18 күн бұрын
"One shudders to imagine what inhuman images lie behind those files…"
So basically a zip bomb
@starmaker75
18 күн бұрын
Basically a internet version of the blitz.
@stucq
18 күн бұрын
yes! actually, PNGs and ZIP files both use DEFLATE, designed by Phil Katz, for compression, so this is literally the exact same thing lol
@6lbs._onion
18 күн бұрын
Now i wonder what kind of old data exploits are applicable in this version of source
@uncertaintytoworldpeace3650
18 күн бұрын
Valve sure are funny guys
@bbrainstormer2036
18 күн бұрын
Huh I hadn't thought about it like that, but yeah, that's exactly right
the phone number problem was such a good example
@ktrn6713
18 күн бұрын
honestly shounic is great at explaining basic concepts just enough to get right context for the videos
@TheFinnish1
18 күн бұрын
im totally stealing that whenever i need to explain data compression
@hexakon
18 күн бұрын
@@ktrn6713this and the minecraft inventory slot analogy for RAM were mindblowing
@WishMakers
18 күн бұрын
real, i always learn from the internet on new ways to explain complex concepts to people like how compression works
@snospoken
18 күн бұрын
@@TheFinnish1 likewise
"What's that?" "its the unmatched power of the Conscientious Objector, officer"
@TheBestPybro
18 күн бұрын
"WH-!" "AH-!" WARNING Connection problem auto disconnect in 10
@johnarbuckle6775
17 күн бұрын
HL2.exe is not responding
@satrialeonardgorjan8377
17 күн бұрын
"What's that?" "Pornography" *angelic light sfx*
**Uncompresses image.** **It says “you’re stimky.”** **TF2 crashes.**
@etherian2500
16 күн бұрын
Stimky
@Bl0s
8 күн бұрын
How dare you call me *STIMKY*
People laughed at me when I said the Conscientious Objector was the best weapon in game... _look who's laughing now._
@HaxxorElite
18 күн бұрын
I love you StickMaster500
@iriswav7379
18 күн бұрын
We will never doubt your words StickMaster500 😔 forgive us
@richard_returns_IRL
18 күн бұрын
how are you still alive???
@EeveeRealSenpai
17 күн бұрын
They should add a giant ass stick for a all class melee reskin. cuz funny
@johnarbuckle6775
17 күн бұрын
What about the Crossing Guard
The phone number explanation was amazing and so accurate
@ngwoo
18 күн бұрын
Best layperson's explanation of file compression I've ever heard tbh
2:24 The only thing deadlier than a full team of Sniper bots: Taking out a bugged sign.
>downloads 69 KB png >look inside >2 GB raw
@Muhahahahaz
12 күн бұрын
> ItGetsBigger.PNG
What the hell is the context of the gabe clip at the end LOL?
@thefathercoffee
18 күн бұрын
Can't remember 100% but the context was basically > 2011 > Half-Life 3 still not released > Me angry > Call my homie to protest at Valve HQ > 2manpeaceprotest.png > They call the police > ocrap.jpeg > Turns out police are a huge TF2 fan, so he joins the protest > Gabe appears > Gabe calls them to enter Valve HQ and let them play Dota 2 beta > Also, free pizza It was a happy ending story except we still didn't get Half-Life 3
@manitoba-op4jx
18 күн бұрын
at this point it's probably AI
@riseoftheepicscout454
18 күн бұрын
please we need to know @shounic
@Leymora
18 күн бұрын
@@manitoba-op4jx It's not.
@ZoofyZoof
18 күн бұрын
@@manitoba-op4jx AI isn't that good
ah yes, the reverse coconut
@novaseer
18 күн бұрын
tunococ
@Rev_Erser
18 күн бұрын
.ti seod taht woc nedoow eht s'ti ,oN
@jakestaheli8532
18 күн бұрын
I cant believe this misinformation is still spreading. The coconut can be removed from tf2 just fine, this rumor originated from a reddit post. The 2fort cow, however, does contain files so important to tf2 that every map must have one somewhere to work at all. This would be the reverse cow, not reverse coconut.
