Security Problem
#1

Hi! I have a samp server who's working on mysql and few days ago i saw new admins on my server. I don't know how, in my GM i don't have any commands to give admin. I verrified pAdmin] on the entire script. Even though he doesn't know /makeadmin command he removed me from the admins. How ? I don't have any user panel or something for sql injection. It is so weird. Please help !
Some ideas?
Reply
#2

Let me guess: you are using a downloaded and/or leaked gamemode that contains a backdoor.
Reply
#3

Maybe, uh, I don't know, check logs?

If you don't log commands, then there's your starting point.
Reply
#4

Quote:
Originally Posted by Sithis
View Post
Let me guess: you are using a downloaded and/or leaked gamemode that contains a backdoor.
I am using VORTEX GM, i don't have any command in my GM for give admin. Any ideas?
Reply
#5

Quote:
Originally Posted by Nin9r
View Post
I am using VORTEX GM, i don't have any command in my GM for give admin. Any ideas?
Learning how to read would be a solid start.

Quote:
Originally Posted by rymax99
View Post
Maybe, uh, I don't know, check logs?

If you don't log commands, then there's your starting point.
Seems like you want some magical answer to your problem served on a silver platter. If you're not a competent scripter/server admin, then at least give us something to work with, in this case it'd be logs.
Reply
#6

[QUOTE=rymax99;3621185]Learning how to read would be a solid start.

So.. can you help me? Tell me where are these logs... I checked server_logts and mysql_logs but you can't understand this. I don't see anything about these errors.

I am not english, i don't want a prize for that... All that matters is that you can understand me..
Reply
#7

Question is, which EDIT of Vortex are you actually using... Because really, if you've got a Vortex EDIT, then someone has tampered with it.

First things I'd do is change my passwords for everything, and then wipe out whatever "admins" have been made on the server.


The logs he'll be talking about will be the server.log, and the log file that has the commands in it.
Reply
#8

As Sew_Sumi said Clean out your database delete whoever is an admin on your server. Change all your passwords for database, rcon etc...
Reply
#9

i did it before but now they are appearing again.

Any ideas?


I think that is a SQL INJECTION.

Please check it:

Code:
case 3643:
		{
			if(response)
			{
				new string[128];
				if(strlen(inputtext) >= 1)
				{
					format(PlayerData[playerid][pPassword], 255, "%s", inputtext);
					format(string, sizeof(string), "Password changed to '%s'.", inputtext);
					SendClientMessage(playerid, BLUE, string);
					new Str[256];
					format(Str,256,"UPDATE `players` SET `Password`='%s' WHERE `ID`='%d'",inputtext, PlayerData[playerid][pSQLID]);
					mysql_tquery(handle,Str);
				}
				else return SCM(playerid,COLOR_WHITE,"+1 character.");
			}
		}
Have I to use mysql_real_escape_string? How?
Reply
#10

Which edit/version are you using the your gamemode?

And it sounds like, your mysql server was hacked, or there is a command to give yourself power.

Have you changed the RCON password?
Reply
#11

Link us to the gamemode if it's on the forum, if it's on another site, it's likely to be compromised.
Reply
#12

It was from that menu. /changepass.. There i didn't use mysql_escape_string and that was SQL INJECTION.
Reply
#13

Oh god who ruined my gamemode with that stupid code? Which edit are you using? Did you remove Whirlpool?
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)