CS.RIN.RU - Steam Underground Community
http://cs.rin.ru/forum/

I think there is a serious problem on my server :P
http://cs.rin.ru/forum/viewtopic.php?f=31&t=58820		 Page 1 of 1
Author:  Dark-Master [ Wednesday, 09 Feb 2011, 07:00 ]
Post subject:  I think there is a serious problem on my server :P
Hello people

I think there is a serious problem on my server. :P

When I or my players connected to my server...... after 10 seconds have passed, the motd windows will pop-up with a title "Test" with a direct download link to torres-store.something/bla/maps.exe.

And yes, it's a trojan. If you don't have antivirus install, you will be pwnd so hard. :laughing:

At first, my motd was changed. I don't know if it's some kind of exploit and I was using old dproto. Now I set my motd.txt permission to read-only and use new dproto(I'm not saying that dproto is causing this.). And yes, my motd is now still mine. But the problem is still present.

I'm thinking of my AMXBans because it's 6.0.1 and it's out of date for now and I just knew yesterday that the AMXBans project is dead already.


And yeah. I've done nothing yet. I'll be investigating this and will report to you guys soon.
I never know that people can change my motd without being logged in to my server console. lol


If anyone knows what caused this, please tell me. :razz: (I'm lazy fixing this since I quit gaming)



console: version
Code: Select all | Line number On/Off | Expand/Contract
  1.  
  2. Protocol version 48
  3.          Exe version 1.1.2.6 (cstrike)
  4.          Exe build: 14:21:06 Mar  8 2010 (4554)
  5.  


console: meta list
Code: Select all | Line number On/Off | Expand/Contract
  1.  
  2.                description      stat pend  file              vers      src   load  unlod
  3.           [ 1] AMX Mod X        RUN   -    amxmodx_mm.dll    v1.8.1.3  ini   Start ANY  
  4.           [ 2] dproto_EF        RUN   -    dproto.dll        v0.9.87   ini   Start Never
  5.           [ 3] MySQL            RUN   -    mysql_amxx.dll    v1.8.1.3  pl1   ANY   ANY  
  6.           [ 4] Fun              RUN   -    fun_amxx.dll      v1.8.1.3  pl1   ANY   ANY  
  7.           [ 5] Engine           RUN   -    engine_amxx.dll   v1.8.1.3  pl1   ANY   ANY  
  8.           [ 6] FakeMeta         RUN   -    fakemeta_amxx.dl  v1.8.1.3  pl1   ANY   ANY  
  9.           [ 7] CStrike          RUN   -    cstrike_amxx.dll  v1.8.1.3  pl1   ANY   ANY  
  10.           [ 8] CSX              RUN   -    csx_amxx.dll      v1.8.1.3  pl1   ANY   ANY  
  11.           [ 9] Ham Sandwich     RUN   -    hamsandwich_amxx  v1.8.1.3  pl1   ANY   ANY  
  12.          9 plugins, 9 running
  13.  


