Ulysses
Ulysses Stuff => General Chat & Help and Support => Topic started by: strategos on September 15, 2011, 07:11:54 PM
-
Below is the console log
[19:48:47] Breanotch<STEAM_0:1:31830315> spawned model models/props_c17/fence03a.mdl
[19:48:51] +SsS+ DJ Pon-3 (BoH): /OOC Not minges
[19:48:53] +SsS+ DJ Pon-3 (BoH): /ooc Hackers.
[19:48:53] [EGI][Kaoz Unit]THORN: // how he adminn?
[19:48:55] FByte • BL00DB4TH ( :D ) kicked Glyptic (Bannign minges)
[19:48:55] Dropped "Glyptic" from server<STEAM_0:1:27308779>
[19:48:55] BamaBeast: please!
[19:48:55] [EGI][Kaoz Unit]THORN: !menu
[19:48:56] FByte • BL00DB4TH ( :D )<STEAM_0:0:36596406> spawned model models/props/de_train/lockers001a.mdl
[19:48:58] Overwatch Elite: // my house
[19:49:03] FByte • BL00DB4TH ( :D ) kicked BamaBeast (Nigger)
[19:49:03] Dropped "BamaBeast" from server<STEAM_0:1:2577848>
[19:49:04] Client "-TB- | Leeroy Jenkins" spawned in server (99.39.252.93:27005)<STEAM_0:0:5967548>.
[19:49:05] Client "Glyptic" connected (2.49.4.70:27005).
[19:49:06] Strategos: !ban blood 0 hacking
[19:49:06] FByte • BL00DB4TH ( :D ) kicked Breanotch (Nigger)
[19:49:06] Dropped "Breanotch" from server<STEAM_0:1:31830315>
[19:49:07] +SsS+ DJ Pon-3 (BoH): /ooc HACKERS
[19:49:10] FByte • BL00DB4TH ( :D ) kicked Overwatch Elite (Nigger)
[19:49:10] Dropped "Overwatch Elite" from server<STEAM_0:0:27058039>
[19:49:12] Leeroy Jenkins: // I accept the server rules.
[19:49:14] FByte • BL00DB4TH ( :D ) kicked LEGENDary_Napkin (Nigger)
[19:49:14] Dropped "LEGENDary_Napkin" from server<STEAM_0:0:43548257>
[19:49:15] Client "Breanotch" connected (24.231.200.120:27005).
[19:49:15] [EGI][Kaoz Unit]THORN: !Kick blood nigger
[19:49:18] FByte • BL00DB4TH ( :D ) kicked Leeroy Jenkins (Nigger again)
[19:49:18] Dropped "Leeroy Jenkins" from server<STEAM_0:0:5967548>
[19:49:21] +SsS+ DJ Pon-3 (BoH): /ooc dude
[19:49:26] FByte • BL00DB4TH ( :D ): // I am not admin
[19:49:27] FByte • BL00DB4TH ( :D )<STEAM_0:0:36596406> spawned model models/props/de_train/lockers001a.mdl
[19:49:27] Client "LEGENDary_Napkin" connected (71.17.191.138:27005).
[19:49:28] +SsS+ DJ Pon-3 (BoH): /ooc he can <censor> bring down the server
[19:49:28] Client "Overwatch Elite" connected (2.49.4.70:27021).
[19:49:28] FByte • BL00DB4TH ( :D )<STEAM_0:0:36596406> spawned model models/props/de_train/lockers001a.mdl
[19:49:30] FByte • BL00DB4TH ( :D )<STEAM_0:0:36596406> spawned model models/props/de_tides/gate_large.mdl
[19:49:31] FByte • BL00DB4TH ( :D ) was killed by worldspawn
[19:49:31] +SsS+ DJ Pon-3 (BoH): /ooc you idiot
[19:49:36] [EGI][Kaoz Unit]THORN: sm_admin
[19:49:41] +SsS+ DJ Pon-3 (BoH): /ooc hes a black hat hacker
[19:49:45] FByte • BL00DB4TH ( :D )<STEAM_0:0:36596406> spawned model models/props_junk/sawblade001a.mdl
[19:49:45] +SsS+ DJ Pon-3 (BoH): /ooc dont <censor> ban him
[19:49:55] Dropped "FByte • BL00DB4TH ( :D )" from server<STEAM_0:0:36596406>
[19:50:02] +SsS+ DJ Pon-3 (BoH): /ooc Good work
[19:50:04] Strategos: // good
[19:50:06] [EGI][Kaoz Unit]THORN: // ty:D
[19:50:06] +SsS+ DJ Pon-3 (BoH): /ooc You <censor> idiots.
