Вы используете устаревший браузер. Этот и другие сайты могут отображаться в нём некорректно. Вам необходимо обновить браузер или попробовать использовать другой.
Привет нужна помощь)
Проблема в том что каким то образом группа людей которая не имела доступ к серверу выдают себе админки в бд и в users их нету.. они не пакостят , но сам факт раздражает . как решить?
[ 1] Reunion RUN - reunion_mm_i386. v0.2.0.3 ini Start Never
[ 2] Rechecker RUN - rechecker_mm_i38 v2.7 ini Chlvl ANY
[ 3] AMX Mod X RUN - amxmodx_mm_i386. v1.9.0.5 ini Start ANY
[ 4] Revoice RUN - revoice_mm_i386. v0.1.0.3 ini Start Never
[ 5] MySQL RUN - mysql_amxx_i386. v1.9.0.5 pl3 ANY ANY
[ 6] Fun RUN - fun_amxx_i386.so v1.9.0.5 pl3 ANY ANY
[ 7] Engine RUN - engine_amxx_i386 v1.9.0.5 pl3 ANY ANY
[ 8] FakeMeta RUN - fakemeta_amxx_i3 v1.9.0.5 pl3 ANY ANY
[ 9] CStrike RUN - cstrike_amxx_i38 v1.9.0.5 pl3 ANY ANY
[10] CSX RUN - csx_amxx_i386.so v1.9.0.5 pl3 ANY ANY
[11] Ham Sandwich RUN - hamsandwich_amxx v1.9.0.5 pl3 ANY ANY
[12] ReAPI RUN - reapi_amxx_i386. v5.26.0. pl3 ANY Never
[13] CURL AMXX RUN - curl_amxx_i386.s v1.1.1 pl3 ANY ANY
[14] SQLite RUN - sqlite_amxx_i386 v1.9.0.5 pl3 ANY ANY
User.ini пустая
база бд которая на сайте пару человек
они каким-то образом прям на игре выдают админки.. на двух разных серверах на двух разных хостах.
хоть не пакостят. когда спрашиваешь у каждого в лс на вопрос откуда у тебя админка -ответ "хз"
у них стим и ава та же тоесть играют и бац админы. я уже хз че делать и начал сюда писать.. думал тут знающие.
мой программист который шарит за плагины.
сделал плагин который выдает админку тем кто только прописан в плагине, а остальным кто взламывает или прописан в бд или users.ini не дает больше трех флагов "fmz"
ты проверял не совпадает ли стим_ид тех у кого появляется админка с тем что должна выдаваться? вы конкретно не отвечаете на вопрос, не бывает такого что админка появляется из воздуха без записи в бд или users.ini
перед тем как писать в базе их не было в БД. решил перепроверить щас и они там появились. доступ только у меня и у прогера. но он точно не пределах он их постоянно банил за читы и тд не взлюбил их сразу.. как они туда попадают
вариантов взлома масса, начать нужно со списка плагинов, а так же с амхх логов, это если админку выдали через команду amx_addadmin
или узнали пароль к rcon_password, но тогда тоже в логах будет инфа
крайний вариант, это взлом самого ксбанса, может у вас там пароль 123321, или пароль например такой же, как в setinfo вы пишите
многие используют один и тот же пароль, а кто то тоже один и тот же, но с заменой одного символа, и думает что всех обхитрил
они как-то в СS:Bans 1.3.9 выдали себе вэб админ и таким образом выдали админки.. как это возможно даже если они узнали ссылку сайта то пароль генерированный..
