Net exploit?

Ia_grib-legacy · October 6, 2017, 8:33pm

Recently something really weird happened to my server: it crashed and when I opened the logs I saw this error repeated A LOT of times:


[ERROR] lua/includes/extensions/net.lua:103: bad argument #1 to 'pairs' (table expected, got nil)
  1. pairs - [C]:-1
   2. WriteTable - lua/includes/extensions/net.lua:103
    3. func - addons/customcommands/lua/ulx/modules/sh/cc_util.lua:847
     4. unknown - lua/includes/extensions/net.lua:32

Is is some kind of net exploit or a backdoored addon? What could cause this behaviour?

dence47-legacy · October 6, 2017, 8:44pm

Probably people just abusing net messages that don’t really protect themselves

This is the function that is being called



if ( SERVER ) then

	util.AddNetworkString( "steamid2" )
	util.AddNetworkString( "sendtable" )

	net.Receive( "steamid2", function( len, ply )
		local id2 = net.ReadString()
		local tab = ULib.bans[ id2 ]
		net.Start( "sendtable" )
			net.WriteTable( tab )
		net.Send( ply )			
	end )
	
end

Just make it so if the ban is actually valid then send it. This is just assuming the table is valid and sending it to who ever. There are a ton of net exploits people can do. Although, this exploit might be in that whole lua script of exploits that is floating around. It would be worthwhile to check all of your net messages though and fix them if need be because there are a LOT of functions like these that will either really mess with your servers stability, server permissions, data, ect.

Ia_grib-legacy · October 6, 2017, 8:50pm

dence47:

Probably people just abusing net messages that don’t really protect themselves

This is the function that is being called
if ( SERVER ) then

	util.AddNetworkString( "steamid2" )
	util.AddNetworkString( "sendtable" )

	net.Receive( "steamid2", function( len, ply )
		local id2 = net.ReadString()
		local tab = ULib.bans[ id2 ]
		net.Start( "sendtable" )
			net.WriteTable( tab )
		net.Send( ply )			
	end )
	
end
Just make it so if the ban is actually valid then send it. This is just assuming the table is valid and sending it to who ever. There are a ton of net exploits people can do. Although, this exploit might be in that whole lua script of exploits that is floating around. It would be worthwhile to check all of your net messages though and fix them if need be because there are a LOT of functions like these that will either really mess with your servers stability, server permissions, data, ect.

I’m actually retarded, I for some reason opened the wrong file and was like ‘what the fuck is calling that’ so I decided to ask here.

Thanks.