[19:50:10] Strategos: // he wasnt showing up to me
[19:50:12] +SsS+ DJ Pon-3 (BoH): /ooc The servers going to die know.
[19:50:14] [EGI][Kaoz Unit]THORN: // whos the <censor> idiot?
[19:50:17] +SsS+ DJ Pon-3 (BoH): /ooc Now*
[19:50:22] +SsS+ DJ Pon-3 (BoH): /ooc All of you. He's a black hat hacker.
[19:50:23] Client "Glyptic" spawned in server (2.49.4.70:27005)<STEAM_0:1:27308779>.
[19:50:25] [EGI][Kaoz Unit]THORN: !kick dj dont ever say again dick
[19:50:25] [EGI][Kaoz Unit]THORN kicked +SsS+ DJ Pon-3 (BoH) (dont ever say again dick)
[19:50:25] Dropped "+SsS+ DJ Pon-3 (BoH)" from server<STEAM_0:0:16114649>
[19:50:25] Client "Overwatch Elite" spawned in server (2.49.4.70:27021)<STEAM_0:0:27058039>.
[19:50:30] Client "Breanotch" spawned in server (24.231.200.120:27005)<STEAM_0:1:31830315>.
[19:50:34] Glyptic: // I accept the server rules.
[19:50:36] [EGI][Kaoz Unit]THORN: // hes saying u wanna see my peepee?
[19:50:37] Overwatch Elite: // I accept the server rules.
[19:50:40] Strategos: // oh dear im scared of a ddos threat
[19:50:40] Overwatch Elite: // admin
[19:50:41] Glyptic: // Why you kick me!!
[19:50:43] Breanotch: // I accept the server rules.
[19:50:43] Overwatch Elite: // why u kick me
[19:50:45] Strategos: // didnt
[19:50:48] Overwatch Elite: // i didnt do some thing
[19:50:50] Overwatch Elite: // i swear
[19:50:51] Strategos: // somebody somehow
[19:50:52] Breanotch: /votemugger
[19:50:53] Glyptic: // omg Hackers!
[19:50:56] Strategos: // made themselves admin
[19:50:58] [EGI][Kaoz Unit]THORN: // we didnt blood became admin somehow
[19:51:00] Glyptic: // Hackers!
[19:51:01] Strategos: // they have been perma-banned
[19:51:07] Client "+SsS+ DJ Pon-3 (BoH)" connected (174.91.15.15:27005).
[19:51:11] Glyptic: // not really!
[19:51:19] Overwatch Elite: // ban them for ever
[19:51:20] Glyptic<STEAM_0:1:27308779> spawned model models/props_junk/garbage_carboard001a.mdl
[19:51:21] Overwatch Elite: // :D
[19:51:26] Strategos: // strange thing is they werent showing up on my status
[19:51:27] Client "-TB- | Leeroy Jenkins" connected (99.39.252.93:27005).
[19:51:43] Glyptic: /hobo
[19:51:43] [EGI][Kaoz Unit]THORN: // it showed for me
[19:51:44] Overwatch Elite: /pet
[19:51:47] Glyptic: /dropweapon
[19:51:51] Client "LEGENDary_Napkin" spawned in server (71.17.191.138:27005)<STEAM_0:0:43548257>.
[19:51:52] Glyptic: /pet
[19:51:52] Dropped "LEGENDary_Napkin" from server<STEAM_0:0:43548257>
[19:51:52] Overwatch Elite: /hobo
[19:51:53] Strategos: wait
[19:51:55] Strategos: im busy
[19:51:55] Overwatch Elite: /hobo
[19:51:56] Glyptic: /pet
[19:52:02] Client "LEGENDary_Napkin" connected (71.17.191.138:27005).
[19:52:09] Client "+SsS+ DJ Pon-3 (BoH)" spawned in server (174.91.15.15:27005)<STEAM_0:0:16114649>.
[19:52:10] Overwatch Elite: /drop
[19:52:17] +SsS+ DJ Pon-3 (BoH): // I accept the server rules.
[19:52:24] +SsS+ DJ Pon-3 (BoH): /ooc DO YOU NOT SEE WHAT YOUR DEALING WITH?
[19:52:24] Glyptic<STEAM_0:1:27308779> spawned model models/props_junk/garbage_carboard001a.mdl
[19:52:28] [EGI][Kaoz Unit]THORN: // srry all for that
[19:52:29] Overwatch Elite: /drop
[19:52:33] Overwatch Elite: /pet
[19:52:38] [EGI][Kaoz Unit]THORN: yes we <censor> do!
