[MaTrIx4057]

Dear SA:MP Community.

I come here to report some rather scary reports coming from the 'DM Community' part of SA:MP.

You may or may not know SA:MP is now an official 'e-sport' on the Electronic Sports League. This seems like a good thing however the 'ESL' has given a select group of SA:MP players control over the game, game server and forum.

These ESL servers run a gamemode called 'Deadly Combinations' which is an attack and defend game mode. However, whilst browsing through the filterscripts of this file an 'ESL' admin who is a close personal friend of mine found an unusual script and a plaintext file with usernames and plaintext passwords of every member who had registered.

After decompiling the filterscript he found that it records, in plaintext, the username and what he types when he uses the /register command (Which allplayers have to use to enter the spawn selection)

So basically, on these high traffic servers, there is a script which records your username and password in plaintext.

I am not here to make accusations or point fingers but the fact is there is a script that steals your password on servers that are run by a 3rd party company (ESL) and members of our own community (mainly from the A/D clan PTM and various other DM players)

In my opinion the script would have been added by an untrustworthy player or group of players and the 'ESL' had no knowledge of it. There has also been an alarming amount of reports from DM clans about their members accounts been logged into by unknown IP addresses and some admin accounts being logged into to deface forums and clan sites. Funnily enough my own clan website got defaced by someone logging into a members account and deleting topics etc, strangely enough the IP addresses was identical to that of an 'ESL Admin' from portugal. I don't know if I am allowed to name and shame or post IP addresses here so I will leave that out unlessI am told I am allowed to reveal who it was who got access to our clan site.

I thought it is best to post this here as a warning to people and perhaps to get some help from some other SA:MP players or perhaps SA:MP devs who can help me combat this blatent disregard for personal information. People are using our game to steal our passwords and I think that is a disgrace.

If any senior SA:MP dev wants more information about this feel free to PM me and I can give you more information. I alone can't do anything about this but with some help from a senior member hopefully we can get to the bottom of this.

[ikey07]

Small advice, never reg on sa-mp server with password you use elsewhere, because there is many who always keep PWs in plain text format on purpose or by not knowing how to encrypt the PWs.

[Diablosrouge]

Quote:

Originally Posted by MaTrIx4057 Dear SA:MP Community. I come here to report some rather scary reports coming from the 'DM Community' part of SA:MP. You may or may not know SA:MP is now an official 'e-sport' on the Electronic Sports League. This seems like a good thing however the 'ESL' has given a select group of SA:MP players control over the game, game server and forum. These ESL servers run a gamemode called 'Deadly Combinations' which is an attack and defend game mode. However, whilst browsing through the filterscripts of this file an 'ESL' admin who is a close personal friend of mine found an unusual script and a plaintext file with usernames and plaintext passwords of every member who had registered. After decompiling the filterscript he found that it records, in plaintext, the username and what he types when he uses the /register command (Which allplayers have to use to enter the spawn selection) So basically, on these high traffic servers, there is a script which records your username and password in plaintext. I am not here to make accusations or point fingers but the fact is there is a script that steals your password on servers that are run by a 3rd party company (ESL) and members of our own community (mainly from the A/D clan PTM and various other DM players) In my opinion the script would have been added by an untrustworthy player or group of players and the 'ESL' had no knowledge of it. There has also been an alarming amount of reports from DM clans about their members accounts been logged into by unknown IP addresses and some admin accounts being logged into to deface forums and clan sites. Funnily enough my own clan website got defaced by someone logging into a members account and deleting topics etc, strangely enough the IP addresses was identical to that of an 'ESL Admin' from portugal. I don't know if I am allowed to name and shame or post IP addresses here so I will leave that out unlessI am told I am allowed to reveal who it was who got access to our clan site. I thought it is best to post this here as a warning to people and perhaps to get some help from some other SA:MP players or perhaps SA:MP devs who can help me combat this blatent disregard for personal information. People are using our game to steal our passwords and I think that is a disgrace. If any senior SA:MP dev wants more information about this feel free to PM me and I can give you more information. I alone can't do anything about this but with some help from a senior member hopefully we can get to the bottom of this.

You're completely retarded thats it.
1. The passwords are encrypted.
2. ESL doesn't steal any passwords at all, it's an invention by you and your friend Cam3 / Cameron.
3. Your friend Cam3 was responsible by several account hacking so think twice before posting crap about ESL.
4. Don't compare PTM to NB or your friend Cam3, as it's completely absurd and we've never been involved in any hacking.
5. If you still feel unsafe, you can register with a different password and change it anytime with /changepass.


Hope this topic gets deleted as it's a complete piece of junk from top to bottom, starting from its author.

