Solved Random player setting self as owner

Discussion in 'Rust Discussion' started by quesoydulcedetandil, Sep 15, 2016.

  1. Calytic

    Calytic Community Admin Community Mod

    Keybinds should be separated into client-specific and server-specific. Binds set by the client should be written to the local config as they are now. Binds set by the server should be written to a separate local config that is only activated when joining that server.

    Currently it is possible for a compromised or malicious server to set keybinds (such as those outlined in this post) on the client and then those binds are persisted to other servers.

    @FacePunch
     
    Last edited: Sep 23, 2016
    Calytic, Sep 23, 2016
    #21
  2. StreetDog

    StreetDog

    The account of the hacker is this:

    Steam Community :: Unregistered

    This guy was playing/hacking with names like:
    Dioxaflex
    Wimer
    Putin
    PutinGroso

    There are some other reports:
    Steam id se pone como Owner de mi server (Steamid's getting as owner on others server) :: Rust General Discussions

    Until JULY this account was PUBLIC
    STEAM_0:0:176526798 - STEAMID I/O

    NOW IS PRIVATE PROFILE !!
    I TALKED TODAY WITH HIM
    THAT IS MY CHAT WITH THE HACKER
    IS ARGENTINIAN, HE SPEAK SPANISH,
    IF SOME ADMIN NEEDS TRANSLATION CONTACT ME
    THE RUST AND OXIDE COMMUNITY NEEDS TO DEAL WITH THIS NASTY GUY ASAP
    AND FOUND THE BACKDOOR THAT CHANGE THE FILE "KEYS.CFG"
     
    Last edited by a moderator: Sep 24, 2016
    StreetDog, Sep 24, 2016
    #22
  3. Wulf

    Wulf Community Admin

    It's not a backdoor, people downloaded something or connected to a server that changed Rust's keys.cfg to bind a key to the commands mentioned in this thread. It's not a hack, just someone tacking advantage people and a feature in Rust.

    So once again, feature of Rust, not a backdoor. Rust allows keys to be bound to commands.
     
    Wulf, Sep 24, 2016
    #23
  4. StreetDog

    StreetDog

    But why if you delete all of this, and start your dedicated with Oxide the Keys.cfg and The ownerid Shows up again ?
    I dont enter other servers
     
    StreetDog, Sep 24, 2016
    #24
  5. Wulf

    Wulf Community Admin

    Then there's likely something else on your computer that is modifying the file. Did you download any random files from any sites or YouTube videos?

    Oxide has nothing to do with the keys.cfg file, Rust has a key binding feature that allows clients to bind keys to commands. You can do this manually or a server can do it via a plugin.
     
    Wulf, Sep 24, 2016
    #25
  6. Reynostrum

    Reynostrum

    Then you have some kind of virus on your pc that is changing that file. If I were you, I'd format my pc.
     
    Reynostrum, Sep 24, 2016
    #26
  7. StreetDog

    StreetDog

    I think will be needed to look what server is sending this "scripts"
    thanks!!!

    IF somebody can help with this or have any ideas please share.
    I am almost sure about what ppl is behind this, here on Argentina, the Pay2Win servers are big business for some ppl.
     
    StreetDog, Sep 24, 2016
    #27
  8. Wulf

    Wulf Community Admin

    It's more than likely from not from a server, instead from sometime on your machine that was installed from elsewhere.
     
    Wulf, Sep 24, 2016
    #28
  9. Savage ✔

    Savage ✔

    76561197960287930
    owner

    is listed as a owner on my server, at no point did i add him.
    SteamRep » Rabscuttle [Trusted] | 76561197960287930 | STEAM_0:0:11101

    Turns out hes a steam employee?

    At what point do they have any right to do such thing?
    [DOUBLEPOST=1474755354][/DOUBLEPOST]When i say steam i mean Valve.

    How can this guy add him self to my server? surely this is a breach of some kind with abusive powers?
     