[19:52:39] +SsS+ DJ Pon-3 (BoH): /ooc HE'S A <censor> BLACK HAT HACKER. HE CAN BRING THE SERVER DOWN.
[19:52:44] +SsS+ DJ Pon-3 (BoH): /OOC nO YOU DON'T.
[19:52:45] +SsS+ DJ Pon-3 (BoH)<STEAM_0:0:16114649> spawned model models/props_combine/breendesk.mdl
[19:52:47] [EGI][Kaoz Unit]THORN: !kick dj <censor> u!
[19:52:47] [EGI][Kaoz Unit]THORN kicked +SsS+ DJ Pon-3 (BoH) (<censor> u!)
[19:52:47] Dropped "+SsS+ DJ Pon-3 (BoH)" from server<STEAM_0:0:16114649>
[19:52:51] Strategos: // stop
[19:52:51] [EGI][Kaoz Unit]THORN<STEAM_0:0:29933371> spawned/gave himself swep weapon_mad_m4
[19:52:54] Client "+SsS+ DJ Pon-3 (BoH)" connected (174.91.15.15:27005).
[19:52:55] [EGI][Kaoz Unit]THORN<STEAM_0:0:29933371> used the tool remover on models/props_combine/breendesk.mdl
[19:52:56] Strategos: // i need to know how he did it
[19:52:59] Glyptic: // kick hackers!
[19:53:05] [EGI][Kaoz Unit]THORN: // srry strat
[19:53:05] Glyptic: // call garry :P
[19:53:08] Client "-TB- | Leeroy Jenkins" spawned in server (99.39.252.93:27005)<STEAM_0:0:5967548>.
[19:53:10] Strategos: // he is perma-banned
[19:53:11] [EGI][Kaoz Unit]THORN: /givemoney 10
[19:53:17] [EGI][Kaoz Unit]THORN: /dropmoney 10
[19:53:23] Leeroy Jenkins: // I accept the server rules.
[19:53:28] Leeroy Jenkins: // YES
[19:53:30] [EGI][Kaoz Unit]THORN: !menu
[19:53:32] Glyptic: !ulx who
[19:53:35] Leeroy Jenkins: // I TOLD HE IS ADMIN
[19:53:36] Glyptic: !ulx
[19:53:42] Strategos: // how the <censor>
[19:53:46] [EGI][Kaoz Unit]THORN: // srry guys!
[19:53:47] Leeroy Jenkins: // HACKS
[19:53:49] Glyptic: !menu
[19:53:55] Client "+SsS+ DJ Pon-3 (BoH)" spawned in server (174.91.15.15:27005)<STEAM_0:0:16114649>.
[19:53:56] Client "VariedTechnique" connected (24.26.52.187:27005).
His steam id is: STEAM_0:0:36596406
-
Just to clarify to those who may be interested in this: This doesn't mean that there's an exploit in ULX. But it is possible though unlikely that ULX was the cause of this hacking. We've seen lots of exploits at the server level now where the attacker will gain control of the server through something unrelated to ULX and then start using ULX commands. This is not something we can prevent.
I modified the title of this thread to prevent confusion.
-
ok. It was very strange because he appeared as an admin and could kick people. However, he wasn't listed under any Ulib user-group, meaning he was a standard user.
-
he wasn't listed under any Ulib user-group, meaning he was a standard user.
Most likely then, he was using a Source exploit, or other mod's exploit, as console, which, ULX sees as admin.
If a person gets server console access in anyway, no matter the root cause, any administration function, ULX or not, can be used.
Unfortunately, ULX makes it easier for even those who shouldn't have admin access to perform administrative functions.
-
Unfortunately, ULX makes it easier for even those who shouldn't have admin access to perform administrative functions.
But that's intentional anyways. We want to make the server easy to administrate for rightful admins. :P
-
This again??
-
This again??
Absolutely! We make it easier for any exploiter person to administer someone elses their server.
-
This again??
Of course its this again!
Anyways, I just had something similar happen again... It seems to be my fault though since it happened twice.
I'm seeing this and this in the gmod logs.
(STEAM_0:0:5934277) is AuthedL
-----------------------------------------------------
Kolariah (STEAM_0:0:5934277) Attempted to switch noclipL 09/23/2011
WTF >:(
Can you guys please give me some tips that I apparently missed and help me better secure my servers so minges like this can't do this...
Maybe it has to do with FTP permissions like for example:users.txt? should i access to 774? What about Gmod Script enforcer?
NOTE: VAC is Enabled
-
I'm not sure what's generating either of those messages. This is from server.log?
