Script kiddies have once again acquired an upload file exploit and are taking over servers (poorely) with it..
Fixing it usually easy.
First set sv_allowupload to 0 in your server's cfg and then you need to find the suspicious .gma file they uploaded, for me it was maindata.gma and servercontent.gma.. for this you are on your own, but just use your head.
When you find it just delete it and it will be gone, if it's not you may need to wipe your ulx settings because some of them have figured out how to make their "infection" persistent by abusing ulx's config file.
I expect this to be patched soon since script kiddies are "hacking" servers left and right with it to get e-cred among their script kiddie peers.
But it'll be back.
What's "\nulx", never heard of it
it's a newline followed by the "ulx" command.
Is there a set date when we can expect a patch? Do we know how widespread the exploit is? Are specific servers/gamemodes being targeted?
There's really nothing to patch - seems to be just some random backdoor in an addon.
It seems like it's using an old vuln to persist. That should be fixed: https://github.com/TeamUlysses/ulib/issues/29
Hey guys. If you are being targetted by their "persistent infection", aka them writing ulx luarun to the ulx config file then I have a solution for you.
Locate the ulx config file at data/ulx/config.txt
Shut off your server and restore this config file to its original state, or edit out the bs they added whatever you prefer. Or maybe add edits of your own? Whatever.
Anyways, after you do that simply make this file read only and they cannot tamper with it anymore.
BTW if you want some assistance with backdoors on your server and you're not a infuriating idiot you can add at me @ id/712312401114008/
i already disabled download and upload cos it seemed like a good idea, i guess it was
but i still dunno how to stop basic lua cheaters since they are able to bypass sv_allowcslua
if your staff are good, you could count on vigilant admins.
once you bust enough cheaters, it starts to become easier to identify them.
i recently did some more research and found 'snte' and 'qac', (anticheats/anti-exploit)
i dont like moderating my players cos its time consuming, ill instead make the game enjoyable although a rampant hacker/aimbotter is around by work arounds and more content
Moderating your players carefully is a lot more reliable than anticheats, especially an old anticheat such as QAC, but if you do want to use an anticheat I'd suggest you use a good one like SimpLAC.
ye i tested qac against free hacks and it worked, i got simplac now too
multiple ACs can collide and cause false positives/negatives
why does it have that? i dont use darkrp im making my own rp
Sorry, you need to Log In to post a reply to this thread.