Сообщение автоматически объединено:
@present,
name version author file status
[ 1] Safe Userinfo 1.0.4 the_hunter safe_userinfo.a running
[ 2] Admin Loader 3.5 neygomon admin_loader.am running
[ 3] FreshBans 1.4.8b kanagava fresh_bans_183. running
[ 4] [190] Vanga Detector 26.01.29 SKAJIbnEJIb & Pr vanga_detector. running
[ 5] [190] ECD Helper 26.01.29 SKAJIbnEJIb ecd_helper.amxx running
[ 6] Admin 2.0 x amxx_admins.amx running
[ 7] tracker_sql 2.6.2 X tracker_v2.6.2. running
[ 8] unknown unknown unknown stp.amxx bad load
[ 9] Admin Commands 1.9.0.5294 AMXX Dev Team admincmd.amxx running
[ 10] Admin Help 1.9.0.5294 AMXX Dev Team adminhelp.amxx running
[ 11] Slots Reservation 1.9.0.5294 AMXX Dev Team adminslots.amxx running
[ 12] Multi-Lingual System 1.9.0.5294 AMXX Dev Team multilingual.am running
[ 13] unknown unknown unknown hns_train_v1.2. bad load
[ 14] unknown unknown unknown hns_train_addon bad load
[ 15] Menus Front-End 25.12.01 SKAJIbnEJIb & AM amxmodmenu_rbs. running
[ 16] Commands Menu 1.9.0.5294 AMXX Dev Team cmdmenu.amxx running
[ 17] Players Menu 1.9.0.5294 AMXX Dev Team plmenu.amxx running
[ 18] Teleport Menu 1.9.0.5294 AMXX Dev Team telemenu.amxx running
[ 19] Maps Menu 1.9.0.5294 AMXX Dev Team mapsmenu.amxx running
[ 20] Admin Chat 1.9.0.5294 AMXX Dev Team adminchat.amxx running
[ 21] Scrolling Message 1.9.0.5294 AMXX Dev Team scrollmsg.amxx running
[ 22] Info. Messages 1.9.0.5294 AMXX Dev Team imessage.amxx running
[ 23] Admin Votes 1.9.0.5294 AMXX Dev Team adminvote.amxx running
[ 24] Stats Configuration 1.9.0.5294 AMXX Dev Team statscfg.amxx running
[ 25] Restrict Weapons 1.8.2 AMXX Dev Team restmenu.amxx running
[ 26] unknown unknown unknown survival_test.a bad load
[ 27] hns_skill_sys 1.5.2 ab hns_skill_sys_v running
[ 28] hns_skill_sql 1.2 bc hns_skill_sql_v running
[ 29] Bu3yaJI 1.9.4 SoulWave Bu3yaJI_v1.9.4. running
[ 30] legalsettings 2.3.2 X legalsettings_v running
[ 31] hns_afk 1.5.7 X afk2spec_v1.5.7 running
[ 32] admin laser 1.2 X laser_v1.2.amxx running
[ 33] Team Manager 1.3.3 author team_manager_v1 running
[ 34] hns_roundtime 1.5 X hns_roundtime.a running
[ 35] NEW&FROST&NADES 1.2 gloomalanche hns_newfrostnad running
[ 36] spawn_protection 7.2.0 Peli+X spawn_protectio running
[ 37] gta 1.1 timebutcher gta.amxx running
[ 38] Spectator Keys Release awe show_keys.amxx running
[ 39] Knife stab info 1.0.2 OpenHNS stab_info.amxx running
[ 40] SpecList 1.7 FatalisDK speclist_1.7.am running
[ 41] Client Analyzer 2.8.1 FAME client_analyzer running
[ 42] CA: Crack BETA Garey & Juice client_analyzer running
[ 43] KZ Jump Stats 1.9.10 loc Kpoluk kz_jump_stats_l running
[ 44] HideNSeek PRO Desqpod hidenseek.amxx running
[ 45] Reset Score 1.0 Silenttt resetscore.amxx running
[ 46] Block grande info 1.0 alliedmods BlockGrenadeInf running
[ 47] HP Autoheal 1.4 AciD autoheal.amxx running
[ 48] Map Manager: Core 3.1.5 privat map_manager_cor running
[ 49] Map Manager: Informer 0.0.5 privat map_manager_inf running
[ 50] Map Manager: Rtv 0.1.1 privat map_manager_rtv running
[ 51] Map Manager: Scheduler 0.1.10 privat map_manager_sch running
[ 52] Map Manager: Sounds 0.0.2 privat map_manager_sou running
[ 53] Map Manager: Nominatio 0.2.1 privat map_manager_nom running
[ 54] Custom Player Models A 0.2.7 F@nt0M & BlackSi custom_player_m running
[ 55] Custom Player Models C 0.2.3 BlackSignature custom_player_m running
[ 56] Custom Player Models T 0.2.1 BlackSignature custom_player_m running
[ 57] ChatAdditions: Core v1.9.4 Sergey Shorokhov ChatAdditions_C debug
[ 58] ChatAdditions: SQLite v1.9.3 Sergey Shorokhov CA_Storage_SQLi debug
[ 59] CA: Mute v1.9.4 Sergey Shorokhov CA_Mute.amxx debug
