.:`=-~rANdOm~`-=:. Game Servers

.:`=-~rANdOm~`-=:. Game Servers (Read Only) => Discussion => Topic started by: blαh2355 on April 19, 2014, 07:58:31 AM

Title: Exploit found in source engine causing gmod servers/players to be infected
Post by: blαh2355 on April 19, 2014, 07:58:31 AM

The exploit is already patched but this happened yesterday.

Reddit link: http://www.reddit.com/r/gaming/comments/23epar/gmod_has_been_hacked/ (http://www.reddit.com/r/gaming/comments/23epar/gmod_has_been_hacked/)

garrysmod.com link: http://www.garrysmod.com/2014/04/19/exploit-fix-released/ (http://www.garrysmod.com/2014/04/19/exploit-fix-released/)

As people have said, it's nothing dangerous. It just spams "cough" via in game text or steam message.

Title: Re: Exploit found in source engine causing gmod servers/players to be infected
Post by: Alkaline on April 19, 2014, 11:14:07 AM

this is hilarious

*cough* GMOD VIRUS 4/18/2014 GET OFF GMOD! (https://www.youtube.com/watch?v=C2XTo5i0xGw#ws)

Title: Re: Exploit found in source engine causing gmod servers/players to be infected
Post by: coolzeldad on April 19, 2014, 11:41:16 AM

Actually, it was more than just spamming *cough* in game.

The original payload forced changing of steam name, joining steam group chats, crashing gmod, playing sounds, showing images, fetching websites for views and tracking its development, and furthur spreading the payload (and more). Server effects included rebroadcasting the payload, changing server name, exposing the rcon password, and restarting the servers when shutdown (assuming some sort of backdoor) (etc).

The bigger issue was the publicity, which would have allowed any modification of the payload by anybody fairly quickly... which I believe is why Garry's team pushed for a fix in only a few hours.

Anyway, we were not effected, however I have over 10000 lines in logs of people coughing in fretta LOL

Title: Re: Exploit found in source engine causing gmod servers/players to be infected
Post by: blαh2355 on April 19, 2014, 07:00:07 PM

Quote from: coolzeldad on April 19, 2014, 11:41:16 AM

Actually, it was more than just spamming *cough* in game.

The original payload forced changing of steam name, joining steam group chats, crashing gmod, playing sounds, showing images, fetching websites for views and tracking its development, and furthur spreading the payload (and more). Server effects included rebroadcasting the payload, changing server name, exposing the rcon password, and restarting the servers when shutdown (assuming some sort of backdoor) (etc).

The bigger issue was the publicity, which would have allowed any modification of the payload by anybody fairly quickly... which I believe is why Garry's team pushed for a fix in only a few hours.

Anyway, we were not effected, however I have over 10000 lines in logs of people coughing in fretta LOL

Thanks for clearing that up. I was just skimming through the articles.

*cough*

Uh that wasn't me I swear. I just have a severe case of the cold *cough* *cough* :-X O:-)

Title: Re: Exploit found in source engine causing gmod servers/players to be infected
Post by: Monorail Cat on April 19, 2014, 07:41:05 PM

I think this is a different hack, but this a recurring hack on another server community I'm a small member in.

Alarmed and Depressed, Hacking Microphones and Webcams (https://www.youtube.com/watch?v=z4z_wo9AcF0#)

Title: Re: Exploit found in source engine causing gmod servers/players to be infected
Post by: Samo on April 19, 2014, 11:03:18 PM

So they fixed this pretty quickly but when the game itself didn't work they wouldn't care for the next few days. Looks like they care about the game now.

Title: Re: Exploit found in source engine causing gmod servers/players to be infected
Post by: coolzeldad on April 21, 2014, 07:28:13 PM

Quote from: Samo on April 19, 2014, 11:03:18 PM

So they fixed this pretty quickly but when the game itself didn't work they wouldn't care for the next few days. Looks like they care about the game now.

heh, we'll see LOL

most would say their hands were tied in this case...