@ghostrider4109
18 күн бұрын
@@novaseer2 no cock?
@Rainbro359
18 күн бұрын
@@jakestaheli8532 Now you have become the one to spread misinformation. The 2fort cow is nothing special, it just happens to be present within a 105MB file that TF2 needs - not for the cow, but likely some other critical info contained elsewhere within it. Please revise your shounic lore lest you fall victim to that which you swore to destroy.
It's crazy it took almost 2 decades for this to be discovered
@NicknineTheEagle
18 күн бұрын
This is basically a ZIP bomb and ZIP bombs are kind of a recent trend so it makes sense that this got found now. EDIT: I get it, ZIP bombs were a thing for a long time. It is still possible that the last time they were trending is what prompted someone to look into TF2.
@klad2860
18 күн бұрын
One shudders to imagine whats behind those spaghetti codes...
@NicknineTheEagle
18 күн бұрын
@@klad2860 "Every weird bug I don't understand is Source spaghetti".
@charautreal
18 күн бұрын
@@klad2860this isn't a bug or "source spaghetti" is simply an oversight since it wasn't known it could happen you goober
@Piratederp
18 күн бұрын
@@NicknineTheEagle Bro zip bombs have been around since the fucking 90s.
1:50 PFFT. DAM.
@memetech-
18 күн бұрын
Compression :D
@trieumiu7473
18 күн бұрын
beavers when they see a running water stream:
KZread froze for me exactly when the sign was first pulled out. It took me a few seconds to realize it WASN'T part of a joke.
"...it realizes it and dies" literally me
RED: What's the next step in your master plan? BLU: Crashing this server, "Pulls out comically large decal", WITH NO SURVIVERS!!!
NGL, the ability of shounic to explain concepts so simply is insane. The 64bit vs 32bit difference and the phone number explanations are genius.
the phone number problem is such a good example because that's not too far from how DEFLATE works in actual PNGs
Honestly, its surprising that it took, what, basically a decade for this to be found? I mean, in principle its so simple, its honestly surprising it never was found even by accident before. Like some Timmy thinking it would be funny to put a massive black PNG on his objector or something.
@LonelySpaceDetective
18 күн бұрын
I would guess the need for hacks to upload images larger than 128x128 was what made this take so long to be exploited. Kinda discourages experimentation for most people.
@0Reality
18 күн бұрын
Sometimes simplicity is the recipe to make hard things to discover
@electricportals3644
16 күн бұрын
Tf2 has a lot of nuances, so the fact that no one tried this before now is almost impossible. Source spaghetti must have just discouraged people from trying to find something like this, despite this being so simple and irrelevant to source spaghetti.
I like how you idiot proof your explanations. Really good example with the ten 1's thing
@valetc6479
18 күн бұрын
Nope I still didn't understand anything.
@Artician
18 күн бұрын
@@valetc6479 The raw version is more elaborate than the png version, aka the data in the png version is condensed all into one simplified action rather than multiple actions that are performed in succession, that's how i think of it.
@thisnameisbad3609
18 күн бұрын
@@valetc6479I take it as pngs thinking of multiple pixels of same colour as a single stretched pixel
@tfx9223
18 күн бұрын
@@valetc6479they use an extremely compressible image, which the .png extension will compress, fitting it in Steam’s 69kb limit. TF2 ignores the image’s compressibility and just reads exactly what it is, which for these images that caused crashes might just be a really really big image, or something. The image is too big for the data TF2 is allowed to use on your computer, and the game crashes.
@goldenhospitality8521
18 күн бұрын
I went to vocational college for a while where we had IT related subjects. When we had the topic of compression they used the same example and it conveys the principle behind compression in a really simple manner
2:02 What. Just what. I had no idea compression saves so much space.
@tfx9223
18 күн бұрын
TBF most of the time you aren’t using mono colored images.
