Author Topic: ULX exploits & ways to fix them?  (Read 2017 times)

0 Members and 1 Guest are viewing this topic.

Offline Bryantdl7

  • Jr. Member
  • **
  • Posts: 86
  • Karma: -2
ULX exploits & ways to fix them?
« on: August 05, 2014, 03:23:51 PM »
Hello, and I would like to start off apologizing if this post is not in the right category. Last night I had someone join my server and make everyone superadmin including myself. After looking thoroughly through my logs for the day I saw that this line of code had been executed.
Code: [Select]
hook.Add("PlayerSpawn", "lol", function(ply)  RunConsoleCommand("ulx","adduser",ply:Nick(),"superadmin") end)"
At first I figured oh, it must be he somehow got my RCON password. After changing it around an hour later (console) once again gave everyone superadmin again. This time I did figure out who did it but I am very confused as to how this is happening since I have sv_allowupload set to 0 and sv_allowcslua set to 0.

Any tips on how I can stop this from happening? This isn't the first occurrence,

Thanks.



Offline Avoid

  • Full Member
  • ***
  • Posts: 142
  • Karma: 42
Re: ULX exploits & ways to fix them?
« Reply #1 on: August 05, 2014, 04:36:12 PM »
Sounds like have some malicious addon/workshop creation, what addons are you using then?

Have a look through addons, workshop items and files in your lua/autorun!

EDIT:
Also never set your rcon_password in the cfg, if you really have to rely on it define it in the start parameter.
« Last Edit: August 05, 2014, 05:04:29 PM by Avoid »

Offline Bryantdl7

  • Jr. Member
  • **
  • Posts: 86
  • Karma: -2
Re: ULX exploits & ways to fix them?
« Reply #2 on: August 05, 2014, 06:05:06 PM »
so autoexec.cfg?



Offline JamminR

  • Ulysses Team Member
  • Hero Member
  • *****
  • Posts: 8096
  • Karma: 390
  • Sertafide Ulysses Jenius
    • Team Ulysses [ULib/ULX, other fine releases]
Re: ULX exploits & ways to fix them?
« Reply #3 on: August 06, 2014, 01:30:14 PM »
FYI -  This isn't a ULX exploit.
This is someone gaining access to your rcon or server-side run lua, and using ULX to add users.
There are some other conversations around the forums regarding disabling console command access, but I don't remember where or to what extent.
You'd have to search the forums for "harden" or "exploit".
"Though a program be but three lines long, someday it will have to be maintained." -- The Tao of Programming