Malicious Mod?

DGKHaploDGKHaplo Join Date: 2002-12-22 Member: 11324Members, Constellation Posts: 35 Advanced user
Long story short, while sv_cheats was on someone installed a mod and I'm a little concerned with what the mod actually does. I have removed it, but I'm wondering if it was malicious in nature?

I posted the content of the mod to pastebin below. If one of you fine modders could take a look at it and tell me what it does I'd appreciate it.

pastebin.com/bM9UF8Kv

Thanks,
Haps
aka - |DFA| Haplo
aka - |DFA| Reckoning

Server Op and Admin for:

|DFA| Halls of Armageddon 71.201.65.186:27015
Noobs ONLY server 71.201.65.186:27019
«1

Comments

  • SamusDroidSamusDroid Colorado Join Date: 2013-05-13 Member: 185219Members, Forum Moderators, NS2 Developer, NS2 Playtester, Squad Five Gold, Subnautica Playtester, NS2 Community Developer, Pistachionauts Posts: 2,155 mod
    I'm confused
    My mods --- Watermod collaboration with Feha
    For some reason, the instant you ask players to behave differently to be successful, they associate that with bad mapping. - KungFuDiscoMonkey
    Z5UIr2s.png
  • JektJekt Join Date: 2012-02-05 Member: 143714Members, Squad Five Blue, Reinforced - Shadow Posts: 1,543 Advanced user
    Shouldn't be enabling cheats. Any lua can be loaded on a server that has it set to 1.
  • xDragonxDragon Join Date: 2012-04-04 Member: 149948Members, NS2 Playtester, Squad Five Gold, NS2 Map Tester, Reinforced - Shadow Posts: 1,954 Fully active user
    edited December 2013
    I wouldnt keep that mod installed lol.
    And if you have any backups of your banlist i would check them vs your current one.
  • DGKHaploDGKHaplo Join Date: 2002-12-22 Member: 11324Members, Constellation Posts: 35 Advanced user
    Jekt wrote: »
    Shouldn't be enabling cheats. Any lua can be loaded on a server that has it set to 1.

    Yes, yes I know, there was late night shenanigans going on... it will never be turned on again.
    xDragon wrote: »
    I wouldnt keep that mod installed lol.
    And if you have any backups of your banlist i would check them vs your current one.

    It's been removed. I want to know what it does/did.
    SamusDroid wrote: »
    I'm confused

    About what?

    I'm looking for constructive feedback here. Thanks.

    aka - |DFA| Haplo
    aka - |DFA| Reckoning

    Server Op and Admin for:

    |DFA| Halls of Armageddon 71.201.65.186:27015
    Noobs ONLY server 71.201.65.186:27019
  • JektJekt Join Date: 2012-02-05 Member: 143714Members, Squad Five Blue, Reinforced - Shadow Posts: 1,543 Advanced user
    It clears your banned player list in the .json file. That's all I can say.
  • GhoulofGSG9GhoulofGSG9 Join Date: 2013-03-31 Member: 184566Members, Super Administrators, Forum Admins, Forum Moderators, NS2 Developer, NS2 Playtester, Squad Five Blue, Squad Five Silver, Reinforced - Supporter, WC 2013 - Supporter, Pistachionauts Posts: 2,831 admin
    LOL, this is a amazing piece of code
    Developer, Modder and Server Admin of Survival of the Fattest - Ingame Nick: Ghoul
    ZaggyGhosthree3AurOn2
  • xDragonxDragon Join Date: 2012-04-04 Member: 149948Members, NS2 Playtester, Squad Five Gold, NS2 Map Tester, Reinforced - Shadow Posts: 1,954 Fully active user
    Theoretically it gives him the ability to load additional lua logic on any clients and the server, and that logic can be changed at any time and reloaded during the game from a remote repo. Basically gives him complete control over the game.
    GhoulofGSG9Ghosthree3
  • radionautradionaut california Join Date: 2013-01-22 Member: 181192Members, Reinforced - Supporter, WC 2013 - Gold Posts: 114 Advanced user
  • DGKHaploDGKHaplo Join Date: 2002-12-22 Member: 11324Members, Constellation Posts: 35 Advanced user
    Thanks for the feedback.
    Jekt wrote: »
    It clears your banned player list in the .json file. That's all I can say.
    xDragon wrote: »
    Theoretically it gives him the ability to load additional lua logic on any clients and the server, and that logic can be changed at any time and reloaded during the game from a remote repo. Basically gives him complete control over the game.

