Had an incident on my server today where someone somehow got full admin on my server now i'm not sure how the hell it happened, i'm the only one that knows our server FTP and all the files checked out so how could this guys have got full admin on my server? is there a bug or security hole in AMX Mod X?
Server Log Entry: L0928
Code:
L 09/28/2004 - 10:12:26: -------- Mapchange --------
L 09/28/2004 - 10:23:13: -------- Mapchange --------
L 09/28/2004 - 10:23:41: [admin.amxx] Login: "[DS-Elite] The0ne<1><STEAM_0:0:3859533><>" became an admin (account "STEAM_0:0:3859533") (access "abcdefghijklmnopqrstu") (address "81.110.218.38")
L 09/28/2004 - 10:25:00: [admincmd.amxx] Cmd: "[DS-Elite] The0ne<1><STEAM_0:0:3859533><>" ask for players list
L 09/28/2004 - 10:39:21: -------- Mapchange --------
L 09/28/2004 - 10:39:21: [AMXX] Module "csstats" required for plugin. Check modules.ini. (plugin "statsx.amxx")
L 09/28/2004 - 10:39:21: [AMXX] Module "csstats" required for plugin. Check modules.ini. (plugin "stats_logging.amxx")
L 09/28/2004 - 10:40:04: [admin.amxx] Login: "[DS-Elite] The0ne<1><STEAM_0:0:3859533><>" became an admin (account "STEAM_0:0:3859533") (access "abcdefghijklmnopqrstu") (address "81.110.218.38")
L 09/28/2004 - 10:41:03: [mapsmenu.amxx] Cmd: "[DS-Elite] The0ne<1><STEAM_0:0:3859533><>" changelevel "cs_office_cz"
L 09/28/2004 - 10:41:05: -------- Mapchange --------
L 09/28/2004 - 10:41:06: [AMXX] Module "csstats" required for plugin. Check modules.ini. (plugin "statsx.amxx")
L 09/28/2004 - 10:41:06: [AMXX] Module "csstats" required for plugin. Check modules.ini. (plugin "stats_logging.amxx")
L 09/28/2004 - 10:41:07: [admin.amxx] Login: "[DS-Elite] The0ne<1><STEAM_0:0:3859533><>" became an admin (account "STEAM_0:0:3859533") (access "abcdefghijklmnopqrstu") (address "81.110.218.38")
L 09/28/2004 - 10:49:27: -------- Mapchange --------
L 09/28/2004 - 10:49:55: [admin.amxx] Login: "[DS-Elite] The0ne<1><STEAM_0:0:3859533><>" became an admin (account "STEAM_0:0:3859533") (access "abcdefghijklmnopqrstu") (address "81.110.218.38")
L 09/28/2004 - 11:04:57: [mapsmenu.amxx] Cmd: "[DS-Elite] The0ne<1><STEAM_0:0:3859533><>" changelevel "cs_italy_cz"
L 09/28/2004 - 11:05:00: -------- Mapchange --------
L 09/28/2004 - 11:05:01: [admin.amxx] Login: "[DS-Elite] The0ne<1><STEAM_0:0:3859533><>" became an admin (account "STEAM_0:0:3859533") (access "abcdefghijklmnopqrstu") (address "81.110.218.38")
L 09/28/2004 - 11:08:49: [mapsmenu.amxx] Cmd: "[DS-Elite] The0ne<1><STEAM_0:0:3859533><>" changelevel "de_dust2_cz"
L 09/28/2004 - 11:08:51: -------- Mapchange --------
L 09/28/2004 - 11:08:53: [admin.amxx] Login: "[DS-Elite] The0ne<1><STEAM_0:0:3859533><>" became an admin (account "STEAM_0:0:3859533") (access "abcdefghijklmnopqrstu") (address "81.110.218.38")
users.ini listed below:
Code:
; Users configuration file
; File location: $moddir/addons/amxx/configs/users.ini
; Line starting with ; is a comment
; Access flags:
; a - immunity (can't be kicked/baned/slayed/slaped and affected by other commmands)
; b - reservation (can join on reserved slots)
; c - amx_kick command
; d - amx_ban and amx_unban commands
; e - amx_slay and amx_slap commands
; f - amx_map command
; g - amx_cvar command (not all cvars will be available)
; h - amx_cfg command
; i - amx_chat and other chat commands
; j - amx_vote and other vote commands
; k - access to sv_password cvar (by amx_cvar command)
; l - access to amx_rcon command and rcon_password cvar (by amx_cvar command)
; m - custom level A (for additional plugins)
; n - custom level B
; o - custom level C
; p - custom level D
; q - custom level E
; r - custom level F
; s - custom level G
; t - custom level H
; u - menu access
; z - user (no admin)
; Account flags:
; a - disconnect player on invalid password
; b - clan tag
; c - this is steamid/wonid
; d - this is ip
; e - password is not checked (only name/ip/steamid needed)
; Format of admin account:
; <name|ip|steamid> <password> <access flags> <account flags> <comment>
"STEAM_0:0:376611" "" "abcdefghijklmnopqrstu" "ce" ;Kakistos (Full Admin + RCON + Immunity)
"STEAM_0:0:2598121" "" "abcdefghijklmnopqrstu" "ce" ;Lister (Full Admin + RCON) DISABLE
"STEAM_0:0:1514928" "" "abcdefghijklmnopqrstu" "ce" ;Soap-Bar (Full Admin + RCON)
"STEAM_0:1:4538076" "" "bcefghijklmnopqrstu" "ce" ;Babey (Limited Admin [No RCON No sv_password]
"STEAM_0:0:2999654" "" "bceij" "ce" ;MRM!N! (Standard Admin)
"STEAM_0:0:4733963" "" "bceij" "ce" ;BDP (Standard Admin)
"STEAM_0:0:6338722" "" "bceij" "ce" ;Furious (Standard Admin)
"STEAM_0:1:2853930" "" "bceij" "ce" ;MrKu1e (Standard Admin)
"STEAM_0:0:6952876" "" "bceij" "ce" ;ZAIN (Standard Admin)
;"STEAM_0:1:415871" "" "bceij" "ce" ;MrSmokey (Standard Admin)
"STEAM_0:1:3037121" "" "b" "ce" ;L!quId (Reserve Slot)
"loopback" "" "abcdefghijklmnopqrstu" "de"
Any ideas? Help + rapid reply much appreciated!
*Note* STEAM_ID's hidden for privacy