@cryomaniac-tm5mg
18 күн бұрын
its an extreme example also compression doesn't "compress data" per say but rather decreses the ineficency of the unrefined version Example: in a photo alot of pixels next to other pixels will naturally be the same color so you can just say "the same as before" when compressing alot but if you were to basicly randomise all the pixel colours then that photo would reach maximum data usage , and would be imposible to further compress. its kinda like that whole trying to find infinite energy thing, every time you think you can compress more data to less you realise: the older data was inheritly inefficent or the action of compressing adds too much data to actually make the difference Edit: typo cam -> can (damn turkish outocorrect, cam=glass in turkish)
@cryomaniac-tm5mg
18 күн бұрын
What I ment in the last sentence was this: ımagine you can send a photo by each pixel having 15 diffrent colours So you have 15 things you can send. Now if you use a compressing algorithm then the 15 possiblities will become 16 with the "the same as before" command. if you are using a 4bit system you can either 1: use the extra space in the 4bits (2^4=16, 16-15=1) to carry extra data for an extra pixel (in this case. if you are efficent you can use 15×4bits to transmit 16 pixels or you can reserve one of those for the same as before thing. you cant do both since specifying which one you are doing for each pixel will cost valuable data, and if you do the math you will realise on avarage the refined version (assuming randomised data) will be of either the same or less efficency than the raw data one
@cryomaniac-tm5mg
18 күн бұрын
I know the comments were long im just tryna improve my English skills, This is what being turkish does to a mf
@Mate_Antal_Zoltan
18 күн бұрын
it's not compression being a miracle, but .bmp being fucking a fucking awful file format it stores the data of every single pixel, whereas .png says "this one looks close enough to the one before, just make it the same color)
The fact that the file size limit for the sign is The Funny Number just.. can't be a coincidence. I refuse to believe the Valve employee who did that didn't once think about that.
@ultravioletcombat5933
18 күн бұрын
File sizes can be weird, due to the fact that binary doesn't go in 1000s like normal metric, but in 1024s. Maybe it's actually like 68,000 bytes and change, and is just rounded up as 69 KB for ease of reading. Honestly, I'm more interested as to why they can't just slap PNGs directly onto the signs instead of decompressing them.
@OpenKeith
18 күн бұрын
@@ultravioletcombat5933 The image has to be decompressed in order for the GPU to use it as a texture. The GPU has to be able to "jump around" the image and read whatever pixels it wants in any arbitrary order, which would be far too complicated to do by seeking back and forth in a compressed data stream (you can't just jump a fixed number of bytes to get to the desired pixel), so it needs you to decompress the image beforehand and hand it the raw array of pixel values.
@B.L.U.S
18 күн бұрын
It's just coincidence the dumb meme of the intercourse number is just a recent stupidity
@Ashe1001
18 күн бұрын
@@B.L.U.S People have been making 69 jokes before you were a twinkle in your dad's eye
@purplehaze2358
17 күн бұрын
@@B.L.U.S Nah, it's always been slang for a specific "position". It's just recently that it's been memeified.
It doesn't affect sprays because sprays have to be VTF in the first place, and they get converted locally when you import them. It's only the custom decal items that use the PNG->RAW pipeline.
1:30 This is some nice explanation of the Run-Length Encoding(RLE)
just wanted to say, the description you gave of the “ten ones” phone number for png vs. raw data is the best layman’s description of image compression I’ve ever heard. I’m gonna be using that. bravo
They managed to fit caseoh's forehead in a Conscientious Objector
I love your explanations for the technical concepts in your videos (e.g: compression)! They're very helpful to understand easily what is going on.
Long story short is we can't have nice customisible things because people will find ways to break the game and/or show graphic images of gore and porn
I am surprised this was not a thing until now. Sounds like the simplest way of crashing, that could have been though of since day one of custom signs addition.
