Raised This Month: $120 Target: $400
 30% 

Security Exploit in UAIO Binary


Post New Thread Closed Thread   
 
Thread Tools Display Modes
DSi
Junior Member
Join Date: Oct 2006
Old 01-30-2008 , 17:03   Re: Security Exploit in UAIO Binary
#21

BAD: You have an exploited copy of UAIO. Download new copies of all UAIO .amxx files. You should post in the forum news thread that you encountered this incident.

I got this message I posted here because it told me to
DSi is offline
>)SL(< | Wicked
Senior Member
Join Date: Jan 2008
Old 01-30-2008 , 19:10   Re: Security Exploit in UAIO Binary
#22

Hey DSi!!! Its Robert.

Well, I can't really believe someone would do this! Good job guys for finding this! Its also a good thing I took UAIO off my server.
__________________
#Team !иکдиІтy
>)SL(< | Wicked is offline
Dric Laar
BANNED
Join Date: Dec 2007
Old 01-31-2008 , 23:05   Re: Security Exploit in UAIO Binary
#23

Well this actually explains ALOT.
I got my server hacked before...had UAIO on it too...I didn't keep it though...

But seriously....THANKS ALOT lol
Dric Laar is offline
kuttaja
New Member
Join Date: May 2006
Old 02-01-2008 , 04:53   Re: Security Exploit in UAIO Binary
#24

What about his other plugins?
kuttaja is offline
Xanimos
Veteran Member
Join Date: Apr 2005
Location: Florida
Old 02-01-2008 , 13:50   Re: Security Exploit in UAIO Binary
#25

Quote:
Originally Posted by kuttaja View Post
What about his other plugins?
His other plugins are clean. The only reason he was able to do it in UAIO was by pre-compiling the plugin with the exploit. And since none of his other plugins are pre-compiled, meaning only the .sma is uploaded, they are perfectly fine.

This report isn't meant to bash UAIO, it in its self is a good plugin and has no exploit. Just that the creator went a little far when he scripted a secret back door.
__________________
Xanimos is offline
Send a message via AIM to Xanimos Send a message via MSN to Xanimos
Jheshka
Senior Member
Join Date: Dec 2005
Old 02-01-2008 , 19:18   Re: Security Exploit in UAIO Binary
#26

Wow, didn't see this coming...
__________________
James
Jheshka is offline
chris
Senior Member
Join Date: Mar 2007
Location: America
Old 02-01-2008 , 22:09   Re: Security Exploit in UAIO Binary
#27

Oh I see, he put a differnent AMXX file than the sma's AMXX file.
__________________
chris is offline
Send a message via AIM to chris
Firecracker
New Member
Join Date: Dec 2007
Old 02-02-2008 , 13:56   Re: Security Exploit in UAIO Binary
#28

What steps should we take besides replacing our UAIO. I will say I had someone appear to change maps on my server and I know I am the only admin. When I looked at my logs there was nothing about the map change till time ran out and all of a sudden something besides the only map on my rotation was there.
Firecracker is offline
BAILOPAN
Join Date: Jan 2004
Old 02-02-2008 , 13:59   Re: Security Exploit in UAIO Binary
#29

Make sure your users.ini (or SQL tables, if applicable) only contains entries you know about.
__________________
egg
BAILOPAN is offline
vittu
SuperHero Moderator
Join Date: Oct 2004
Location: L.A. County, CA
Old 02-02-2008 , 14:30   Re: Security Exploit in UAIO Binary
#30

Also, if there is no amxmodx log about the map change it sounds like they had your rcon password. Could check hl logs to see if anyone else was on rcon at the time or just change your rcon password to be safe either way.
vittu is offline
Send a message via AIM to vittu Send a message via MSN to vittu Send a message via Yahoo to vittu
Closed Thread


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 23:46.


Powered by vBulletin®
Copyright ©2000 - 2019, vBulletin Solutions, Inc.
Theme made by Freecode