-
Yes. The ULX logs didn't show anything different. This is from the default logs in /logs
Edit: After doing some research, the IsAuthed comes from is authorized by STEAM. As in anti-piracy. So no worrys there...
I'm thinking it must be some kinda of script takeover.
-
Oh, i think either ULX glitched one time, or my files got accidently sent to my friend, cause I was on his listen server, and HE was user, and I was superadmin, but after we noticed, I set things straight. This only happened once, so it was just a simple glitch-out, or something weird happened.
-
I don't really care how he did what he did, but im going to be banning his from my servers because he seems like a total idiot. Maybe you should add a line to the ULX SVN so he is banned from all the servers which use ULX.
-
add a line to the ULX SVN so he is banned from all the servers which use ULX
Uh, no.
As much as this team appreciates the fact you and others wish to rid the ULX-using world from persons like you describe, ULX is only a tool.
We don't like actions like described as much as, if not more (because we always seem to get 'ULX HAXED'), than the next server admin, ULX wasn't written to be big brother. The admins that use it are big brother. The folks that use exploits that use ULX to make it easier on them are bullies.
We simply allow big brother and bullies to fight it out.
Admittedly, We prefer to help our brother (http://forums.ulyssesmod.net/index.php/topic,5205.msg22868.html#msg22868)s in arms of course. As with recent recommendations made (http://forums.ulyssesmod.net/index.php/topic,5205.msg22826.html#msg22826) when Steam Voice was found to have exploits, and later to be found more complicated (http://forums.ulyssesmod.net/index.php/topic,5205.msg22993.html#msg22993), but we will most likely never add a line to any code to ban a particular user.
If you wish to work together, look into UBan and work together.
ULX doesn't kill people. People kill people (using ULX)
-
*not very helpful, helpful hint*
One way to thwart hackers is to not run an RP/TTT server :P
-
lol
krooks what you said doesn't make sense but OKAY
(cough that's a way to stop maybe exploiters not 'hackers')
Also erm. I don't mean to ruin the party and I have been enjoying myself reading this but hacking isn't erm, what happened. Megiddo you can sleep at night knowing ULX is secure enough to thwart the likes of me from overtaking it.
Mr. Anonymous wannabe needs to make his more secure says this observer.
-
sleep at night knowing ULX is secure enough to thwart the likes of me
Re: ULX
As we've said time and time again, we never guarantee 100% that ULX can't be exploited alone.
We just often find that many other mods/gamemodes are used in combination with ULX. ULX is just often used to make it easier for people to administrate a server, whether that person should have access to administer or not.
Additionally, we believe in full disclosure, and we've not yet been shown direct code/exploit examples (at least, I've not seen them) to show that ULX is the root cause.
Re: Likes of you?
I can't speak for Megiddo, but I'll speak for myself.
You've put too much personally identifiable information about yourself on the net if you wish to act all scary.
I have no fear.
Am I saying your not capable of great exploitation? Absolutely not.
Am I saying you don't have a legion of acquaintances to assist you when you decide to stir trouble? No.
Do I think you'd be the original creator/discoverer of any said exploitation. - No. I just think you want to be a great script kiddie.
Knowing what I learned about 'your likes' in just 5-10 minutes of boredom cross referencing various blogs and personal sites, I'll personally sleep just fine, thanks for asking.
-
He does sleep well at night.. I can attest to this due to my hidden camer... I mean spy c... I mean..
carry on...
-
I can attest to this due to
Good to know I keep you up at night with late night entertainment.
-
lol
krooks what you said doesn't make sense but OKAY
(cough that's a way to stop maybe exploiters not 'hackers')
Also erm. I don't mean to ruin the party and I have been enjoying myself reading this but hacking isn't erm, what happened. Megiddo you can sleep at night knowing ULX is secure enough to thwart the likes of me from overtaking it.
Mr. Anonymous wannabe needs to make his more secure says this observer.
I'm NOT an anonymous wannabe (I just happen to like the way the avatar looks. I don't actually support anonymous)
Pretty gay how you created an account just to troll the thread.
I'm sure it took no skill what-so-ever. some exploit told to you by a friend or a script you found on the internet from back when I had scriptenforcer disabled. You pretend to be some super-1337 gmod server exploiter to the point where you have a friend join to make up about you. It's sad how people like you have nothing to do with your time. Thanks for going there.
I may have over-reacted a bit because I thought I had the server 100% secured. I spent a few days testing security settings and then this happens.
Anways... I checked and double checked the permissions.. Must have been some exploit in the custom code I had going on..
Oh well. Something like this hasn't happened since so I'm fine.