SA-MP Forums Archive
Security Problem - Printable Version

+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Server (https://sampforum.blast.hk/forumdisplay.php?fid=6)
+--- Forum: Server Support (https://sampforum.blast.hk/forumdisplay.php?fid=19)
+--- Thread: Security Problem (/showthread.php?tid=595227)



Security Problem - Nin9r - 29.11.2015

Hi! I have a samp server who's working on mysql and few days ago i saw new admins on my server. I don't know how, in my GM i don't have any commands to give admin. I verrified pAdmin] on the entire script. Even though he doesn't know /makeadmin command he removed me from the admins. How ? I don't have any user panel or something for sql injection. It is so weird. Please help !
Some ideas?


Re: Security Problem - Sithis - 30.11.2015

Let me guess: you are using a downloaded and/or leaked gamemode that contains a backdoor.


Re: Security Problem - rymax99 - 30.11.2015

Maybe, uh, I don't know, check logs?

If you don't log commands, then there's your starting point.


Re: Security Problem - Nin9r - 30.11.2015

Quote:
Originally Posted by Sithis
View Post
Let me guess: you are using a downloaded and/or leaked gamemode that contains a backdoor.
I am using VORTEX GM, i don't have any command in my GM for give admin. Any ideas?


Re: Security Problem - rymax99 - 30.11.2015

Quote:
Originally Posted by Nin9r
View Post
I am using VORTEX GM, i don't have any command in my GM for give admin. Any ideas?
Learning how to read would be a solid start.

Quote:
Originally Posted by rymax99
View Post
Maybe, uh, I don't know, check logs?

If you don't log commands, then there's your starting point.
Seems like you want some magical answer to your problem served on a silver platter. If you're not a competent scripter/server admin, then at least give us something to work with, in this case it'd be logs.


Re: Security Problem - Nin9r - 30.11.2015

[QUOTE=rymax99;3621185]Learning how to read would be a solid start.

So.. can you help me? Tell me where are these logs... I checked server_logts and mysql_logs but you can't understand this. I don't see anything about these errors.

I am not english, i don't want a prize for that... All that matters is that you can understand me..


Re: Security Problem - Sew_Sumi - 01.12.2015

Question is, which EDIT of Vortex are you actually using... Because really, if you've got a Vortex EDIT, then someone has tampered with it.

First things I'd do is change my passwords for everything, and then wipe out whatever "admins" have been made on the server.


The logs he'll be talking about will be the server.log, and the log file that has the commands in it.


Re: Security Problem - Adzdon - 01.12.2015

As Sew_Sumi said Clean out your database delete whoever is an admin on your server. Change all your passwords for database, rcon etc...


Re: Security Problem - Nin9r - 01.12.2015

i did it before but now they are appearing again.

Any ideas?


I think that is a SQL INJECTION.

Please check it:

Code:
case 3643:
		{
			if(response)
			{
				new string[128];
				if(strlen(inputtext) >= 1)
				{
					format(PlayerData[playerid][pPassword], 255, "%s", inputtext);
					format(string, sizeof(string), "Password changed to '%s'.", inputtext);
					SendClientMessage(playerid, BLUE, string);
					new Str[256];
					format(Str,256,"UPDATE `players` SET `Password`='%s' WHERE `ID`='%d'",inputtext, PlayerData[playerid][pSQLID]);
					mysql_tquery(handle,Str);
				}
				else return SCM(playerid,COLOR_WHITE,"+1 character.");
			}
		}
Have I to use mysql_real_escape_string? How?


Re: Security Problem - EmilLykke - 01.12.2015

Which edit/version are you using the your gamemode?

And it sounds like, your mysql server was hacked, or there is a command to give yourself power.

Have you changed the RCON password?


Re: Security Problem - Sew_Sumi - 01.12.2015

Link us to the gamemode if it's on the forum, if it's on another site, it's likely to be compromised.


Re: Security Problem - Nin9r - 06.12.2015

It was from that menu. /changepass.. There i didn't use mysql_escape_string and that was SQL INJECTION.


Re: Security Problem - Calgon - 06.12.2015

Oh god who ruined my gamemode with that stupid code? Which edit are you using? Did you remove Whirlpool?