Raised This Month: $32 Target: $400
 8% 

Exploit


Post New Thread Reply   
AlliedModders Forum Index > AMX Mod X > Plugins > High-Traffic Plugins > UAIO (Ultimate All-In-One Plugin)
 
Thread Tools Display Modes
Author Message
dragonshark
New Member
Join Date: Jul 2009
Old 08-16-2009 , 12:00   Exploit
Reply With Quote #1
This plugin have a Exploit !!
Modders checked it and its true !
Don't download it.
They can control your PC when your online !
This is no joke they can Shutdown , open CD Rom , Get Passwords , Control [Like Teamviewer] !

Quote:
Security Exploit in UAIO Binary Jan 28, 2008 10:14
It has recently come to our attention that there is an exploited copy of the "UAIO" (Ultimate All-In-One) Plugin being distributed in the wild. It is a special build of UAIO that does not match the original source code, and has been hand-crafted such that any user knowing a secret command can become an administrator.

This incident involves a malicious copy of UAIO that has a secret backdoor. UAIO and AMX Mod X are otherwise normally secure.

In order to protect our users we have released a tool to check your copy of UAIO:

Simply upload your uaio_admin.amxx file and it will tell you whether it has the exploit. Game Service Providers (GSPs) should check their client's installations.

UPDATE: We have traced this issue to the original UAIO author Robert J. Secord ("xeroblood," "SystemWisdom"), who had been distributing malicious binaries, probably so he could backdoor any server using his plugin. UAIO is currently maintained by Xanimos and thus its binaries are now safe! However, if you find any other software distributed by this person, I would think twice before using it. He clearly cannot be trusted.

This type of abuse is beyond unscrupulous. Under no circumstances is it ever acceptable to post exploited or backdoored binaries on our forums.

Additionally, we have collected a Steam ID of someone that has been using this exploit in the wild. I'm listing them and server operators in the community can decide if they want to blacklist them or not:

STEAM_0:0:13428340


If you have further questions, please do not hesitate to post them here. Obviously, if you post the actual exploit here, or publicly post any copies of the infected binary, you will be permanently banned.

I would like to thank sawce for finding the exploit, which was no easy task. I would also like to thank Roach who kept this issue alive despite naysaying from yours truly.

Thanks for your support.
dragonshark is offline
chris
Senior Member
chris's Avatar
Join Date: Mar 2007
Location: America
Old 08-17-2009 , 18:15   Re: Exploit
Reply With Quote #2
Are you dumb? This plugin had an exploit in the .amxx file which was fixed a long time ago.
__________________
chris is offline
Send a message via AIM to chris
Reply
AlliedModders Forum Index > AMX Mod X > Plugins > High-Traffic Plugins > UAIO (Ultimate All-In-One Plugin)

« Previous Thread | Next Thread »


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -4. The time now is 19:15.

DMCA - Archive - Top

Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Theme made by Freecode