Ulysses

Ulysses Stuff => General Chat & Help and Support => Topic started by: ryeezy on April 22, 2013, 09:42:58 PM

Title: Hackers taking over ULX
Post by: ryeezy on April 22, 2013, 09:42:58 PM

Hello, I am using ULX on my Garry's Mod server (running the Trouble in Terrorist Town gamemode) and we had two hackers come into the server and take over our ULX. They were able to demote all the admins that were in the server and promote themselves to super admin. We know who did it and shut down the server then managed to ban both of them and they were just able to unban themselves then ban the admins. I disabled rcon and they were still able to over take the server and control ULX after unbanning themselves. Help would be greatly appreciated. Thank you in advance.

Title: Re: Hackers taking over ULX
Post by: MrPresident on April 23, 2013, 07:32:34 AM

The fact that they were able to unban themselves shows that its not a problem with ulx. You must have some other vulnerability somewhere on your server.

If they were somehow able to exploit ulx, banning them would have solved that since they'd have to be able to connect in order to hijack your admin mod.

Title: Re: Hackers taking over ULX
Post by: nathan736 on April 23, 2013, 08:58:39 AM

Do you have any rcon protector is your rcon in the cmd line? Not the config?  Do you even have a unique pass set for it? Is your FTP protected? if you need further help  pm me ;)

Title: Re: Hackers taking over ULX
Post by: JamminR on April 23, 2013, 07:33:25 PM

Quote from: MrPresident on April 23, 2013, 07:32:34 AM

The fact that they were able to unban themselves shows that its not a problem with ulx.

What he says.

We don't discount your issue, and we empathize with your plight.
Unfortunately, we find time and time again that ULX isn't the root cause.
It makes it easier for those who have gained root access to your server to administer your server as easy as it does for you who are supposed to have root.

Make sure you're not storing rcon passwords in your config files.
If you enable rcon, always set it's password in command line startup (like nathan says.)

Title: Re: Hackers taking over ULX
Post by: SuperAero_ on April 24, 2013, 02:04:08 AM

RunConsoleCommand

Title: Re: Hackers taking over ULX
Post by: nathan736 on April 24, 2013, 06:44:49 AM

ulx only has 2 real weaknesses you server file system and rcon every thing else is water tight unless you have commands that give people ranks (not counting the actual ulx ones)

Quote from: SuperAero_ on April 24, 2013, 02:04:08 AM

RunConsoleCommand

this doesnt work as that is client locked and or lua side only would only work if you found a open end RunConsoleCommand  chunk of lua. < should never happen