Amxmodx.lt

AMX Mod X modifikacijos forumas
https://amxmodx.lt/

Naujas exploit keiciantis jusu motd.txt

https://amxmodx.lt/viewtopic.php?t=3207

Page 2 of 2

Re: Naujas exploit keiciantis jusu motd.txt

Posted: 2013 Apr 12 08:09
by Chemodan
Dėkoju sutvarkiau , waldoss :clap:

Re: Naujas exploit keiciantis jusu motd.txt

Posted: 2013 May 01 00:04
by els
Galit paaiskinti kur ta FS_Open deti, nes nelabai su juo aisku

Re: Naujas exploit keiciantis jusu motd.txt

Posted: 2013 Aug 21 10:55
by a1c13
Dėkui už pamoką, galų gale baigėsi nesamonės..

Re: Naujas exploit keiciantis jusu motd.txt

Posted: 2013 Aug 21 20:57
by DYaGesS
Geriausia pamoka, atsinaujint :asian:

Re: Naujas exploit keiciantis jusu motd.txt

Posted: 2013 Sep 08 17:05
by kibillcat
Instaliacija lyg ir aiski , FS_Open i orpheu folderi , filewatcher.cfg i amxmodx/configs
Šiaip tai kitokia instaliacija:
FS_Open į /configs/orpheu/functions
filewatcher.cfg į /cstrike

Pataisyk :)

Re: Naujas exploit keiciantis jusu motd.txt

Posted: 2013 Sep 11 14:20
by psychical
Rusai ir source paviešinę.

Code: Select all

#include <amxmodx>#include <orpheu> #define PLUGIN "File watcher"#define VERSION "0.2"#define AUTHOR "mazdan" #define f "file_watcher.log" new Array:aRule, Array:aFile, Array:aRuleType; public plugin_init(){    register_plugin(PLUGIN, VERSION, AUTHOR);        register_srvcmd("fw_rules", "show_rules");    register_srvcmd("fw_add_file", "file_add", _, "fw_add_file <ACCEPT | BLOCK> <filename>");        aRule = ArrayCreate(1, 32);    aRuleType = ArrayCreate(1, 32);    aFile = ArrayCreate(128, 32);        server_cmd("exec filewatcher.cfg");        OrpheuRegisterHook(OrpheuGetFunction("FS_Open"), "FS_Open", OrpheuHookPre);} public OrpheuHookReturn:FS_Open(test[],b[]){    if(containi(b,"w")!=-1)    {        new rule        strtolower(test)        replace_all(test,strlen(test),"/","\")        new len=strlen(test)        new count=ArraySize(aFile)        for(new i;(i<count && !rule);i++)        {            new file[128]            ArrayGetString(aFile,i,file,127)            switch(ArrayGetCell(aRuleType,i))            {                case 0:if(equal(test,file)) rule=i+1                case 1:if(containi(test,file)==len-strlen(file)) rule=i+1                case 2:if(containi(test,file)==0) rule=i+1                case 3:if(containi(test,file)!=-1) rule=i+1            }        }        if(rule)        {            if(ArrayGetCell(aRule,--rule))            {                log_to_file(f,"Rule [#%d] ACCEPT %s",rule,test)                return OrpheuIgnored;            }            else            {                log_to_file(f,"Rule [#%d] BLOCK %s",rule,test)                return OrpheuSupercede;            }        }        else        {            log_to_file(f,"No rule BLOCK %s",test)            return OrpheuSupercede;        }    }    return OrpheuIgnored;} public file_add(){    new rule[10], file[128];        read_argv(1, rule, 9);    read_argv(2, file, 127);        if(!equal(rule,"ACCEPT") && !equal(rule,"BLOCK"))    {        log_to_file(f,"RULE ADD ERROR use <ACCEPT | BLOCK>");        console_print(0,"RULE ADD ERROR use <ACCEPT | BLOCK>");        return PLUGIN_HANDLED;    }        if(strlen(file) < 1)    {        log_to_file(f,"RULE ADD ERROR ^" ^" to specify filename");        console_print(0,"RULE ADD ERROR ^" ^" to specify filename");        return PLUGIN_HANDLED;    }        new something = ((file[0] == 42) + 2*(file[strlen(file)-1] == 42));        ArrayPushCell(aRule, equal(rule,"ACCEPT"));    ArrayPushCell(aRuleType, something); //Yep 42        replace_all(file,127,"*","");    replace_all(file,127,"/","\");        ArrayPushString(aFile,file);        return PLUGIN_HANDLED;} public show_rules(){    if(!ArraySize(aFile))        console_print(0,"NO RULES FOUND!")    else    {        new count = ArraySize(aFile);        for(new i; i < count; i++)        {            new file[128];            ArrayGetString(aFile, i, file, 127);            console_print(0, "[%d] %s %s%s%s", i, (ArrayGetCell(aRule,i)) ? "ACCEPT":"BLOCK",(ArrayGetCell(aRuleType,i) & 1)?"*":"",file,(ArrayGetCell(aRuleType,i) & 2)?"*":"")        }    }}
-- 2013 Rgs 11 15:16 --



-- 2013 Rgs 11 15:16 --

Code: Select all

((file[0] == 42) + 2*(file[strlen(file)-1] == 42))
Nors asmeniškai man tai čia tag mistach meta ;D

Re: Naujas exploit keiciantis jusu motd.txt

Posted: 2013 Sep 11 16:41
by Trickas
Čia gi tiesiog dekompiliuotas amxx

Re: Naujas exploit keiciantis jusu motd.txt

Posted: 2013 Sep 12 20:53
by psychical
Trickas wrote:Čia gi tiesiog dekompiliuotas amxx
Nu, kad ne

Re: Naujas exploit keiciantis jusu motd.txt

Posted: 2013 Oct 24 00:15
by KIRIL
Galit gal su šituo kas padėt? Prisijungi į serverį ir po 5 sec. redirectina.

"Invalid motdfile name (resource/GameMenu.res)
Invalid motdfile name (AUTOEXEC.CFG)
Invalid motdfile name (VALVE.RC)
Invalid motdfile name (USERCONFIG.CFG)
Invalid motdfile name (JOYSTICK.CFG)
Slowhacking rejected for 'resource/GameMenu.res'. Valid motd file format: *motd*.[htm|txt|html]
Slowhacking rejected for 'AUTOEXEC.CFG'. Valid motd file format: *motd*.[htm|txt|html]
Slowhacking rejected for 'VALVE.RC'. Valid motd file format: *motd*.[htm|txt|html]
Slowhacking rejected for 'USERCONFIG.CFG'. Valid motd file format: *motd*.[htm|txt|html]
Slowhacking rejected for 'JOYSTICK.CFG'. Valid motd file format: *motd*.[htm|txt|html]
Connecting to 77.241.194.54:27018...
Trying p48/auth3/revEmu...
Connection accepted by 77.241.194.54:27018"

Buvau radęs configs/ sql.ini failą kuriame buvo connect 77.241.194.54:27018 t.t. ištryniau ir nieko, vistiek meta.

-- 2013 Spa 24 07:43 --

Na ždž supratau tiek, kad atsiranda /configs/ aplankale sql.ini kur yra surašyti redirectai ir config-plugins.ini kur įrašytas valve_admin.amxx ar kažkas panašaus - kas irgi redirectina, tik kaip sustabdyti jų atsiradimus? Spėju 444 nepadės.
All times are UTC+02:00
Page 2 of 2

Powered by phpBB® Forum Software © phpBB Limited