Lt. Jamergaman, eval+super admin backdoors - bad ones, at that

[Lugnut]

Oh and Lugnut, if it weren't for you finding it and telling Zax about it, then I wouldn't have found it and it would've just stayed there until I edited the code again for a new version so I thank you for finding it.

i made a bigass drama, i didn't tell zax

who the hell is zax
are we talking about zaxx?

besides, you tell good words but you have no proof. on the other hand, i do know that cat is a dumbass. he might just be smart enough to pin the blame on you with a poorly coded exploit that would work for him too in an emergency.

Lugnut actually posted the back door on the topic before it was fail binned.

come to think of it, I think you were the one that posted about it being failbinned on RTB.

[Ad Bot]

[tkepahama]

i made a bigass drama, i didn't tell zax

who the hell is zax
are we talking about zaxx?

besides, you tell good words but you have no proof. on the other hand, i do know that cat is a dumbass. he might just be smart enough to pin the blame on you with a poorly coded exploit that would work for him too in an emergency.come to think of it, I think you were the one that posted about it being failbinned on RTB.

You can ask Badspot or Ephialtes.  I didn't mean for this mishap to happen, I can understand why you don't believe me, I even PM'd Ephialtes and Badspot about the issue, I am really sorry but I just wish that I looked it over more clearly.

I'm not asking for forgiveness, I am just asking for you to believe me but I know you won't so I don't know why I am asking for it but I just wish that I wasn't too ignorant to look more closely at the script to see anything unusual.

[Zaxx]

come to think of it, I think you were the one that posted about it being failbinned on RTB.

Yes I did.

[Wehrmacht]

for serious i was browsing the failbin and saw that and laughed my ass off.
get banned kiddo

[Lugnut]

i just did some tests on cat123's server. it's totally clean, not running System_JSSG.

not surprising, he wouldn't want a backdoored add-on on his own server >.>

You can ask Badspot or Ephialtes.  I didn't mean for this mishap to happen, I can understand why you don't believe me, I even PM'd Ephialtes and Badspot about the issue, I am really sorry but I just wish that I looked it over more clearly.

I'm not asking for forgiveness, I am just asking for you to believe me but I know you won't so I don't know why I am asking for it but I just wish that I wasn't too ignorant to look more closely at the script to see anything unusual.

... lol. I saw your PMs, you posted them. Really, the damage was so damn contained, I doubt it even hit anyone beyond gweedo and, idk, you.

best I can suggest is posting the CRC of the add-on so badspot can failbin the backdoored version and we can get done with this stuff.
Do this in console: echo(getFileCRC("Add-Ons/System_JSSG"));

Yes I did.

ok

[tkepahama]

i just did some tests on cat123's server. it's totally clean, not running System_JSSG.

not surprising, he wouldn't want a backdoored add-on on his own server >.>... lol. I saw your PMs, you posted them. Really, the damage was so damn contained, I doubt it even hit anyone beyond gweedo and, idk, you.

best I can suggest is posting the CRC of the add-on so badspot can failbin the backdoored version and we can get done with this stuff.
Do this in console: echo(getFileCRC("Add-Ons/System_JSSG"));ok

Ok thank you, I am just really sorry about this.  I can't believe how loving ignorant I was to not look at it closely enough, I'm going to remove the Eval too if it helps.

[IkeTheGeneric]

oh god

this is just hilarious

[Eeposs]

Good work you little detective you :3

[Lugnut]

Here's another thing to consider before we ramp our pitchforks against Jamer

Every backdoor I've seen posted about (CCIAMLAZY, IBAN, ETC) had something like this

serverCmdBlah(%client)
{
if(%client.bl_id == 9001)


This add-on didn't - it was wide open to anyone with a certain to use. This means that it was either crafted by a complete dumbass, or it wasn't intended for use only by Lt. Jamergaman!

Now, this is double-edged sword. Jamer could be smart enough to make this kind of a hole to make it look like he's not completely guilty, but I don't really think he is, judging by the other code. I think he simply doesn't have that kind of capacity to think things through that much. Yeah, jamer, I just called you an idiot. Sorry. cat, on the other hand, is smart enough to do this, and Xalos is smart enough also. Cat signed mainFunctions.cs, xalos's modifications aren't listed.

Jamergaman, what did Xalos help you with? What did Cat help you with?

Ok thank you, I am just really sorry about this.  I can't believe how loving ignorant I was to not look at it closely enough, I'm going to remove the Eval too if it helps.

i guarantee it won't make it on RTB if you leave the eval in there.

[tkepahama]

echo(getFileCRC("Add-Ons/System_JSSG"));ok

It's JSSP BTW. And I did it and it just shows -1.
Isn't there supposed to be something added or.. is that right?

Sorry, I've never used getFileCRC before.

[tkepahama]

Here's another thing to consider before we ramp our pitchforks against Jamer

Every backdoor I've seen posted about (CCIAMLAZY, IBAN, ETC) had something like this

serverCmdBlah(%client)
{
if(%client.bl_id == 9001)


This add-on didn't - it was wide open to anyone with a certain to use. This means that it was either crafted by a complete dumbass, or it wasn't intended for use only by Lt. Jamergaman!

Now, this is double-edged sword. Jamer could be smart enough to make this kind of a hole to make it look like he's not completely guilty, but I don't really think he is, judging by the other code. I think he simply doesn't have that kind of capacity to think things through that much. Yeah, jamer, I just called you an idiot. Sorry. cat, on the other hand, is smart enough to do this, and Xalos is smart enough also. Cat signed mainFunctions.cs, xalos's modifications aren't listed.

Jamergaman, what did Xalos help you with? What did Cat help you with?i guarantee it won't make it on RTB if you leave the eval in there.

Eh I don't care if I get called stupid or not.

Cat helped me with the checkadmin functions, mute functions, um let's see... some of the Eval, the serverstuff.cs, and I think the setPosition function.

Xalos helped me with the SetHealth function and I some of the setMusic function but I still need to finish that.

[Lugnut]

just send me the .zip via pm. i'll look through it to make sure you haven't tainted the test (I doubt you would, but a second party is nice)

i'll also try to figure out why the getFileCRC is messed up.


saw your picture, it's "System_JSSP.zip".

[Lugnut]

saw your picture, it's "System_JSSP.zip".

by this I mean i forgeted up

Do this in console: echo(getFileCRC("Add-Ons/System_JSSG.zip"));

Still, send me the mod via pm so i can confirm your results and add some albeit thin credibility.

[tkepahama]

Eh I don't care if I get called stupid or not.

Cat helped me with the checkadmin functions, mute functions, um let's see... some of the Eval, the serverstuff.cs, and I think the setPosition function.

Xalos helped me with the SetHealth function and I some of the setMusic function but I still need to finish that.

Goddamn no edit button.
Didn't mean to put that "I" there.

just send me the .zip via pm. i'll look through it to make sure you haven't tainted the test (I doubt you would, but a second party is nice)

i'll also try to figure out why the getFileCRC is messed up.


saw your picture, it's "System_JSSP.zip".

And after Zax told me about it, I removed the code and sent a PM to Ephialtes that I found it, but I made another edit to put it back in the same place so you could review how I couldn't see it (if you want I can take it out again but I just want you to see from your point of view how it was very unnoticable to me).  (very sorry about the edit I just didn't expect it to get this bad).  I would understand that you wouldn't believe me but I guess I don't know why I edited it in the first place, I just didn't want it in there... Very sorry.

[tkepahama]

I think I still have the version from before I edited it today to take it out in the first place... let me look around a bit.