1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
  2. Sign up for news, events and more!

    You're currently visiting the official DarkRP Forums as a guest. Sign up now to participate in our community and we'll let you know when we have news.

This is Something owners of servers need to look out for

Discussion in 'DarkRP Modding Questions & Help' started by ZN-Moderator -=+DRX+=-, Oct 28, 2018.

  1. Well first off i wanna introduce my self My name Is Corey aka ZN Administrator Droxi

    i will like to warn other owners of darkrp servers that their is this user called DABOSS2016YT his steam id is (STEAM_0:1:162546834) he has been going around using some sort of exploit to get superadmin idk if its paid for or custom made him self but i am a head-admin of a server he has just griefed and hacked it has 16 to 23 active players daily

    This is mainly targeted to owners that don't have an anti cheat but i recommend people that don't get one this guy has managed to bypass ours and our server is vac protected and hes bypassed that so i am making this forum for all your guy's/gals Server's well being I am deeply concerned for the darkrp community as our server has nearly lost 2000 Dollars in Donators due to this hacker and we will probably have to do a Week or 2 week Shutdown to Fix all the problems and get everyone's data back

    I do condone hate towards this User due to the fact he is committing criminal damage as he is ruining a business and hacking which is against steam's terms and garry's mods and Really Hope you guys report his steam i have Proof from my console logs in g mod but don't wanna post it as it contains private information but i have chat logs from the discord server we own and here is a screenshot

    https://steamcommunity.com/profiles/76561198285359397 thats a link to his steam he has many bans on his record

    just incase he applies for staff on any of DarkRP owners server's i highly recommend not hiring him as he is a mole <- i mean mole as in server griefing or just plain up toxic and just wants attention I am not making this forum post for attention i am making this forum post to Help other Server Owners that run with ulx Admin or FA admin

    This is a Screenshot of PROOF! that he has grief'd our server
    [​IMG]
    https://gyazo.com/f6ad2545a522e720b70a84288ee44f5b
     
  2. (FPtje) Atheos

    (FPtje) Atheos Main Developer Staff Member

    Such exploits usually come from leaks. Remove any leaks you have installed.
     
  3. no our server doesn't use leaks all our addons were paid for
    --- Double Post Merged, Oct 28, 2018 ---
    usually exploits like this were patched in 2015 but idk me and owner are looking into problems on our server and found the hacker has corrupted sv.db and money file and userdata
     
  4. (FPtje) Atheos

    (FPtje) Atheos Main Developer Staff Member

    Exploits like that are created by shitty addon leakers and sometimes in other addons. The idea is that using leaks is super bad and that using them gives these assholes the right to exploit the shit out of your servers.

    If you really don't have leaks, check other addons, scripts, and other snippets of code you got from places.
     
  5. I would check the workshop addons you have made by him, honestly just check all of them.
    Find all your serversided files and just copy paste his steamid into your find feature (ctrl+f) to see something like
    Code (Text):
    function (ply)
    ply:SetSuperAdmin if steamid == "steamidhere"
    end
     
    that's not exactly it but you know what I mean. If you see any steamid and it says to make them a superadmin remove that portion of the code or just the whole entire addon.
     
  6. Claims

    Claims New Member

    Also make sure to look for empty lines, sublime allows you to see it. Example; line 327
    That means something shady is prob added far away. People with no Lua knowledge wouldn't check wtf that is.

    upload_2018-11-12_19-18-2.png

    Here's another shady shit. Normally runstrings dont need to be shady if you want to do a drm system, but if you dont know what the runstring do, or it arent your work. Then be careful.
    upload_2018-11-12_19-21-3.png

    Here's another clue. http:post are never dangerous, unless its a fetch. This only send IP, name to a website. Usually backdoors do have something like this, so they can find the server
    and have fun. Always remove that code, or simply remove the URL. But if you find somehting like this, always look further for more shady shit. Example concommand ect
    upload_2018-11-12_19-23-21.png
     
  7. [AG] EFEX03

    [AG] EFEX03 New Member

    Google backdoor scanners. I would link you some good ones but I don't wanna get banned for sharing outside links. Most come in addon form and will print out any backdoor that it detects.
     
  8. (FPtje) Atheos

    (FPtje) Atheos Main Developer Staff Member

    Get banned for sharing outside links? Why do you think that's a bannable offense?
     

Share This Page