[ 60] CA: VoteGAG 1.0.1-alph Sergey Shorokhov CA_Addon_VoteGa debug
[ 61] CA Addon: Request UnGA v1.9.4 steelzzz CA_Addon_Reques debug
[ 62] CA: Gag v1.9.4 Sergey Shorokhov CA_Gag.amxx debug
[ 63] Chat Manager 1.1.2-16 Mistrick chatmanager.amx running
[ 64] Chat Manager: Addon 0.0.4-70 Mistrick chatmanager_add running
( 8) Load fails: Plugin file open error (plugin "stp.amxx")
( 13) Load fails: Plugin file open error (plugin "hns_train_v1.2.9.amx")
( 14) Load fails: Plugin file open error (plugin "hns_train_addon_v1.2.4.amx")
( 26) Load fails: Plugin file open error (plugin "survival_test.amxx")
64 plugins, 60 running
# ClientID types (for cid_* options)
# 1: Real (or generated by HW) steam (STEAM_xx:xx:xx)
# 2: Real (or generated by HW) valve (VALVE_xx:xx:xx)
# 3: STEAM_ by IP
# 4: VALVE_ by IP
# 5: Deprecated - client will be rejected
# 6: reserved for future use
# 7: HLTV
# 8: STEAM_ID_LAN
# 9: STEAM_ID_PENDING
# 10: VALVE_ID_LAN
# 11: VALVE_ID_PENDING
# 12: STEAM_666:88:666
# Use these options to set authid's for clients
### AUTH CONTROL ###
# For Legit Steam clients (default is real STEAM_xx:xx:xx [1])
cid_Steam = 1
# Client recognized as pending when they sucessfully authorized, but did not get steam id
# REMARK: Actually, it got steamid, but it is useless (STEAM_0:0:0 for example)
# default is Deprecated [5]
cid_SteamPending = 5
# for HLTV (default is Deprecated [5])
cid_HLTV = 7
# for p.47 clients that do not support unique id generation (default is Deprecated [5])
cid_NoSteam47 = 5
# for p.48 clients that do not support unique id generation (default is Deprecated [5])
cid_NoSteam48 = 5
# For players having revEmu ( >= 9.74) on client-side:
# default is real STEAM_xx:xx:xx [1]
cid_RevEmu = 1
# For players having RevEmu 2013 on client-side:
# default is real STEAM_xx:xx:xx [1]
cid_RevEmu2013 = 1
# For players having SteamClient 2009 / revEmu > 9.82 on client-side:
# default is real STEAM_xx:xx:xx [1]
cid_SC2009 = 1
# For players having old revEmu on client-side:
# default is real STEAM_xx:xx:xx [1]
cid_OldRevEmu = 1
# For players having hCupa's SteamEmu on client-side:
# default is real STEAM_xx:xx:xx [1]
cid_SteamEmu = 1
# For players having AVSMP (Cracked Steam) on client-side:
# default is real STEAM_xx:xx:xx [1]
cid_AVSMP = 1
# For SETTI ServerScanner
# default is STEAM_xx:xx:xx generated by IP [3]
cid_Setti = 3
# For SXEI Clients
# default is real STEAM_xx:xx:xx [1]
cid_SXEI = 1
### AUTH SETTINGS ###
# Authorization protocols version. All steamdid's of non-steams players will be changed in common with this value.
# 1: DProto (deprecated)
# 2: Reunion 2015-2018
# 3: Reunion 2018-2024
# 4: Reunion new (recommended)
AuthVersion = 4
# SteamIdHashSalt (string)
# Salt string for SteamIDs hashing. Irreversibly changes SteamIDs. Prevents SteamID stealing.
# Should be more than or equal to 16 chars length.
# AuthVersion < 3: If string is empty, hashing is not applied
# AuthVersion >= 3: If string is empty, init will be failed
# Recommended length is 32 chars or more
# Specify 0 to explicitly disable hashing (not recommended)
SteamIdHashSalt = 40символов..
# SC2009_RevCompatMode (0 / 1)
# Enable fix to make steamids generated for SC2009 compatible with revEmu. Can't be disabled with AuthVersion >= 3.
# Default: 1
SC2009_RevCompatMode = 1
# EnableSXEIdGeneration (0 / 1)
# Turns on steamid generation based on info sent by sXeI client
# Enable this ONLY if you have sXeI server installed!
# Default: 0
EnableSXEIdGeneration = 0
# EnableGenPrefix2 (0 / 1)
# Enable second prefix (STEAM_*:0/1:****) for generated authids. Reduces chance of authid collisions. Works only with configured SteamIdHashSalt. Can't be disabled with AuthVersion >= 3.
