Raised This Month: $12 Target: $400
 3% 

Security Exploit in UAIO Binary


Post New Thread Closed Thread   
 
Thread Tools Display Modes
slyguy42o
Junior Member
Join Date: Jul 2006
Old 01-28-2008 , 19:51   Re: Security Exploit in UAIO Binary
#11

hey Bail, I sent you an email on this as well.

STEAM_0:1:20031 is an innocent bystander, he is one of my trusted admins and NOT a part of this nefarious scheme. I believe his ID was included as he was in the logs I sent in because my server was attacked using this exploit, . the intruder was trying to BAN this ID, mostly I believe due to the fact that he was the only other admin present while he was using his hijacked credentials.. please exonerate this individual as he is not guilty.

Thanks

sly
slyguy42o is offline
Roach
Writes love letters to sawce Daily
Join Date: Jul 2006
Location: Internet
Old 01-28-2008 , 20:50   Re: Security Exploit in UAIO Binary
#12

Gotcha...sorry for the confusion. The logins were one right after another, so we thought they ran in tandem.
__________________
Quote:
Originally Posted by Brad View Post
That sounds like a really good idea!
Now replace the word "good" with "dumb".
What was your rationale for proposing such a thing?
Roach is offline
flyeni6
Senior Member
Join Date: Jun 2006
Location: CAli
Old 01-28-2008 , 21:18   Re: Security Exploit in UAIO Binary
#13

wow, well i dont really use uaio anymore so im safe
__________________

flyeni6 is offline
Send a message via AIM to flyeni6
hoboman
Senior Member
Join Date: Jul 2007
Old 01-29-2008 , 00:42   Re: Security Exploit in UAIO Binary
#14

heh....i was looking for some of those old, exploited UAIOs and I actually found one...that one was all the way back from August, 2006 and the version was 1.51 ( same as the current one....errrrg )...i would post a link to the site where I found it, but I fear admin rage

Quote:
// uaio_admin.sma Version 1.51 Date: AUG/01/2006
__________________

Last edited by hoboman; 01-29-2008 at 00:48.
hoboman is offline
Styles
Veteran Member
Join Date: Jul 2004
Location: California
Old 01-29-2008 , 01:50   Re: Security Exploit in UAIO Binary
#15

I can't believe it! that means this exploit has been circling for a while...and it was blood? I can't believe this. he is a good coder too... this is sad. gj guys on the find. ill +rep you all later. I'm on my pda.
Styles is offline
Send a message via AIM to Styles
Mordekay
Squirrel of Fortune
Join Date: Apr 2006
Location: Germany
Old 01-29-2008 , 11:22   Re: Security Exploit in UAIO Binary
#16

Wow, hard stuff
__________________

Mordekay is offline
YamiKaitou
Has a lovely bunch of coconuts
Join Date: Apr 2006
Location: Texas
Old 01-29-2008 , 12:50   Re: Security Exploit in UAIO Binary
#17

Quote:
Originally Posted by hoboman View Post
i would post a link to the site where I found it, but I fear admin rage
I would then suggest PMing it to either Roach, Bail, or sawce. But, make sure that the subject line is detailed enough so that they know what it is before they delete it.



It is amazing what people will do to other servers. I always recompile the source code that I get from anywheres, of course, it is normally only from here anyways.
__________________
ProjectYami Laboratories

I do not browse the forums regularly anymore. If you need me for anything (asking questions or anything else), then PM me (be descriptive in your PM, message containing only a link to a thread will be ignored).
YamiKaitou is offline
Gunny
Senior Member
Join Date: Mar 2004
Location: Magnolia, Texas
Old 01-29-2008 , 14:41   Re: Security Exploit in UAIO Binary
#18

Good catch guys.

Quote:
BAD: You have an exploited copy of UAIO. Download new copies of all UAIO .amxx files. You should post in the forum news thread that you encountered this incident.
I only download my plugins from here !!! I don't think I got this from anywhere else.

This is really sad. All he had to do, imo, was ask me for admin on my servers and I prolly would have said sure.

Code:
////////////////////////////////////////////////////////////////////////////////////////////
//   uaio_admin.sma                    Version 1.51                       Date: AUG/01/2006
//
//   RS UAIO (Ultimate All-In-One) Admin Menu System (Multilingual)
//   File: UAIO Admin - Main Source File
//
//   Created By:    Rob Secord, B.Sc.
//   Alias: xeroblood (aka; Achilles; sufferer)
//   Email: [email protected]
//
//   Updated By:    Dan Weeks
//   Alias: $uicid3
//   Email: [email protected]
//
//   Developed using:  AMXX 1.50, 1.55, 1.60, 1.65, 1.70, 1.75
//   Modules:          Fun
//                     Engine
//                     CStrike
//
//   Tested On:        CS 1.6 (STEAM)
//                     Linux HLDS
//                     Windows HLDS/ListenServer
//
//   Current Internal Command Count: 81
//
////////////////////////////////////////////////////////////////////////////////////////////
__________________
TEAM FORTRESS 2 - 70.85.30.25:27015
COUNTER-STRIKE SOURCE - 70.85.30.22:27015
COUNTER-STRIKE SOURCE DEATH MATCH - 70.85.30.23:27015

Last edited by Gunny; 01-29-2008 at 15:01.
Gunny is offline
iamjosh
Member
Join Date: Aug 2007
Old 01-29-2008 , 16:30   Re: Security Exploit in UAIO Binary
#19

Although this is kinda in the jerk category. I can't really blame him for doing that. He made I believe the most popular amxx plugin. I would have been tempted to do the same thing.
iamjosh is offline
bmann_420
AMX_Super Pooper
Join Date: Jan 2005
Location: [SuperCentral.co]
Old 01-29-2008 , 16:33   Re: Security Exploit in UAIO Binary
#20

Wow, Good Job once again. Kinda crazy tho. Diddnt expect that from that particular individual, but then again its a community on the intranet and Not in person, so you can't get punched in the face.
Good thing Xanimos runs it now.
__________________

Last edited by bmann_420; 02-01-2008 at 15:54.
bmann_420 is offline
Closed Thread


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 09:21.


Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Theme made by Freecode