ULX

Author Topic: Hackers taking over ULX  (Read 2865 times)

0 Members and 2 Guests are viewing this topic.

Offline ryeezy

  • Newbie
  • *
  • Posts: 3
  • Karma: 0
Hackers taking over ULX
« on: April 22, 2013, 09:42:58 PM »
Hello, I am using ULX on my Garry's Mod server (running the Trouble in Terrorist Town gamemode) and we had two hackers come into the server and take over our ULX. They were able to demote all the admins that were in the server and promote themselves to super admin. We know who did it and shut down the server then managed to ban both of them and they were just able to unban themselves then ban the admins. I disabled rcon and they were still able to over take the server and control ULX after unbanning themselves. Help would be greatly appreciated. Thank you in advance.

Offline MrPresident

  • Ulysses Team Member
  • Hero Member
  • *****
  • Posts: 2728
  • Karma: 430
    • |G4P| Gman4President
Re: Hackers taking over ULX
« Reply #1 on: April 23, 2013, 07:32:34 AM »
The fact that they were able to unban themselves shows that its not a problem with ulx. You must have some other vulnerability somewhere on your server.

If they were somehow able to exploit ulx, banning them would have solved that since they'd have to be able to connect in order to hijack your admin mod.

Offline nathan736

  • Full Member
  • ***
  • Posts: 143
  • Karma: 4
Re: Hackers taking over ULX
« Reply #2 on: April 23, 2013, 08:58:39 AM »
Do you have any rcon protector is your rcon in the cmd line? Not the config?  Do you even have a unique pass set for it? Is your FTP protected? if you need further help  pm me ;)
a person asked me how to code lua and i said this " its like building a rocket up side down then  realizing you did it all wrong."

Offline JamminR

  • Ulysses Team Member
  • Hero Member
  • *****
  • Posts: 8096
  • Karma: 390
  • Sertafide Ulysses Jenius
    • Team Ulysses [ULib/ULX, other fine releases]
Re: Hackers taking over ULX
« Reply #3 on: April 23, 2013, 07:33:25 PM »
The fact that they were able to unban themselves shows that its not a problem with ulx.
What he says.

We don't discount your issue, and we empathize with your plight.
Unfortunately, we find time and time again that ULX isn't the root cause.
It makes it easier for those who have gained root access to your server to administer your server as easy as it does for you who are supposed to have root.

Make sure you're not storing rcon passwords in your config files.
If you enable rcon, always set it's password in command line startup (like nathan says.)
"Though a program be but three lines long, someday it will have to be maintained." -- The Tao of Programming

Offline SuperAero_

  • Newbie
  • *
  • Posts: 13
  • Karma: 1
Re: Hackers taking over ULX
« Reply #4 on: April 24, 2013, 02:04:08 AM »
RunConsoleCommand

Offline nathan736

  • Full Member
  • ***
  • Posts: 143
  • Karma: 4
Re: Hackers taking over ULX
« Reply #5 on: April 24, 2013, 06:44:49 AM »
ulx only has 2 real weaknesses you server file system and rcon every thing else is water tight unless you have commands that give people ranks (not counting the actual ulx ones)
RunConsoleCommand
this doesnt work as that is client locked and or lua side only would only work if you found a open end RunConsoleCommand  chunk of lua. < should never happen
« Last Edit: April 24, 2013, 07:24:45 AM by nathan736 »
a person asked me how to code lua and i said this " its like building a rocket up side down then  realizing you did it all wrong."