[FIXED] Major LUA exploit hit majority of servers

  Highwon

    Owner

    UPDATE: The exploit has been fixed in the latest version of garrysmod. Please update your game as soon as possible.

    It seems a major LUA exploit has hit majority of garrysmod servers.

    I would suggest staying off garrysmod until there is a patch. For now there is a fix to remove any malicious files from your computer: http://facepunch.com/showthread.php?t=1386818&p=44583860&viewfull=1#post44583860

    If the link doesn't work, create a batch file with the following code and place it in your garrysmod folder and run it:
    @echo off
    title Exploit file cleanup - MFSiNC
    if exist "hl2.exe" (
    cd "garrysmod"
    if not exist steam.inf (
    echo You're running this from the wrong place!
    echo Put this file in your garrysmod folder, either server or client, and re-run it.
    echo This will remove the files used in the exploit/virus.
    echo To see exactly what will be removed, open this batch file with Notepad.
    echo Cleaning..
    taskkill /F /IM hl2.exe > nul
    taskkill /F /IM srcds.exe > nul
    ::Files, clientside
    if exist "engine_win32.dll" (
    attrib -h "engine_win32.dll"
    del /F /Q "engine_win32.dll"
    if exist "materials\cooltexture.vtf" (
    del /F /Q "materials\cooltexture.vtf"
    if exist "bin\game_shader_generic_engine.dll" (
    attrib -h "bin\game_shader_generic_engine.dll"
    del /F /Q "bin\game_shader_generic_engine.dll"
    if exist "download\engine_win32.dll" (
    attrib -h "download\engine_win32.dll"
    del /F /Q "download\engine_win32.dll"
    if exist "download\cfg" (
    RD /S /Q "download\cfg"
    ::Files, serverside
    if exist "lua\autorun\server\default.lua" (
    attrib -h "lua\autorun\server\default.lua"
    del /F /Q "lua\autorun\server\default.lua"
    echo Done.
  -spud-

    -spud- Banned

  Enigmatica

    Enigmatica The Song Lives On Banned

  Kythol

    Moderator

    Well, this sucks. Highwon, if you need me to make sure everything is okay I'll be willing to risk the infection to make sure all is well.
  DieKasta

    DieKasta :Blackalien: Forever VIP

    oh shit
  CaptainChild

    CaptainChild New Member

    Alright since there is a bit of confusion of knowing how your infected it's simple if you've been on a Gmod server that is fairly popular within the last 24hours your infected. Since it is a server side Infection that makes clients execute a nasty Lua
  Chii

    Chii Seriously a Baka VIP

  ZeRo

    ZeRo :sneaky: Banned VIP Silver

    Chii, then you're infected and you should run the script. Just sayin. ;)
  Enigmatica

    Enigmatica The Song Lives On Banned

    No it's whoever sends the messages is infected
  ZeRo

    ZeRo :sneaky: Banned VIP Silver

    Ahhh, never mind then.
  Peter

    Peter VIP

    Serious TTT West has not been infected. Any server infected has "!!!" before the name, it's part of the infection (which makes it easier).

    Nonetheless you should run the patch.
  Peter

    Peter VIP

    Not necessarily.
  CaptainChild

    CaptainChild New Member

    Well he tweaked it a bit, but there are multiple versions of the same exploit going around the first one gave messages like this


    The second tweak was the *cough* message and now it looks like he tweaked it again to register names of servers with the lastest bug to change the name with a !!! in front
  Yawn.

    Yawn. Previously known as Kindle, Books, Pages.

    Inspired by Chii, someone had to make a gif out of this mess.

  Zikeji

    Zikeji Repoleved VIP Emerald

    This is hilarious. To bad I slept through the worst of it :(.
  megaboy

    megaboy I got this game for Fathers day VIP

    It's kind of sad. One person sent this to people as a joke and it went out of hand. GG.
  Mr. Disco

    Mr. Disco Jeff Lynne is a musical genius. VIP

    Highwon said if the link didn't work then you should make a batch file.. Although most people might know how, some don't. Here's how:


    Copy paste the code into notepad.

    Then you want to save it.
    Make sure the "Save as type:" selected as "All files"

    Then name it to anything you want. I named it "GMODFIX" after you've named it put a .bat after the name.

    Then put it in your garrysmod folder.

    Hope this helps,

  [LD] SDfool

    [LD] SDfool New Member

    Which Code do we copy and put in it though?
  Mr. Disco

    Mr. Disco Jeff Lynne is a musical genius. VIP

    This one:
  Silent Rebel

    Silent Rebel Lead Shitposter VIP

    I think you should just take the servers down while this is going on.. Don't see any point in having them up if people are just getting vac banned.