Kind Regards,
Diablosrouge

[Proxyded]

Lol.
Matrix, you got to the lowest level that I didn't think even you would go to:
Making false accusations.

Plus, even if it was true, since you're such a smart*ss, you would just follow this nice little advice by Ikey07

Quote:

Originally Posted by ikey07 Small advice, never reg on sa-mp server with password you use elsewhere, because there is many who always keep PWs in plain text format on purpose or by not knowing how to encrypt the PWs.

[TheDominator]

I assume you Proxyded have come to this topic to throw that accusation, from what he's saying am pretty convinced.

[JoBullet]

Who cares about this? It is not releated to this community at all.

[TheDominator]

How isn't it? "You may or may not know SA:MP is now an official 'e-sport' on the Electronic Sports League." learn to read before you post mate.

[Proxyded]

And I assume that you, TheDominator, are Cam3 aka C4M3R0N, the sir-hax-alot
either way, dont bother reply the topic just to answer me.

[TheDominator]

Proxyded you assume wrong, who the fuck is Cam3? I am in no way associated to this 'scandal' as described by the thread creator. Another invalid accusation made by the same person, make three and your an official retard.

[AngryUnibrow]

A GUY SHARED INFORMATION ABOUT A POSSIBLE STEALING OF PASSWORDS! HOW CAN WE SOLVE THIS?

I KNOW, LETS JUST CALL EACH OTHER HACKERS AND BLINDLY INSULT EACH OTHER! YEA, YOU STUPID HAXOR HAX GUY!

[TheDominator]

Who the fuck are you? Learn some grammar and remove the caps, if you can't have a civilized discussion then don't come to the SA-MP forums. As for 'stupid haxor hax guy' I have no knowledge of hacking so yet again another false accusation.

[Potassium]

Who are you, TheDominator? Why are you being so defensive when your name wasn't even mentioned? Where in AngryUnibrow's post did he say that it was aimed at you? Guilty conscience much?

Quote:

Originally Posted by AngryUnibrow A GUY SHARED INFORMATION ABOUT A POSSIBLE STEALING OF PASSWORDS! HOW CAN WE SOLVE THIS? I KNOW, LETS JUST CALL EACH OTHER HACKERS AND BLINDLY INSULT EACH OTHER! YEA, YOU STUPID HAXOR HAX GUY!

i <3 u

[TheDominator]

Why would I have a guilty conscience about something that's not associated with me, the fact that I was annoyed was because I hate been called a hacker, if it wasn't aimed at me then am sorry for the misunderstanding.

[[MM]IKKE]

If he's really 'hacking' into other accounts, take proofs and send to team@sa-mp.com

On the other side: sadly enough a lot of servers store their passwords in plain text. So just like the first comment said...

We won't believe anyone as long as there's no proof at all. Not from those who commented, calling it blasphemy. And not the OP. Proofs or this will be deleted soon...

[Diablosrouge]

This can be deleted already. Not only this clan is creating all sorts of trouble in ESL forums but also here.

[[MM]IKKE]

Quote:

Originally Posted by Diablosrouge This can be deleted already. Not only this clan is creating all sorts of trouble in ESL forums but also here.

I asked for proofs from both sides.

[AngryUnibrow]

Quote:

Originally Posted by TheDominator Who the fuck are you? Learn some grammar and remove the caps, if you can't have a civilized discussion then don't come to the SA-MP forums. As for 'stupid haxor hax guy' I have no knowledge of hacking so yet again another false accusation.

Come on man, you really didnt pick up on that mega obvious sarcasm?

*facepalm*

BTW, I am the god of the little smurfs that have a village in my shoebox

[Diablosrouge]

We don't have to prove anything, plus even if we'd prove anything by screenshooting the whole FTP I bet people would just say the files were deleted, and no I wont give access to the FTP to anyone The topic will die and eventually get deleted as nothing will happen but bullshit stories coming from matrix and his clan, an old tradition.

[cessil]

Quote:

Originally Posted by MaTrIx4057 There has also been an alarming amount of reports from DM clans about their members accounts been logged into by unknown IP addresses

I have not heard about any of these reports, are they publicly available?

[[MM]IKKE]

Quote:

Originally Posted by Diablosrouge We don't have to prove anything, plus even if we'd prove anything by screenshooting the whole FTP I bet people would just say the files were deleted, and no I wont give access to the FTP to anyone The topic will die and eventually get deleted as nothing will happen but bullshit stories coming from matrix and his clan, an old tradition.

So what we have is two clans/servers/people talking bad against each other, with no proofs at all whatsoever. Yet another "let's talk bad about the other community in the hope it decreases their player count".

Good game. Both sides.

Cessil confirms.