console: amx_plugins
Code: Select all | Line number On/Off | Expand/Contract
  1.  
  2.                 name                    version     author            file             status  
  3.           [  1] AMXBans Core            6.0.1       AMXBans Dev Team  amxbans_core.am  running  
  4.           [  2] AMXBans Main            6.0.1       AMXBans Dev Team  amxbans_main.am  running  
  5.           [  3] Admin Commands          1.8.1.3746  AMXX Dev Team     admincmd.amxx    running  
  6.           [  4] Admin Commands          1.8.1.3746  AMXX Dev Team     adminccmd.amxx   running  
  7.           [  5] Admin Help              1.8.1.3746  AMXX Dev Team     adminhelp.amxx   running  
  8.           [  6] Slots Reservation       1.8.1.3746  AMXX Dev Team     adminslots.amxx  running  
  9.           [  7] Menus Front-End         1.8.1.3746  AMXX Dev Team     menufront.amxx   running  
  10.           [  8] Commands Menu           1.8.1.3746  AMXX Dev Team     cmdmenu.amxx     running  
  11.           [  9] Plugin Menu             1.8.1.3746  AMXX Dev Team     pluginmenu.amxx  running  
  12.           [ 10] Admin Chat              1.8.1.3746  AMXX Dev Team     adminchat.amxx   running  
  13.           [ 11] Anti Flood              1.8.1.3746  AMXX Dev Team     antiflood.amxx   running  
  14.           [ 12] Scrolling Message       1.8.1.3746  AMXX Dev Team     scrollmsg.amxx   running  
  15.           [ 13] Info. Messages          1.8.1.3746  AMXX Dev Team     imessage.amxx    running  
  16.           [ 14] Admin Votes             1.8.1.3746  AMXX Dev Team     adminvote.amxx   running  
  17.           [ 15] TimeLeft                1.8.1.3746  AMXX Dev Team     timeleft.amxx    running  
  18.           [ 16] Pause Plugins           1.8.1.3746  AMXX Dev Team     pausecfg.amxx    running  
  19.           [ 17] Stats Configuration     1.8.1.3746  AMXX Dev Team     statscfg.amxx    running  
  20.           [ 18] Restrict Weapons        1.8.1.3746  AMXX Dev Team     restmenu.amxx    running  
  21.           [ 19] StatsX                  1.8.1.3746  AMXX Dev Team     statsx.amxx      running  
  22.           [ 20] CS Stats Logging        1.8.1.3746  AMXX Dev Team     stats_logging.a  running  
  23.           [ 21] HLstatsX CE Ingame Plu  1.6.11 (HL  psychonic         hlstatsx_comman  running  
  24.           [ 22] AMX Super               4.2         Bmann_420         amx_super.amxx   running  
  25.           [ 23] AMX_Super Menu          0.8.1       Yami Kaitou       amx_super_menu.  running  
  26.           [ 24] Back Weapons            1.87        hoboman313/cheap  backweapons.amx  running  
  27.           [ 25] Descriptive 'Fire in t  0.1         VEN               descriptive_fir  running  
  28.           [ 26] Galileo                 1.1.290     Brad Jones        galileo.amxx     running  
  29.           [ 27] Ultimate Gore           1.6         JTP10181          amx_gore_ultima  running  
  30.           [ 28] In-Game Ads             1.83        stupok            in_game_ads.amx  running  
  31.           [ 29] Map Spawns Editor       1.0.16      iG_os             Map_Spawns_Edit  running  
  32.           [ 30] Misc. Stats             1.0         default, zhangsh  miscstats-xgn.a  running  
  33.           [ 31] Real Nade Drops         0.4         VEN               realnadedrops.a  running  
  34.           [ 32] RS Swear Filter         2.0         xeroblood         rs_swearfilter.  running  
  35.           [ 33] Task Scheduler          0.2         JustinHoMi        task_scheduler.  running  
  36.           [ 34] Weapon Physics          2.1         Nomexous          weaponphys.amxx  running  
  37.           [ 35] Game Namer              1.1         NeuroToxin        gamenamechanger  running  
  38.           [ 36] AMXBans Freeze          1.0         |PJ|ShOrTy        amxbans_freeze.  running  
  39.           [ 37] Amxbans Flagged         1.02        |PJ|ShOrTy        amxbans_flagged  running  
  40.          37 plugins, 37 running
  41.  


Image
Image
Image
Image
Click for full size of images


--------------------
Log (+7 GMT)
2011/02/09
11:06 - Disabling AMXBans doesn't fix this.
11:08 - Disabling Dproto doesn't fix this.
11:18 - Added images + info
11:44 - Found something + added onemore image



-- Edit --

WHAT THE HECK IS THIS?

; Basic
admincmd.amxx ; basic admin console commands
adminccmd.amxx ; help command console commands
adminhelp.amxx ; help command for admin console commands
adminslots.amxx ; slot reservation

LOL
Author:  repae1f [ Wednesday, 02 Mar 2011, 14:32 ]
Post subject:  Re: I think there is a serious problem on my server :P
adminccmd.amxx or motd.txt
Page 1 of 1 All times are UTC + 3 hours
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/