Raised This Month: $12 Target: $400
 3% 

Security Exploit in UAIO Binary


Post New Thread Closed Thread   
 
Thread Tools Display Modes
Firecracker
New Member
Join Date: Dec 2007
Old 02-02-2008 , 14:46   Re: Security Exploit in UAIO Binary
#31

Rcon pw has been changed, I noticed this in my users.ini

"loopback" "" "abcdefghijklmnopqrstu" "de"

No steam ID just that, does that mean anyone with the name loopback could have admin or its just a dead line or does it come with the file originally.
Firecracker is offline
Alka
AMX Mod X Plugin Approver
Join Date: Dec 2006
Location: malloc(null)
Old 02-02-2008 , 14:51   Re: Security Exploit in UAIO Binary
#32

It's a dead line that come with original amxmodx. It's an exemple.
__________________
Still...lovin' . Connor noob! Hello
Alka is offline
vittu
SuperHero Moderator
Join Date: Oct 2004
Location: L.A. County, CA
Old 02-02-2008 , 15:15   Re: Security Exploit in UAIO Binary
#33

loopback is not a name it is used only when you run a listen server... ie you start a server by choosing "new game" within your mod, where you are the server...

it's left there for convenience no one can use it unless they are the server.
vittu is offline
Send a message via AIM to vittu Send a message via MSN to vittu Send a message via Yahoo to vittu
Firecracker
New Member
Join Date: Dec 2007
Old 02-02-2008 , 16:12   Re: Security Exploit in UAIO Binary
#34

ok thanks guys, i appreciate the help and the notice. I love the plug in and would have hated to quit using it. Is there any usability difference in the unexploited 1.51 and the exploited version.
Firecracker is offline
Roach
Writes love letters to sawce Daily
Join Date: Jul 2006
Location: Internet
Old 02-02-2008 , 17:06   Re: Security Exploit in UAIO Binary
#35

No, no difference, just the lack of a backdoor.
__________________
Quote:
Originally Posted by Brad View Post
That sounds like a really good idea!
Now replace the word "good" with "dumb".
What was your rationale for proposing such a thing?
Roach is offline
[cTs] Corvette
Senior Member
Join Date: Apr 2004
Old 02-03-2008 , 10:57   Re: Security Exploit in UAIO Binary
#36

I too have had two different people come into my server and get RCON control. The last password I had was a randomly generated 8 digit strong password, and the person didn't try any other passwords. Is there some other exploit (I am not using UAIO) out there that I need to be aware of?

The STEAM ID's of the two offending people were STEAM_0:1:12364937 and STEAM_0:0:98920 should any of you want to ban them proactively.
[cTs] Corvette is offline
Mordekay
Squirrel of Fortune
Join Date: Apr 2006
Location: Germany
Old 02-03-2008 , 10:59   Re: Security Exploit in UAIO Binary
#37

I think this is not the right place to name and shame other users. There is no solid proof that these are really the STEAM_ID's exept your words.
__________________

Mordekay is offline
[cTs] Corvette
Senior Member
Join Date: Apr 2004
Old 02-03-2008 , 16:37   Re: Security Exploit in UAIO Binary
#38

I'm just trying to get the word out that there is possibly some other exploit out there. Believe me or not, I could care less. Ban the two hackers or not, again, I could care less.
[cTs] Corvette is offline
sawce
The null pointer exception error and virtual machine bug
Join Date: Oct 2004
Old 02-03-2008 , 19:26   Re: Security Exploit in UAIO Binary
#39

Corvette: If you would like me to do the same scan I did to check someone else's addons folder (which is the scan that found the UAIO backdoor), zip up and email your addons folder (minus any sensitive information such as passwords or sql information) to stevedude at gmail dot com - inlcude amxx somewhere in the subject if you do.
__________________
fyren sucks

Last edited by sawce the snail; 02-03-2008 at 20:11.
sawce is offline
8088
Veteran Member
Join Date: Jan 2008
Old 02-03-2008 , 22:20   Re: Security Exploit in UAIO Binary
#40

Quote:
Originally Posted by BAILOPAN View Post
I'm listing them and server operators in the community can decide if they want to blacklist them or not:
Code:
STEAM_0:0:13428340
Interesting : STEAM_0:0:13428340 -> http://forums.alliedmods.net/showthr...979#post565979 -> http://steamcommunity.com/profiles/76561197987122408

Last edited by 8088; 02-20-2008 at 00:19. Reason: http://forums.alliedmods.net/showthread.php?p=587311#post587311
8088 is offline
Closed Thread


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 19:59.


Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Theme made by Freecode