Such an interesting title as someone who’s just kind of been in the background in the TF community I’m gonna have to see this
That is the best explanation i've ever heard for compression and how relational databases work in general.
This issue was so bad that even Delfy was saying that Valve needed to fix it as soon as possible. XD
@Legenducky
18 күн бұрын
The troll face not smiling..
@johnarbuckle6775
17 күн бұрын
@@Legenduckymf said 👿
@TheTdw2000
11 күн бұрын
Well yeah. Just crashing a server isn't funny.
Loved your compression example!
That was the best way of describing compression. Ever. Thank you.
As soon as I heard the format in question was PNG, I thought "Ah! A ZIP bomb!" PNG and ZIP both use the same compression algorithm. PNG just applies some reversible filters to the image data first to make it compress better.
Yo that explanation between png and raw is so applicable across so many mediums I don't think you understand 😂 awesome video
I want to say that, as someone with very limited knowledge on tech and how games work, I think your way of explaining stuff is so great! It makes it easy for someone like me to properly understand what has happened. Like the phone explanation I was like "ooooohhh that makes sense"
fun fact someone paid 680 keys for an "animated objector"
@AvastAntiPony9445
18 күн бұрын
What a scam considering in practice anyone can just make one.
@Artician
18 күн бұрын
Why don't they just put an animated png on an objector, are they stupid?
@RandomRebelSoldier
18 күн бұрын
Did they really? That's gotta be either world's smartest scammer or the world's dumbest trader
@Wicked_Fox
12 күн бұрын
Typical brain dead tf2 player
@Muhahahahaz
12 күн бұрын
How??
Not only is this incredibly well explained but the gabe bit at the end was absolutely hilarious and so fitting
your analogy on how compression works is actually pretty accurate. _its mine now_
One of the best explanations of raw vs compressed I’ve seen
Thank you Shou I love Shounic videos
Ironically, the old 32-bit build was a massive help for catching this bug since it turned a mundane oversight into a crash.
GORONDON FROMEN
@nuxx1876
18 күн бұрын
fromage .
@perrypougins379
17 күн бұрын
la formagr
This is a well known attack vector (there is also a tiny png with an absurd res in the SecLists repo) but the magic is trying to use it in tf2 and working around the various limitations. I love this stuff and it drives me.
Good thing TF2 shipped a 64bit build! Should be tons of memory available for that 2GiB now.
I think you might be my favorite tf2 content creator
I like that for a time you could enter a server with a functional memetic hazard all ready to go. Go full Perseus.
thank you for the great video!
Fun fact: until the release of Windows 10 21H2, all versions of Windows 8, 8.1 and 10 were susceptible to the exact same bug when copy-pasting an extremely horizontally large png from one place to another. It tries to unroll the png into a bitmap in memory to allow the destination to convert it into another format if it wants to, but if the image unrolls too large, it writes the clipboard buffer out-of-bounds. We even determined that you could interfere with other process memory that way, so it was given a CVE and patched in a week. Windows 8, 8.1 and 10 are no longer vulnerable to it. I discovered this after making a meme by stitching together large images of regional indicators (the white letters on a blue background) approximately 250k pixels wide and pasting it into Discord. Instant bluescreen, every time. We called the exploit "bluebomb", because blue was the dominant color in the program. There's a 10 line C file to reproduce the error, instantly crashing any vulnerable Windows system upon executon. Good times.
I feel like shounic would be a really good teacher if that was his job
Thank you for explaining it well
@superbasement4.567
17 күн бұрын
ahh just noticed it was you who made the 64bits TF2 video explanation, GG, subscribed
No gaben don't let him pull out the sign!
Great, I had an un-decaled conscientious objector for the memes and now I can't use it or else people will think I'm trying to crash the server. 10/10
1:20 "You wouldn't say one, ten times." Yes I very much would. I would be insufferable.
@stan-bi3hl
11 күн бұрын
The weird thing is many English speakers do the "compression" thing even when there's no compression factor, e.g. double-oh-seven for 007 instead of oh-oh-seven. Meanwhile, service announcements in English in Europe will read 0000 as zero-zero-zero-zero.
