ULX

Author Topic: Hacking issue  (Read 3992 times)

0 Members and 1 Guest are viewing this topic.

Offline Johnwick

  • Newbie
  • *
  • Posts: 2
  • Karma: 0
Hacking issue
« on: May 21, 2019, 12:57:00 PM »
Hello,

I'm getting problems with my server. Random hackers have decided to target my server and somehow they come on my server and add themselves to superadmins. This has killed my playerbase.

I have invested in anti-cheats. I'm using paid addons. At this point I'm having total regrets loading this server despite the successes I've had.

I really need help.

Offline MrPresident

  • Ulysses Team Member
  • Hero Member
  • *****
  • Posts: 2728
  • Karma: 430
    • |G4P| Gman4President
Re: Hacking issue
« Reply #1 on: May 21, 2019, 05:19:48 PM »
The only way people can "Hack" your server is if:

1. You have a password that is easily guessable.
2. Gave your password to someone who wasn't trustworthy.
3. Have RCON enabled and have your rcon password somewhere people can access it.. such as a publicly shared server or accessible through web somehow.
4. Have an addon with a known exploit that someone is using to elevate themselves to admin.


Here are some suggestions on how to harden your server installation.

1. under NO circumstances EVER use leaked addons. The legality/ethics of that aside, most leaked addons have backdoors. (see #4 above).
2. Minimize the number of addons you are using. This will help minimize the chance of having something with an exploit (see #4 above).
3. Change your password to something crazy hard and don't share it with anyone. Get into the habit of changing your password regularly.
4. If you choose to use RCON, make sure the password is set in your server command line.. NOT your server.cfg config file. Talk to your host about this if you need help. There have been some known exploits in the past that allowed players to gain access to the server.cfg file and therefor the rcon passwords of players who had them stored there.
5. Most likely your issue is a backdoored addon. You'll just need to find that and get rid of it or pay someone to do that for you if you don't know what you are doing.


I wish there was something else I could tell you, but that's pretty much all there is to it.

Offline Johnwick

  • Newbie
  • *
  • Posts: 2
  • Karma: 0
Re: Hacking issue
« Reply #2 on: May 22, 2019, 11:39:06 AM »
Thanks, right now I'm using crident backdoor scanner and removed partially all of the backdoor codes.

However, the hacker banned me and I cannot unban myself from my console. What do I do?

Offline MrPresident

  • Ulysses Team Member
  • Hero Member
  • *****
  • Posts: 2728
  • Karma: 430
    • |G4P| Gman4President
Re: Hacking issue
« Reply #3 on: May 23, 2019, 06:30:02 AM »
If you have console access, you can unban yourself. Just figure out how you were banned.

If they did a normal gmod ban (not ULX) you'll need to look in some files to see where you are banned.


go into garrysmod/cfg and look in any of the files that have banned in the name. You can remove your ip or steamid from there. Do this while the server is down or it'll rewrite the file.