    If this is true then it's malicious code, by an active member of the community and encouraged by AceDude.

    very well then.
    aka - |DFA| Haplo
    aka - |DFA| Reckoning

    Server Op and Admin for:

    |DFA| Halls of Armageddon 71.201.65.186:27015
    Noobs ONLY server 71.201.65.186:27019
  • AceDudeAceDude Join Date: 2007-08-26 Member: 61994Members, Super Administrators, Forum Admins, NS2 Developer, Reinforced - Supporter, Reinforced - Shadow, Subnautica Developer, Pistachionauts Posts: 173 admin
    Not... again... please. "encouraged" how? Maybe lets wait for Deco and lets see what will he say? Of course, if it was him in the first place. Come on.
  • xDragonxDragon Join Date: 2012-04-04 Member: 149948Members, NS2 Playtester, Squad Five Gold, NS2 Map Tester, Reinforced - Shadow Posts: 1,954 Fully active user
    Many things can be considered 'malicious', however in practice its more about how its used.
    Ghosthree3NazoAurOn2
  • GhoulofGSG9GhoulofGSG9 Join Date: 2013-03-31 Member: 184566Members, Super Administrators, Forum Admins, Forum Moderators, NS2 Developer, NS2 Playtester, Squad Five Blue, Squad Five Silver, Reinforced - Supporter, WC 2013 - Supporter, Pistachionauts Posts: 2,831 admin
    edited December 2013
    More afraid i'm about what else there is at that gist: https://gist.github.com/Deco/9e8aedf1f7b2cba000d5

    "Balancing" the game via remote repo that's brilliant. :D
    Developer, Modder and Server Admin of Survival of the Fattest - Ingame Nick: Ghoul
    Ghosthree3AurOn2
  • AgielAgiel Join Date: 2006-11-14 Member: 58605Members, Constellation, NS2 Playtester, Subnautica Playtester Posts: 290 Fully active user
    I have to say, this is a pretty amazing piece of code. Aside from one small typo that would make a few things not work as intended :P
    Talga Vassternich - AgielTV
  • turtsmcgurtturtsmcgurt Join Date: 2012-11-01 Member: 165456Members, Reinforced - Supporter Posts: 581 Advanced user
    can't even be mad at the guy, this is pretty genius.
    Ghosthree3NazoAurOn2
  • |DFA| Havoc|DFA| Havoc Join Date: 2009-08-07 Member: 68375Members, Reinforced - Shadow Posts: 160
    Yeah, I have to say that sv_cheats allowing clients to upload any kind of code to the server like this is... just, really stupid. Why is it set up this way?
    McGlaspieGhosthree3
  • |DFA| Havoc|DFA| Havoc Join Date: 2009-08-07 Member: 68375Members, Reinforced - Shadow Posts: 160
    AceDude wrote: »
    @Deco you evil man :D

    And I have to agree with Haps, this is about the least helpful response from a dev I'd expect after having our server hacked. :|
  • SebSeb Melbourne, AU Join Date: 2013-04-01 Member: 184576Members, Forum Moderators, NS2 Playtester, Squad Five Blue, Squad Five Silver, WC 2013 - Silver, Retired Community Developer Posts: 514 mod
    Rofl, yeah if it is the guy I think it is, he's a nice dude and probably doesn't mean to be malicious in intent. The lure of an open server with cheats on is too great however :P
    AurOn2elodea
  • AurOn2AurOn2 COOKIES! FREEDOM, AND BISCUITS! Australia Join Date: 2012-01-13 Member: 140224Members, Forum Moderators, NS2 Playtester, Forum staff Posts: 2,130 mod
    edited December 2013
    @acedude whats deco done wrong now?
    @|DFA|Havoc Deco likes hacking into servers. I have proof he does it for gigguls, He ever tries to blow up servers, it's just he does that by nature.
    poor happylittledeco.
    Send me a private message if you need me to kill someone "help" with anything.

    The very existence of flamethrowers proves that sometime, somewhere, someone said to themselves, “You know, I want to set those people over there on fire, but I’m just not close enough to get the job done.” - George Carlin.