This is now the official TF2 Wiki and the visuals, just so neat and I can understand quickly
I like how shounic uses understandable metaphors for us mere mortals to comprehend
I think it came before April 13, as it happened to me on the 10th, I have screenshots of a disrupted (god forbid) 2fort match.
Having a whole servers breakdown issues because of a picture is so much a typically TF2 problem I'm not even surprised the slightest
1:16 shounic wtf????? this is the best way you described something for non-techy people. wow.
best gabe newell ending clip yet
Im someone that explains science as a living. Ive been watching you for a while and im consistently impressed by how good you are at explaining things both visually and verbally to an audience with reasonably low understanding of computer topics (like me). Nice work man
@shounic
18 күн бұрын
thanks :)
I like the fact that i completely missed this because i was working on projects in a roblox game
The sight of sprays gave me an idea: what if we added workshop-made sprays that were allowed by valve on any server?
That exploit is really really really cruel my Bois!
Love your videos
huh, I do remember my game randomly crashing on me 3 times in a single day with that exact reason of "out of memory space. texture settings may be set too high", and it might've been the 13th... good to know it wasn't my PC deciding to kick the bucket
Me when my hungry objector eats all of my ram.
timeless flawless masterpiece they said
This is the most hilarious zip bomb I have _ever_ heard of 😂
for 5 days in a game with flamethrowers and rocket launchers the most powerful weapon was a literal piece of wood with a weird image on it sounds fitting for TF2
Basically how compression works🔥
"I have become raw. Destroyer of servers"
That spray is the best thing ever.
Somehow this reminds me of Borderlands. There used to be a mod where you could "down" your entire team by using a "health* perk that was modded to the most negative number the game could handle. It would instantly incapacitate the other 3 players and you could just sit there and laugh at them. Freezing the entire game seems pretty fun as well.
shounic, This is so fun! I'm happy I found your channel!
"realizes it can't and dies"
This was a fun week
its the warrior
As soon as I saw that the resizing was client-size I figured about where it was going.
it's always fun when a tf2 exploit gets found on your birthday
@koopdawhoop.
18 күн бұрын
happy birthday!
valve conscientiously objected to the bug
So what they did is made a scp foundation memetic kill agent in tf2, never thought this is how it's done
the load bearing coconut is needed
Art really can speak without words 😅😅😅
Have you ever considered doing a video about that time where people found a way to inject code into the spraypaint images that would randomly VAC ban people on the server? Always wondered how that worked. It was years ago though.
@grubo8884
18 күн бұрын
sounds made up.
I wasn't playing TF2 during that time lmao, I wish I had seen this
you can go even further by modifying the height and width data in header with a hex editing tool to trick the computer into thinking the image has much larger dimensions than it does you can go up to the 16bit limit and have it under a kilobyte. a 65536x65536 24bit image would take 12GB in ram (i dont remember how exactly it was for pngs but that's how it works for gifs and ive actually made some before)
@blotto7162
18 күн бұрын
PNGs support up to 2,147,483,648 not the 16 bit limit
honoured to have a game breaking bug drop on my birthday
I had one of these. Funny as hell ngl.
1:50 BMP files can be compressed with various methods (source: did a computer science project on parsing them)
The objector proving once again to be the best item in the game, absolute kino
"HAHA JONATHAN I AM A ZIP BOMB"
So this is why my game randomly crashed once while playing. I thought it was my storage lmao
I want to know where you got Gaben’s monologue at the end from
when u we’re explaining what was wrong in the beginning around 0:33 i thought the exploit was showing an over sized image and lagging out the other players
I wish this was loaded upon seeing it, literally a cognito hazard.
I am new to TF2 and honestly this was kind of a surreal exploit. Just to see how almost a full lobby except me all disconnect at the same time in different lobbies felt really unnerving for a moment