# Default: 0
EnableGenPrefix2 = 0
# HLTVExcept_IP (ip addr)
# HLTV from this IP will be able to join the server even if cid_HLTV is set to 5 (deprecated)
HLTVExcept_IP = 127.0.0.1
### AUTHID PREFIXES ###
# This config section will be ignored when AuthVersion > 2.
# IPGen_Prefix1 (int)
# STEAM_a:b:c
# first prefix (a) for authids generated by IP
IPGen_Prefix1 = 0
# IPGen_Prefix2 (int)
# STEAM_a:b:c
# second prefix (b) for authids generated by IP
IPGen_Prefix2 = 4
# Native_Prefix1 (int)
# STEAM_a:b:c
# first prefix (a) for authids generated by native auth method (Steam)
Native_Prefix1 = 0;
# RevEmu_Prefix1 (int)
# STEAM_a:b:c
# first prefix (a) for authids generated by RevEmu
RevEmu_Prefix1 = 1;
# RevEmu2013_Prefix1 (int)
# STEAM_a:b:c
# first prefix (a) for authids generated by RevEmu2013
RevEmu2013_Prefix1 = 1;
# SC2009_Prefix1 (int)
# STEAM_a:b:c
# first prefix (a) for authids generated by Steamclient 2009
SC2009_Prefix1 = 1;
# OldRevEmu_Prefix1 (int)
# STEAM_a:b:c
# first prefix (a) for authids generated by old RevEmu
OldRevEmu_Prefix1 = 2;
# SteamEmu_Prefix1 (int)
# STEAM_a:b:c
# first prefix (a) for authids generated by SteamEmu
SteamEmu_Prefix1 = 3;
# SteamEmu_Prefix1 (int)
# STEAM_a:b:c
# first prefix (a) for authids assigned for AVSMP Clients (Cracked steam)
AVSMP_Prefix1 = 4;
# Setti_Prefix1 (int)
# STEAM_a:b:c
# first prefix (a) for authids assigned for Setti server scanner
Setti_Prefix1 = 5;
# SXEI_Prefix1 (int)
# STEAM_a:b:c
# first prefix (a) for authids assigned for sXeI clients
SXEI_Prefix1 = 6;
# Note that banid will use steamid WITHOUT any prefixes!
# ========================================================
# SERVER QUERIES MANAGEMENT
# ========================================================
# ServerInfoAnswerType (0/1/2)
# Sets server answer type for query requests
# 0 = New style (Steam) (recommended)
# 1 = Old Style (GoldSource Engine)
# 2 = Hybrid mode - Server is visible anywhere, but there are 3 packets generated for every serverinfo request
# Default: 0
ServerInfoAnswerType = 0
# FixBuggedQuery (0 / 1)
# Enable fix for clients with bugged serverbrowser. Prevents hanging on connect.
# Default: 1
FixBuggedQuery = 1
# EnableQueryLimiter (0 / 1)
# Enable ratelimit for server queries (TSource, players, etc). You can use 0 if external protection solutions used.
# Default: 1
EnableQueryLimiter = 1
# QueryFloodBanLevel (320 - 2048).
# Queries/sec level for ip ban. Maximum measured legit level is 80/sec.
# Default: 400
QueryFloodBanLevel = 400
# QueryFloodBanTime (0 - 60).
# Ban time in minutes for server query flooding. Use 0 to disable bans (block only).
# Default: 10
QueryFloodBanTime = 10
[QueryLimiterExceptIP]
#127.0.0.1
# AllowSplitPackets (0 / 1)
# Allow splitting of outgoing packets if they size are greater than 1400. Used in original steamclient, but does not supported by some monitorings.
# Default: 0
AllowSplitPackets = 0
# IDClientsLimit (0 - 32)
# Maximum number of clients from single steamid. Useful for debugging with multiple instances clients.
# 0 means unlimit
# Default: 1
IDClientsLimit = 1
# ========================================================
# OTHER STUFF
# ========================================================
нужно просмотреть логи ксбанс, веб логи хотя бы, чтобы понять, кто вообще имел доступ к админке. Нельзя просто так добавить веб админа через кс или ркон, эти варианты отметаются. Узнать время добавления, айпи который это сделал, диагностика прежде всего. Так же вероятно могли посмотреть данные БД, если имели доступ к ркон, и добавили админа прямо в БД (не знаю ксбанс, обычно такое нельзя сделать, будет не соответствие ключей, но мало ли в нем нет этой защиты)
Ну и поменять тогда пароли к БД, если флага L ни у кого не будет, то и проблем не будет
