GMod: Security has been breached
39 replies · 11 participants · 🔒 locked
Dec 3, 2009, 12:30 PM#1
This is a quote from an announcement made to the Steam group.
Comments can be viewed here.
Admins: You hereby have the permission to unban players that have been banned during this episode - you do not need consult either me or Dave.
Hey,
It has come to our attention that our Garry's Mod server's security has been breached by a hacker, and as such proceeded with adding other admins (most likely his friends). After going through some logs, we've discovered that these hackers has been banning quite a few people (and the number isn't low either). If you have been banned by abusive or unknown administrators, please post a reply to this announcement, including your Steam ID and we'll have you unbanned.
Sorry for the inconvenience, but the hackers did some damage and we're doing our best to get these issues resolved.
Thanks.
Comments can be viewed here.
Admins: You hereby have the permission to unban players that have been banned during this episode - you do not need consult either me or Dave.
Page 2
Dec 5, 2009, 11:09 PM#21
lets go hacker hunting
I Would have, but when they took the server down, I had jut joined and just as mog filled me in, the server crashed.
Dec 5, 2009, 11:12 PM#22
lets go hacker hunting
I Would have, but when they took the server down, I had jut joined and just as mog filled me in, the server crashed.
Actually, Moglizorz decided to shut it down.
Dec 5, 2009, 11:14 PM#23
I wonder if this is correct:
Phil Frohlich
1924 South Utica, Suite 1120
Tulsa, Oklahoma 74104
United StatesDec 5, 2009, 11:16 PM#24
I wonder if this is correct:Phil Frohlich
1924 South Utica, Suite 1120
Tulsa, Oklahoma 74104
United States
gbps.us:
Technical Contact ID: CR23696991
Technical Contact Name: Phil Frohlich
Technical Contact Address1: 1924 South Utica, Suite 1120
Technical Contact City: Tulsa
Technical Contact State/Province: Oklahoma
Technical Contact Postal Code: 74104
Technical Contact Country: United States
Technical Contact Country Code: US
Technical Contact Phone Number: +1.9187473411
Technical Contact Email: cowmonkey111@gmail.com
Technical Application Purpose: P3
Technical Nexus Category: C11
Dec 6, 2009, 02:46 AM#25
I wonder if this is correct:Phil Frohlich
1924 South Utica, Suite 1120
Tulsa, Oklahoma 74104
United States
gbps.us:
Technical Contact ID: CR23696991
Technical Contact Name: Phil Frohlich
Technical Contact Address1: 1924 South Utica, Suite 1120
Technical Contact City: Tulsa
Technical Contact State/Province: Oklahoma
Technical Contact Postal Code: 74104
Technical Contact Country: United States
Technical Contact Country Code: US
Technical Contact Phone Number: +1.9187473411
Technical Contact Email: cowmonkey111@gmail.com
Technical Application Purpose: P3
Technical Nexus Category: C11
Wait, how the heck do you get that kind of information?
Dec 6, 2009, 02:59 AM#26
I wonder if this is correct:Phil Frohlich
1924 South Utica, Suite 1120
Tulsa, Oklahoma 74104
United States
gbps.us:
Technical Contact ID: CR23696991
Technical Contact Name: Phil Frohlich
Technical Contact Address1: 1924 South Utica, Suite 1120
Technical Contact City: Tulsa
Technical Contact State/Province: Oklahoma
Technical Contact Postal Code: 74104
Technical Contact Country: United States
Technical Contact Country Code: US
Technical Contact Phone Number: +1.9187473411
Technical Contact Email: cowmonkey111@gmail.com
Technical Application Purpose: P3
Technical Nexus Category: C11
Wait, how the heck do you get that kind of information?
We whois'ed the domain in the Lua code.
Dec 6, 2009, 09:18 AM#27
[This post has been redacted in the archive]
Dec 6, 2009, 11:07 AM#28
ummm... fellow admins.. u might wanna check out the Gmod server's MotD..
it's rather disturbing... and it's been breached again today...
it's rather disturbing... and it's been breached again today...
Dec 6, 2009, 11:09 AM#29
[This post has been redacted in the archive]
Dec 6, 2009, 12:27 PM#30
my friend failcake's server just got hacked too o.o
IT'S A HACKER NIGHTMARE!
time to hunt some mofo'ing haxorx
IT'S A HACKER NIGHTMARE!
time to hunt some mofo'ing haxorx
Dec 6, 2009, 01:29 PM#31
Dec 6, 2009, 10:31 PM#32
The GMod server will be passworded till I've fixed some stuff. There are still malicious scripts running on the server, so I'll do a manual search (which means opening every serversided file and read through them), delete if deemed malicious (which is pretty easy).
After this, the hackers shouldn't be able to upload any file anymore. I hope you understand, gotta clean up ya see
After this, the hackers shouldn't be able to upload any file anymore. I hope you understand, gotta clean up ya see
Dec 6, 2009, 10:39 PM#33
CLEAN UP ON AISLE 5
Dec 7, 2009, 01:02 AM#34
Dec 7, 2009, 05:59 PM#35
[This post has been redacted in the archive]
Dec 7, 2009, 07:02 PM#36
Nice find Jamza, install nao Karl!
However the lack of sprays doesn't matter, it isn't used much in Garry's Mod, especially on a Flatgrass server.
I don't need it.
Anyway, that module will break almost everything. Including adv dupe, you wouldn't be able to upload files. That module was meant for other sourcemods mostly.
Dec 7, 2009, 07:35 PM#37
[This post has been redacted in the archive]
Feb 19, 2010, 12:11 PM#38
i dont know if this was worth mentioning but one when i spawned a fridge (yes a fridge >.>) the whole map went WTF.You could move the map with your phys gun and the skybox went ..... bad 
I dotn know what happernd then but once i undid my fridge it went back to normal :O
I dotn know what happernd then but once i undid my fridge it went back to normal :O
Feb 19, 2010, 01:19 PM#39
i dont know if this was worth mentioning but one when i spawned a fridge (yes a fridge >.>) the whole map went WTF.You could move the map with your phys gun and the skybox went ..... bad
I dotn know what happernd then but once i undid my fridge it went back to normal :O
If you could re-create that, you'd be better off recording it.
Post it in the suggestions/feedback forum if you want to.
Other than that, this announcement was an issue some time back, so I'll lock this.