« previous next »
Pages: [1]   Go Down

Author Topic: Somekind of hack protection?  (Read 4694 times)

0 Members and 1 Guest are viewing this topic.

Offline morten7000

  • Newbie
  • *
  • Posts: 39
  • Karma: -1
Somekind of hack protection?
« on: August 23, 2013, 08:29:30 AM »
Hi Ulysses... Its because I have seen on facepunch that there have been a lot of Hackers lately.... pretty powerfull ones... They manged to bypass any default security against hackers and script and stuff... so they could just screw a server up and redirect people to other servers and make ulx open menues which cant be closed without leaving.
Here is some links you can see :)

http://facepunch.com/showthread.php?t=1301179
http://facepunch.com/showthread.php?t=1300856

I know that if there gets a anticheat on ulx they just find another way to bypass it... I just sound incredible to me that they can do stuff like that... Im not a pretty good coder or anything.. so I dont know if thats why it sound so "big" to me..
Im just a little bit scare of what they acutally can do...

I dont know if there is anything that acutally can be done against this... but i just thought that i would let you know :)

Have a nice day :3
Logged

Offline Storm

  • Full Member
  • ***
  • Posts: 220
  • Karma: 4
Re: Somekind of hack protection?
« Reply #1 on: August 23, 2013, 03:28:29 PM »
I agree it is a HUGE problem. For a while there, garry's mod was automatically doing global bans (I saw a ban done on my server for the hera.lua). But then all global bans stopped. We are really helpless. Some hacks are obvious, like speed hacks. But with others, admins are just guessing, like t detectors on TTT and aimbot. I too wish there were an answer!
Logged

Offline JamminR

  • Ulysses Team Member
  • Hero Member
  • *****
  • Posts: 8096
  • Karma: 390
  • Sertafide Ulysses Jenius
    • Team Ulysses [ULib/ULX, other fine releases]
Re: Somekind of hack protection?
« Reply #2 on: August 23, 2013, 03:53:23 PM »
We already include some user 'key' protection, so a single user can't get disconnected and another user 'take over' their session.
This was a work around from an exploit a few years ago.
Without knowing what the root of any exploit is, we can't even guess as to help.
I've looked over a few posts as referenced in original post and linked from some of those posts, and not one has stated how the exploit works.

To 'harden' your server, and ULX for now, I'd recommend some tips.
Disable RCON if you can.
NEVER store your rcon password in ANY cfg file (set it in your servers startup command line, google how.
If you have dedicated host, NEVER use same password for it's cpanel as you do for your rcon and/or ftp.
Remove ulx "rcon, cexec, ent, exec, luarun, adduser, adduserid, userallow, userallowid" from all groups. (meaning, yes, you'll have to add users to your Gmod group users.txt file the old fashioned way)

By no means am I saying ULX isn't exploitable...we just find 99% of most times in past that it's some other gamemode or addon that can be exploited, and ULX makes it just as easy for the 'hacker' to run commands as it does for you as a legitimate admin.
« Last Edit: August 23, 2013, 03:56:05 PM by JamminR »
Logged
"Though a program be but three lines long, someday it will have to be maintained." -- The Tao of Programming

Offline morten7000

  • Newbie
  • *
  • Posts: 39
  • Karma: -1
Re: Somekind of hack protection?
« Reply #3 on: August 24, 2013, 02:33:53 AM »
Quote from: JamminR on August 23, 2013, 03:53:23 PM
We already include some user 'key' protection, so a single user can't get disconnected and another user 'take over' their session.
This was a work around from an exploit a few years ago.
Without knowing what the root of any exploit is, we can't even guess as to help.
I've looked over a few posts as referenced in original post and linked from some of those posts, and not one has stated how the exploit works.

To 'harden' your server, and ULX for now, I'd recommend some tips.
Disable RCON if you can.
NEVER store your rcon password in ANY cfg file (set it in your servers startup command line, google how.
If you have dedicated host, NEVER use same password for it's cpanel as you do for your rcon and/or ftp.
Remove ulx "rcon, cexec, ent, exec, luarun, adduser, adduserid, userallow, userallowid" from all groups. (meaning, yes, you'll have to add users to your Gmod group users.txt file the old fashioned way)

By no means am I saying ULX isn't exploitable...we just find 99% of most times in past that it's some other gamemode or addon that can be exploited, and ULX makes it just as easy for the 'hacker' to run commands as it does for you as a legitimate admin.

Hmm okay. I see. I will try to do some of the stuff you recommended untill the exploit get closed (if it ever does that)

Thank you :)
Logged

Offline Storm

  • Full Member
  • ***
  • Posts: 220
  • Karma: 4
Re: Somekind of hack protection?
« Reply #4 on: August 24, 2013, 04:08:58 AM »
I don't even think this is a ulx problem. There are so many lua hacks, I just wish there were a way to block specific .lua files from being run clientside. People don't need rcon or ulx access to do these. I know the lua hacks I would block but there isn't a way to d this right?
Logged
Pages: [1]   Go Up
« previous next »