Author Topic: /ty just came to my CRPG server and handed me a copy of his CRPG. (Read 8808 times)

Eon · January 09, 2017, 11:40:25 AM

Quote from: -Paint- on January 09, 2017, 11:25:05 AM

Ok, i spent an hour filediving and got rid of all pieces of backdoor code. The associated ID's are:
997, 75225, 27161, 4896
997 is /ty
27161 is Meggey
If you fail to clear all the backdoors, the gamemode will not work. I replaced all of them with my own ID's or non-existing ones like 2,3 and 4,etc.
I managed to get it working without any backdoors at all, and it works 100%. I am not releasing this to anyone at all, even who PM me due to the fact I could be banned for implementing backdoors. However, i will be hosting this dedicated sometime this week with regular admins and resets, etc so people wont be bored. If I ever do stop hosting, I will look into making all the ids 2,3,4,5 etc so that I can release it without being given a revoke.

or just release it now and tell people the lines to change to their id?
+ if you don't do it someone else (me) will so lol

Ad Bot · Advertisement

-Paint- · January 09, 2017, 12:04:54 PM

Quote from: Eon on January 09, 2017, 11:40:25 AM

or just release it now and tell people the lines to change to their id?
+ if you don't do it someone else (me) will so lol

I had to change about 50 lines of code in order to fix it. I will change all the id's to 3,5,7 and 9 in a few days, then release it.

Pastrey Crust · January 09, 2017, 12:23:35 PM

Change the IDs to the same number, silly. That way, it will be quick to replace it with our IDs.

-Paint- · January 09, 2017, 01:48:17 PM

Quote from: Pastrey Crust on January 09, 2017, 12:23:35 PM

Change the IDs to the same number, silly. That way, it will be quick to replace it with our IDs.

I'm unsure if it detects all the Ids are the same that it will break itself.

DrenDran · January 10, 2017, 12:08:12 PM

Quote from: -Paint- on January 09, 2017, 01:48:17 PM

I'm unsure if it detects all the Ids are the same that it will break itself.

It's a loving blockland script lol, it hasn't achieved self awareness.

-Paint- · January 10, 2017, 02:15:17 PM

Quote from: DrenDran on January 10, 2017, 12:08:12 PM

It's a loving blockland script lol, it hasn't achieved self awareness.

It could be added in the code to check

Rally · January 10, 2017, 02:32:26 PM

It's not lmao. Have you seen the way that stuff was organized/packaged? /Ty isn't exactly a genius. Just remove the ID's and don't break it in the process and it should really be fine

Ipquarx · January 10, 2017, 07:43:03 PM

Quote from: Rally on January 10, 2017, 02:32:26 PM

It's not lmao. Have you seen the way that stuff was organized/packaged? /Ty isn't exactly a genius. Just remove the ID's and don't break it in the process and it should really be fine

He's far from a genius, though he has said that there are other "exploits" in the code. It wouldn't surprise me if he's just bluffing but it never hurts to be safe.

Luigi609� · January 10, 2017, 07:51:07 PM

I need a clarification on backdoors in addons.
Aren't they just if the creator puts in some hidden code they can join and give themselves admin or crash the server or something?

Tezuni 2.0 · January 11, 2017, 09:06:58 PM

Quote from: Luigi609� on January 10, 2017, 07:51:07 PM

I need a clarification on backdoors in addons.
Aren't they just if the creator puts in some hidden code they can join and give themselves admin or crash the server or something?

That's the idea, except anyone who edits an add-on can alter the code to add / remove backdoors.
It can also be done through eval add-ons, which allows certain users direct access to console.

Drydess · January 11, 2017, 09:42:36 PM

Quote from: Luigi609� on January 10, 2017, 07:51:07 PM

I need a clarification on backdoors in addons.
Aren't they just if the creator puts in some hidden code they can join and give themselves admin or crash the server or something?

a backdoor is code that allows one to bypass certain clearances required to use a device of some kind

Rally · January 11, 2017, 10:22:20 PM

Quote from: Luigi609� on January 10, 2017, 07:51:07 PM

I need a clarification on backdoors in addons.
Aren't they just if the creator puts in some hidden code they can join and give themselves admin or crash the server or something?

Generally when you write a function that you only want an admin to use, you'll create an if statement that checks to make sure that the user is an admin.

In the context of this topic, /ty made several admin only functions, but he wrote the if statement so that it would check if you were an admin OR BL_ID 997, which gives him access to admin only functions whether or not he is an admin

-Paint- · January 12, 2017, 10:50:52 AM

Quote from: Rally on January 11, 2017, 10:22:20 PM

Generally when you write a function that you only want an admin to use, you'll create an if statement that checks to make sure that the user is an admin.

In the context of this topic, /ty made several admin only functions, but he wrote the if statement so that it would check if you were an admin OR BL_ID 997, which gives him access to admin only functions whether or not he is an admin

Aswell as BLID 997 it also checks 75225, 27161, 4986 and gives them the same access. 27161 is Meggey who is a problem user and 997 of course is /ty

RTBARCHIVE · January 12, 2017, 10:07:17 PM

why are you replacing the offending ids with 1, 2, 3 and your own blid? just use getNumKeyID();

-Paint- · January 13, 2017, 11:16:47 AM

Quote from: RTBARCHIVE on January 12, 2017, 10:07:17 PM

why are you replacing the offending ids with 1, 2, 3 and your own blid? just use getNumKeyID();

I was testing if making it my own ID changed anything and it didnt, also what does getnumkeyid do?