    Savage ✔, Sep 24, 2016
    #29
  10. Wulf

    Wulf Community Admin

    Check the replies in this thread, it might explain it.
     
    Wulf, Sep 24, 2016
    #30
  11. Savage ✔

    Savage ✔

    Still dont get why a Valve guy is owner on server. :S am i missing something?
     
    Savage ✔, Sep 24, 2016
    #31
  12. Wulf

    Wulf Community Admin

    Are you sure that is the only one?
     
    Wulf, Sep 24, 2016
    #32
  13. Savage ✔

    Savage ✔

    There is only 1 guy added as a owner on our server, and its coming back as a Valve guy. Hes never connected to server or anything,
    checked key file, and nothing there. ill keep a eye on it, little worrying tho.
     
    Savage ✔, Sep 25, 2016
    #33
  14. StreetDog

    StreetDog

    PPL IS SO SIMPLE AND THIS PLUGIN WILL EXPLAIN EVERYTHING !

    HotKeys for Rust | Oxide

    You can put as default something like this...
    In our case this guy from an Argentinian Nasty Server (that made the RUST a PAY2WIN with donation for WOOD/STONE/METALS kits VIP) run this plugin that bind undesired commands when the wheeldown is touched, and is imposible dont touch it !! :p
    but... maybe your case is Just a Troll that wanna confuse ppl, I dont think that a Valve Employee needs to do that.

    I think in future updates RUST/facepunch needs to take care about the permissions changing and executings this kind of binds
     
    Last edited by a moderator: Sep 27, 2016
    StreetDog, Sep 27, 2016
    #34
  15. Wulf

    Wulf Community Admin

    Any plugin or direct server mod can do that, it's a feature in Rust; it's discussed previously in this thread. It's just a console command that the server can run on the client.
     
    Wulf, Sep 27, 2016
    #35
  16. StreetDog

    StreetDog

    yes, but Im pointing that Plugin that Im sure was used for that, Nobody here pointed that plugin, Right? dont know, Im sharing only,
    and sharing knowledge because here some ppl talks about troyans or viruses, one guy told me about formating pc LOOOOOOOOOOOOL
     
    StreetDog, Sep 27, 2016
    #36
  17. Wulf

    Wulf Community Admin

    It likely happened long before that, and there likely are programs out there that do it as well, especially if it keeps happening every time you start your client without connecting to a malicious server. It may not be the same case for you as someone else having the issue.
     
    Wulf, Sep 27, 2016
    #37
  18. StreetDog

    StreetDog

    yes, but quesoydulcedetandil and me were talking abuot this particular case, with this particular bind, with this particular guy, and I found finally the source of the Issue. :) Thanks anyway...

    but not, I will not format my pc :F
     
    StreetDog, Sep 27, 2016
    #38
  19. Savage ✔

    Savage ✔

    Since i removed the Valve guy and banned him blah blah blah, its not shown up there, checking it daily for any spooky stuff. but so far its all good.
     
    Savage ✔, Sep 27, 2016
    #39
  20. modonga

    modonga

    Hi huys, i really need help, this week "somebody" was trting to enter to my server several times, i change my rcon port and password to "hello$&&(/%$1325fgt43?='0¡098=/&(!"

    But this guy continue accesing to my server... Write via command "say" and stop the server or free items to the players (bla bla bla), this is the information that i have, anybody can tell me what i could do?


    http://fotos.subefotos.com/eb0382cb44d734060a2a5bbae01dd3fbo.png
    http://fotos.subefotos.com/6ffac8d40ee3e2f3226c9a9e6adbb4ado.png
    http://fotos.subefotos.com/57d884a85dd1cbbb67f33dd4534a5757o.png
    http://fotos.subefotos.com/e6c0bbdabcb09e829592b028d244dac4o.jpg
    http://fotos.subefotos.com/54cd8516d0eb94afab36330971b591d7o.jpg

    5 times accesing in 2 days... I really dont know what to do. Wulf what do you think in your experience?
     
    modonga, Oct 3, 2016
    #40