Ulysses Stuff > General Chat & Help and Support

My server got hacked

(1/2) > >>

The Pro:
I was hosting a RP server when someone joined and asked for spawning. I said no. And then he hacked me, Took away my admin. Spammed the chat and banned everyone.

Now before you start saying I have a .lua virus I don't have any of them.

I'm using ULX 2.1 with Ulib
Steam ID of the the person that did this: STEAM_0:1:3307510

When i restarted gmod i still was not admin.
How can i fix this and make sure that that f***er never comes back to my server ever.
Also could they have hacked my computer too and be watching what iam saying here?

Megiddo:
You've got some sort of exploit running, since ULX/ULib has no way to remove admins without editing the files directly. Make sure you check all auto-init files.

The Pro:
I searched all the files and found nothing.
No Auto-init files were modded after 10 days ago.
I also checked all of them for malicios code.

Explain please.

JamminR:
Pro,
 I'm not saying it's impossible. (Meg might, he knows his code better than I)
However, it is EXTREMELY unlikely that ULX/ULib was the cause of your exploit.

Make SURE you have an rcon password set in your config file. If you have a default, this might have been the issue.

However, to answer some of your questions....

--- Quote from: The Pro ---How can i fix this
--- End quote ---
1)
a)Backup your banned_*.cfg files. Verify they only have IP or steamids first, and not any other 'exec' lines or code lines.
b)Totally delete all of your gmod9 server/game folders.
c)Scan your pc for worm/viruses using 2 different scanners. (3 or 4 free ones exist on the web. Panda/Bitdefender/Trendmicro to name 3 reliable ones I know)
d) Reinstall Gmod.
e) Reinstall only ULX 2.1/Ulib 1.1
e) Reinstall any maps you like, hold off on mods. (Yes, this sucks)
f) make SURE you have an rcon password set in your config file. If you have default, this might have been the issue.
g) Run server for a few days after doing answer 2


--- Quote from: The Pro --- and make sure that that *($*#($# never comes back to my server ever.
--- End quote ---
2)
a) Once you have gmod9 and maps installed, add user to your banned_users.cfg (I think thats its name, should have other steamids there too) file. I don't remember of top of my head, but I think its format is STEAM:#:###### 0  ,where 0 is permanent


--- Quote from: The Pro ---Also could they have hacked my computer too and be watching what iam saying here?
--- End quote ---
Y35 comrade. @ll your base belong to u5.
Joking.
Seriously, most worms don't watch that closely. Anything is possible though. See 1c above.

Megiddo:
What was in your users.ini at the time of this hack Pro?

Navigation

[0] Message Index

[#] Next page

Go to full version