0.3.8 Security Issue
#1

Someone already told this,but there is BIG security issue bout new update.When downloading server-side model,there is chance to download some viruses from server(and if u wonderin why someone will put viruses in server,well,it dont have to be scripters.Some hackers could hack server and get into server files which allows them to put viruses in filrs.I know Kalcor said bout dis,but there is a issue.
And even if he fixes dat with some type of file extension check,hackers could perform RTLO attack(changing file extension but the virus is still executable).
Reply
#2

This has got to be the most terrible hype post ever...

You've posted this in Scripting Help, rather than bug reports, with no information other than someone has said that there's an exploit.

The person you are coining had his thread 'deleted', yet it's likely that it got hidden so no-one can see the method...

Seriously though, why'd you even post this here?
Reply
#3

Can you fucking stop spreading this? you're legit cancer dude, can't you simply report it to the support team? retard
Reply
#4

How can he download virus if files are only downloaded with formats .txd and .dff, its not like an exe so u can extract it..+ files are being called only when u enter server via gta_sa.exe probably.. stop spreading shit around
Reply
#5

But the SAMP will think that is .dff or .txd file but it is .exe so it will be opened and...BOOM!
I'll try to make my application and then perform a RTLO and see if da theory is right
Reply
#6

I said THAT...
It can be with FAKED EXTENSION (I know how)
They replace it with RAT file..
So
Replace someone with my name

EDIT: It cannot be .exe lmao\

@DeitY ja sam nexy afera inace
Reply
#7

Anyway if you do a "RTLO" (right-to-left unicode char) you won't be able to do anything. The client won't magically open .exe files only because has a .exe extension.

Maybe an buffer overflow can be exploited (be honestly, if you install a bad skin, gta will crash).

Best regards.
Reply
#8

Quote:
Originally Posted by SlowARG
Посмотреть сообщение
Anyway if you do a "RTLO" (right-to-left unicode char) you won't be able to do anything. The client won't magically open .exe files only because has a .exe extension.

Maybe an buffer overflow can be exploited (be honestly, if you install a bad skin, gta will crash).

Best regards.
RAT ... When player connect it will be executed (OnPlayerFinishDownload)...
Reply
#9

Quote:
Originally Posted by maksicnm
Посмотреть сообщение
RAT ... When player connect it will be executed (OnPlayerFinishDownload)...
Isn't possible yet because SA-MP will read files and treat them as models (a dff file isnt an executable). The SA-MP Client (or GTA:SA, whatever you want) will not treat modified dff files as executables, and your O.S will not treat dff files as executables...
Reply
#10

Quote:
Originally Posted by SlowARG
Посмотреть сообщение
Isn't possible yet because SA-MP will read files and treat them as models (a dff file isnt an executable). The SA-MP Client (or GTA:SA, whatever you want) will not treat modified dff files as executables, and your O.S will not treat dff files as executables...
Fake extension
Reply
#11

Quote:
Originally Posted by maksicnm
Посмотреть сообщение
Fake extension
Again, try ALL extensions you want, you won't able to execute the model file.

I don't think SA-MP client has an open directive in downloaded models... So, when downloaded, the file will tries to load as model, maybe GTA crash (if the model isnt valid). But again, you can't execute files in this way.
Reply
#12

It will open file and when SAMP realize thats not required file it will crash.But,the file is opened which executes program(in theory)Im gonna test this,and if dat really is a exploit,then...I dunno
Reply
#13

Quote:
Originally Posted by maksicnm
Посмотреть сообщение
Fake extension
Reading the file != parsing & loading a PE.

You could say that they could exploit it to execute arbitrary code.
Reply
#14

We need KYE here :P

No one is crazy enough to test this :P
Reply
#15

if you are scared that much, buy youself an anti virus, and stop using free/cracked ones
Reply
#16

I will test it,but i will make a simple batch file which create a notepad file(or msgbox) with some text and change extension and then put into the localhost 0.3.8 server and test it.
Reply
#17

Quote:
Originally Posted by Xeon™
Посмотреть сообщение
if you are scared that much, buy youself an anti virus, and stop using free/cracked ones
AntiVirus cannot detect it, because when its downloaded its auto transfer and executed immediataly...
Its small codes

It can but its alredy started
Reply
#18

Quote:
Originally Posted by Misomir
Посмотреть сообщение
I will test it,but i will make a simple batch file which create a notepad file(or msgbox) with some text and change extension and then put into the localhost 0.3.8 server and test it.
Couldn't you test it first THEN make a post about it? All you did was throw around baseless arguments.
Reply
#19

Yeah
And that can be anything.Even .bat file with command format c
And u can say goodbye to ur system...
And yeah,i cant test it now,so i will try this tommorow
And EVERYTHING whats here till testing is just a theory...
Reply
#20

Can u tell me which forum is it?(here or pm)
Reply


Forum Jump:


Users browsing this thread: 4 Guest(s)