« previous next »
Pages: [1]   Go Down

Author Topic: Re: Hacked.  (Read 2036 times)

0 Members and 2 Guests are viewing this topic.

Offline LuaTenshi

  • Hero Member
  • *****
  • Posts: 545
  • Karma: 47
  • Just your ordinary moon angel!
    • Mirai.Red
Re: Hacked.
« on: January 11, 2014, 10:57:33 PM »
http://forums.ulyssesmod.net/index.php/topic,6920.msg34176.html#msg34176

I have seen this post and off topic and it appears that I have found the cause.

Quote
A major DarkRP exploit was released on a hack forum through which hackers can gain access to RCon and many other things.
Many people know about this exploit and ACTIVELY ABUSE IT!
The exploit applies if you have MySQL set up for DarkRP.

It has been fixed in the latest version of DarkRP. Please update it ASAP! It is of utmost importance!
Please also change your MySQL credentials after updating!

The exploit is a terribly stupid mistake on my side. I'm very sorry. This should not have happened.
Feel free to call me a cunt on twitter: @FPtje.

This message will NOT go away when you update. You are safe from the exploit if you have updated after
January 11th 12:00 GMT. You know that you have the fixed version if you're running DarkRP 2.5.1!
This message will be removed on February 1st for it should have reached enough server owners by then.

This message is seen by everyone, including people who can exploit it. I've tried hiding the fix, but people
WILL find it if they look for it. This puts more pressure on server owners to update DarkRP. Sorry for that.
I decided against keeping it secret for it is already too widespread.

Please update your DarkRP to the latest version as soon as possible to make sure your server does not get compromised.
Logged
I cry every time I see that I am not a respected member of this community.

Offline JamminR

  • Ulysses Team Member
  • Hero Member
  • *****
  • Posts: 8096
  • Karma: 390
  • Sertafide Ulysses Jenius
    • Team Ulysses [ULib/ULX, other fine releases]
Re: Hacked.
« Reply #1 on: January 11, 2014, 11:19:46 PM »
Can we have your source link, the actual one where FPtje states that info.
We've had several users email or PM us directly stating 'ulx hacked', where, as usual, all ULX did was make it that much easier for someone to run commands on a server using whatever was actually exploited.
Logged
"Though a program be but three lines long, someday it will have to be maintained." -- The Tao of Programming

Offline LuaTenshi

  • Hero Member
  • *****
  • Posts: 545
  • Karma: 47
  • Just your ordinary moon angel!
    • Mirai.Red
Re: Hacked.
« Reply #2 on: January 12, 2014, 02:13:52 AM »
Quote from: JamminR on January 11, 2014, 11:19:46 PM
Can we have your source link, the actual one where FPtje states that info.
We've had several users email or PM us directly stating 'ulx hacked', where, as usual, all ULX did was make it that much easier for someone to run commands on a server using whatever was actually exploited.

Here is the source, https://raw.github.com/FPtje/DarkRPMotd/master/motd.txt
Logged
I cry every time I see that I am not a respected member of this community.
Pages: [1]   Go Up
« previous next »