• Garry's Mod Exploit?
    4 replies, posted
For some reason, I keep finding a few lines of code in my gamemode which rename the runstring, runfake = runstring, a concommand for it or something along those lines. Without either FTP, MYSQL or RCON access how is this even possible? I've reset MYSQL passwords, reset FTP passwords and disabled RCON, sv_allowcslua is set to 0 and i'm running the following addons. [img]http://puu.sh/72Av0.png[/img] I'm incredibly confused as to how this is happening. The npigamers-sync simply checks a database for a steamid, if the user's steamid has a rank in the DB it assigns them the rank but I can assure you this is not the entry of attack since it's happened when this wasn't on the server. I can't imagine there being a backdoor in pointshop or ulx? The runstring code is also inside the init.lua of the gamemode which surely cannot be done from ingame? It would have to require FTP/Web access? Any help would be fantastic because this is simply driving me nuts. I can only assume there's an exploit in my gamemode but i've no idea where to look for that. EDIT: And during the course of me typing this the following lines have popped up in my base game [img]http://puu.sh/72DKz.png[/img]
Just writing this now, I've been helping Adzter for the last two days and I am stumped as to how the code appears. No one has access to anything, as far as I know, yet places lua code. It's not possible to place lua code on the server except /data (it aint being wrote there) and e t c This could be a very dangerous exploit, assuming it is. I had him remove every backdoor/malicious code and had FTP changed, so it's a waiting game now.
[QUOTE=zerothefallen;43979312]It's not possible to place lua code on the server except /data[/QUOTE] It's possible if it's done through a binary module. Do you have any binaries on the server that are out of the ordinary? garrysmod/lua/bin
[QUOTE=Linda;43979859]It's possible if it's done through a binary module. Do you have any binaries on the server that are out of the ordinary? garrysmod/lua/bin[/QUOTE] The only module there is MYSQLOO.
[QUOTE=Adzter;43981319]The only module there is MYSQLOO.[/QUOTE] A mysterious mystery. A mysterious mystery indeed.
Sorry, you need to Log In to post a reply to this thread.