Hi again. So recently I subscribed to an addon in the workshop : http://steamcommunity.com/sharedfiles/filedetails/?id=257753283
Everything was fine for a few weeks , until all of a sudden I look in the tab menu and I see “Clutchslut bambi” has super administration rank.
I was clue less and assumed my co-owner friend changed their name. I check ulx , nope , only my friend is in super admin. In fact , “Clutchslut bambi” isn’t even appearing in ulx, at all.
I proceed to the console straight away and revoke all access from them , change my client area password , rcon password , cpanel password etc , and ban them, permanently.
I proceed to play for about 5 minutes then all of a sudden “someone” removed all access rights from me , and all my staff , then permanently banned all of us.
I’m startled because I have no clue what’s going on and how they’re doing this. They decide to un-ban me and tell me they’re just testing something and they weren’t being serious.
They explained , what they did was abuse the workshop addon , they used http.fetch to grab a “model” which wasn’t actually a model , it was a script that gave them permissions on any server using the addon.
The user :
note : Don’t bother decompiling the addon and searching for the string , they removed it apparently after they did it to me.
Don’t install his addons. Report his ass and get him the hell off of workshop before he infects your server.