Remote logs

I've seen #8 before, today in fact. I wasn't sure exactly what it was, just that it wasn't good. Good to know all that.
 
Basically ban anything with a ; in it, This has been apart of pyBEscanner for awhile and seems to cover most, if not all of the cases above :)

EDIT: Also anything with dwadern in it
 
Keep in mind that scripters can make other people run this scripts, our server got attacked and everyone was running them, the logs were flooded with it.
 
k4n30 said:
Basically ban anything with a ; in it, This has been apart of pyBEscanner for awhile and seems to cover most, if not all of the cases above :)

EDIT: Also anything with dwadern in it
Click to expand...

You don't happen to know the obfuscated version do you? I remember seeing it, I could have sworn it was either on reddit or Hangender shared it somewhere.. :( I think it was %52..


Hangender said:
Actually...you can remote exec a remote exec.

But currently none of the remote exec is doing it so just scan every log except scripts.txt
Click to expand...
They are now.
 
Just a quick question in regards to #7, I experienced 3 kids on my server using this exact script.

Code: 
"
if (true) then (usecInject
 
    select 0
    );"

I was lucky and caught them very quickly, is there an easy way to add this exact exploit to my remoteexec.txt filters?
 
Code: 
 - Value Restriction #12 "remExField" = [,<NULL-object>,"loc","JIPexec",[,,"per","execVM","ca\Modules\Functions\init.sqf"]]
- Value Restriction #25 "remExField" = [,<NULL-object>,"loc","JIPexec",[,,"per","execVM","ca\Modules\Functions\init.sqf"]]
21.04.2013
Probably not the right place to ask this but I caught this a while back and see nothing on it when I google it. Maybe someone else has some idea?
 
You must log in or register to reply here.
Back
Top