Server Getting Hacked! I need help!

My server is running ULX admin mod and for some reason or another people are adding themselves to admin and banning everyone! If anyone has a fix for this I would appreciate it!

Fail!


(User was banned for this post ("Replying to a help thread with "Fail!" isn't helpful." - postal))

Are you running the newest version of it? There was an exploit a while back that allowed stuff like that to happen.

Also make sure your advanced duplicator is up-to-date.

ULX always has had holes in it AFAIK. What addons are you running? Some addons access certain files (like adv-dupe), so it would help to know what they are.

I have PHX, Wire, and adv dupe (came with wire). And my server (supposedly) updates it’s SVNs everyday.

Then this is a new bug in the code, interesting. For now I suggest IP banning the people who are doing this manually, then check for a new version of ULX ASAP. Also, if the newest version is the one you’re using I suggest you report this to the creators of ULX.

You have changed the rcon since this happened right? In the eventuality that someone actually managed to guess it?

Well I got in this morning and SteamID banned the “hackers” and there is pretty much no way for them to get a hint of the rcon pass.

There’s always a way of getting the RCon pass. Just don’t use RCon once you’ve set up your basic stuff.

*Change the IP or update (If you’re hosting it yourself)
*Get a new Rcon password
*Change/Refresh the current admin tool
*Use the bannedip.txt or whatever txt you’re bans are written in and delete the names you haven’t banned yourself
*Get the “hackers” Steam id and ban him if he enters next or IP depends on you

That’s pretty much the advise with the 2 years experince i’ve had with gmod servers.

You should download chrisasters gm_rcon that only allows certain ip’s to run Rcon so you can ban for unauthorized use of rcon if they’re not in the allowed list.

Your two years experience didn’t do you much good.

this isn’t help and support

There was an exploit with advance dupe that let you run lua on servers.
Do what overv said. update advance dupe