0.3.8 Security Issue - Printable Version
+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP DL Edition (https://sampforum.blast.hk/forumdisplay.php?fid=92)
+--- Forum: SA-MP 0.3.DL (https://sampforum.blast.hk/forumdisplay.php?fid=90)
+--- Thread: 0.3.8 Security Issue (/showthread.php?tid=644178)
+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP DL Edition (https://sampforum.blast.hk/forumdisplay.php?fid=92)
+--- Forum: SA-MP 0.3.DL (https://sampforum.blast.hk/forumdisplay.php?fid=90)
+--- Thread: 0.3.8 Security Issue (/showthread.php?tid=644178)
Pages:
1
2
0.3.8 Security Issue - Misomir - 04.11.2017
Someone already told this,but there is BIG security issue bout new update.When downloading server-side model,there is chance to download some viruses from server(and if u wonderin why someone will put viruses in server,well,it dont have to be scripters.Some hackers could hack server and get into server files which allows them to put viruses in filrs.I know Kalcor said bout dis,but there is a issue.
And even if he fixes dat with some type of file extension check,hackers could perform RTLO attack(changing file extension but the virus is still executable).
Re: 0.3.8 Security Issue - Sew_Sumi - 04.11.2017
This has got to be the most terrible hype post ever...
You've posted this in Scripting Help, rather than bug reports, with no information other than someone has said that there's an exploit.
The person you are coining had his thread 'deleted', yet it's likely that it got hidden so no-one can see the method...
Seriously though, why'd you even post this here?
Re: 0.3.8 Security Issue - Battlezone - 04.11.2017
Can you fucking stop spreading this? you're legit cancer dude, can't you simply report it to the support team? retard
Re: 0.3.8 Security Issue - DeitY - 04.11.2017
How can he download virus if files are only downloaded with formats .txd and .dff, its not like an exe so u can extract it..+ files are being called only when u enter server via gta_sa.exe probably.. stop spreading shit around
Re: 0.3.8 Security Issue - Misomir - 04.11.2017
But the SAMP will think that is .dff or .txd file but it is .exe so it will be opened and...BOOM!
I'll try to make my application and then perform a RTLO and see if da theory is right
Re: 0.3.8 Security Issue - maksicnm - 04.11.2017
I said THAT...
It can be with FAKED EXTENSION (I know how)
They replace it with RAT file..
So
Replace someone with my name
EDIT: It cannot be .exe lmao\
@DeitY ja sam nexy afera inace
Re: 0.3.8 Security Issue - SlowARG - 04.11.2017
Anyway if you do a "RTLO" (right-to-left unicode char) you won't be able to do anything. The client won't magically open .exe files only because has a .exe extension.
Maybe an buffer overflow can be exploited (be honestly, if you install a bad skin, gta will crash).
Best regards.
Re: 0.3.8 Security Issue - maksicnm - 04.11.2017
Quote:
|
Originally Posted by SlowARG
 Anyway if you do a "RTLO" (right-to-left unicode char) you won't be able to do anything. The client won't magically open .exe files only because has a .exe extension.
Maybe an buffer overflow can be exploited (be honestly, if you install a bad skin, gta will crash). Best regards. |
Re: 0.3.8 Security Issue - SlowARG - 04.11.2017
Quote:
|
Originally Posted by maksicnm
RAT ... When player connect it will be executed (OnPlayerFinishDownload)...
|
Re: 0.3.8 Security Issue - maksicnm - 04.11.2017
Quote:
|
Originally Posted by SlowARG
Isn't possible yet because SA-MP will read files and treat them as models (a dff file isnt an executable). The SA-MP Client (or GTA:SA, whatever you want) will not treat modified dff files as executables, and your O.S will not treat dff files as executables...
|
Re: 0.3.8 Security Issue - SlowARG - 04.11.2017
Quote:
|
Originally Posted by maksicnm
Fake extension
|
I don't think SA-MP client has an open directive in downloaded models... So, when downloaded, the file will tries to load as model, maybe GTA crash (if the model isnt valid). But again, you can't execute files in this way.
Re: 0.3.8 Security Issue - Misomir - 04.11.2017
It will open file and when SAMP realize thats not required file it will crash.But,the file is opened which executes program(in theory)Im gonna test this,and if dat really is a exploit,then...I dunno
Re: 0.3.8 Security Issue - MyU - 04.11.2017
Quote:
|
Originally Posted by maksicnm
Fake extension
|
You could say that they could exploit it to execute arbitrary code.
Re: 0.3.8 Security Issue - maksicnm - 04.11.2017
We need KYE here :P
No one is crazy enough to test this :P
Re: 0.3.8 Security Issue - Xeon™ - 04.11.2017
if you are scared that much, buy youself an anti virus, and stop using free/cracked ones
Re: 0.3.8 Security Issue - Misomir - 04.11.2017
I will test it,but i will make a simple batch file which create a notepad file(or msgbox) with some text and change extension and then put into the localhost 0.3.8 server and test it.
Re: 0.3.8 Security Issue - maksicnm - 04.11.2017
Quote:
|
Originally Posted by Xeon™
if you are scared that much, buy youself an anti virus, and stop using free/cracked ones
|
Its small codes
It can but its alredy started
Re: 0.3.8 Security Issue - Kane - 04.11.2017
Quote:
|
Originally Posted by Misomir
I will test it,but i will make a simple batch file which create a notepad file(or msgbox) with some text and change extension and then put into the localhost 0.3.8 server and test it.
|
Re: 0.3.8 Security Issue - Misomir - 04.11.2017
Yeah
And that can be anything.Even .bat file with command format c
And u can say goodbye to ur system...
And yeah,i cant test it now,so i will try this tommorow
And EVERYTHING whats here till testing is just a theory...
Re: 0.3.8 Security Issue - Misomir - 04.11.2017
Can u tell me which forum is it?(here or pm)