    Youtube Channel for Sydney Music
  • |DFA| Havoc|DFA| Havoc Join Date: 2009-08-07 Member: 68375Members, Reinforced - Shadow Posts: 160
    AurOn2 wrote: »
    @|DFA|Havoc Deco likes hacking into servers. I have proof he does it for gigguls, He ever tries to blow up servers, it's just he does that by nature.
    poor happylittledeco.

    So just because he does it for giggles, that somehow makes it completely acceptable behavior? You just made your opinion forever irrelevant to me.

    I hope your bank account gets hacked by someone who does it just 'for gigguls'.
  • Ghosthree3Ghosthree3 Join Date: 2010-02-13 Member: 70557Members, Reinforced - Supporter Posts: 3,432 Advanced user
    edited December 2013
    LOL, this is a amazing piece of code
    Holy shit, yes it is. @Deco you've outdone yourself.
    xDragon wrote: »
    Theoretically it gives him the ability to load additional lua logic on any clients and the server, and that logic can be changed at any time and reloaded during the game from a remote repo. Basically gives him complete control over the game.
    Incredible work lmao.

    EDIT: My god it's so beautiful...

    EDIT2: @Jekt , that video was amazing.
    Post edited by Ghosthree3 on
    76561197996992409.png
  • Ghosthree3Ghosthree3 Join Date: 2010-02-13 Member: 70557Members, Reinforced - Supporter Posts: 3,432 Advanced user
    edited December 2013
    Woah wait what. Why is MY steam ID mentioned in the code at line 143. B8amk5r.gif

    I'm not sure I'm ok with this, I'm not sure what it does or means yet, but I have a feeling this is going to bite me in the ass even though I didn't do anything.

    EDIT: Ok from what I can tell it either bans or unbans me from the server (there's also a TON of other IDs listed at the bottom so it does it for those as well?). Wish I knew code better so I could know exactly what is going on. Either way, not cool @Deco , this so doesn't end well for me.

    EDIT2: Ok no longer sure it has anything to do with bans. Someone help.

    EDIT3: No it's definitely about banning.
    Post edited by Ghosthree3 on
    76561197996992409.png
  • SUPER_SARSSUPER_SARS Join Date: 2013-02-13 Member: 183039Members Posts: 274 Fully active user
    Ghosthree3 wrote: »
    Woah wait what. Why is MY steam ID mentioned in the code at line 143. B8amk5r.gif

    I'm not sure I'm ok with this, I'm not sure what it does or means yet, but I have a feeling this is going to bite me in the ass even though I didn't do anything.

    EDIT: Ok from what I can tell it either bans or unbans me from the server (there's also a TON of other IDs listed at the bottom so it does it for those as well?). Wish I knew code better so I could know exactly what is going on. Either way, not cool @Deco , this so doesn't end well for me.

    EDIT2: Ok no longer sure it has anything to do with bans. Someone help.

    EDIT3: No it's definitely about banning.

    But but.. it's an amazing piece of coding!
    DGKHaploAurOn2
  • Ghosthree3Ghosthree3 Join Date: 2010-02-13 Member: 70557Members, Reinforced - Supporter Posts: 3,432 Advanced user
  • nezznezz Join Date: 2012-12-11 Member: 174712Members Posts: 291
    Fkn deco. This guy should be hired to find bugs and glitches in code I swear to god.
    AurOn2
  • Ghosthree3Ghosthree3 Join Date: 2010-02-13 Member: 70557Members, Reinforced - Supporter Posts: 3,432 Advanced user
    Ok so seems my ID was in there by accident, was meant to be someone else....the fuck.
    76561197996992409.png
  • SamusDroidSamusDroid Colorado Join Date: 2013-05-13 Member: 185219Members, Forum Moderators, NS2 Developer, NS2 Playtester, Squad Five Gold, Subnautica Playtester, NS2 Community Developer, Pistachionauts Posts: 2,155 mod
    edited December 2013
    Jekt wrote: »
    For giggles.

    No babbler bullets or fire breathing lerks unfortunately.

    DOWANT =))
    My mods --- Watermod collaboration with Feha
    For some reason, the instant you ask players to behave differently to be successful, they associate that with bad mapping. - KungFuDiscoMonkey
    Z5UIr2s.png
    AurOn2
Sign In or Register to comment.