SA-MP Forums

Go Back   SA-MP Forums > SA-MP DL Edition > SA-MP 0.3.DL

Closed Thread
 
Thread Tools Display Modes
Old 04/11/2017, 09:58 PM   #21
Misomir
Little Clucker
 
Join Date: Jul 2017
Posts: 21
Reputation: 0
Default Re: 0.3.8 Security Issue

It mustn't be RAT,it could be ANYTHING,!!
Misomir is offline  
Old 04/11/2017, 10:00 PM   #22
SlowARG
Big Clucker
 
SlowARG's Avatar
 
Join Date: Feb 2014
Posts: 50
Reputation: 18
Default Re: 0.3.8 Security Issue

Quote:
Originally Posted by maksicnm View Post
ITS A REASON CUZ THERE IS NO LINUX VERSION OMFG -_-

0.3.8 will certainly not be for a longer period of time on Linux because it is possible to insert a RAT virus into a file and destroy someone who enters the server, so the current version of Windows is currently running and who can run over it server players can enter that server if they believe in it server, the update is well done, I have been planning to let this be among many others in order to improve the launcher for models, it would be nice if this would be released to the end, along with all the vehicles and other things (antique type and so )

Quoted from Balcan forum.
Aren't you serius, really?
SlowARG is offline  
Old 04/11/2017, 10:03 PM   #23
maksicnm
Big Clucker
 
Join Date: Sep 2016
Location: Serbia
Posts: 120
Reputation: 3
Default Re: 0.3.8 Security Issue

Learn programing, thx
maksicnm is offline  
Old 04/11/2017, 10:05 PM   #24
MyU
Little Clucker
 
Join Date: Apr 2013
Posts: 31
Reputation: 18
Default Re: 0.3.8 Security Issue

Calm it down.
IF then you're only able to drop non-dff files, SA-MP itself doesn't treat it as a executable.

Like I said the only apparent way would be some sort of exploit in the file format itself to execute arbitrary code like we had on the TD system back then.
__________________
Project(s): SA-MP Textures :: All GTA:SA Textures Online!
Github
MyU is offline  
Old 04/11/2017, 10:06 PM   #25
cuber
Gangsta
 
cuber's Avatar
 
Join Date: Oct 2016
Posts: 795
Reputation: 173
Default Re: 0.3.8 Security Issue

Scared to death, omg what me gon do
cuber is offline  
Old 04/11/2017, 10:11 PM   #26
Misomir
Little Clucker
 
Join Date: Jul 2017
Posts: 21
Reputation: 0
Default Re: 0.3.8 Security Issue

Hmm...maybe ur right...But still i wanna test it
Misomir is offline  
Old 04/11/2017, 10:14 PM   #27
SlowARG
Big Clucker
 
SlowARG's Avatar
 
Join Date: Feb 2014
Posts: 50
Reputation: 18
Default Re: 0.3.8 Security Issue

Quote:
Originally Posted by ****** View Post
Therefore certain checks could possibly be skipped, because it was known that all the objects were always valid. Without those checks in place, a well crafted model could MAYBE inject code.
I remember a bug in MTA custom models parser.
However, all .txd and .dff files are renamed when downloaded, so isn't a problem at all. Maybe RCE could exists.

Quote:
Originally Posted by maksicnm View Post
Learn programing, thx
Oh man, really? Stop saying st**ids things please.
SlowARG is offline  
Old 04/11/2017, 10:15 PM   #28
cuber
Gangsta
 
cuber's Avatar
 
Join Date: Oct 2016
Posts: 795
Reputation: 173
Spray Re: 0.3.8 Security Issue

Quote:
Originally Posted by Misomir View Post
Hmm...maybe ur right...But still i wanna test it
What's up with this now, since ****** replied.

Quote:
Originally Posted by maksicnm View Post
Learn programing, thx
cuber is offline  
Old 04/11/2017, 10:18 PM   #29
Misomir
Little Clucker
 
Join Date: Jul 2017
Posts: 21
Reputation: 0
Default Re: 0.3.8 Security Issue

I still believe in MY theory cuz i think SAMP is opening em comlete but maybe it isnt.
Misomir is offline  
Old 04/11/2017, 11:07 PM   #30
SlowARG
Big Clucker
 
SlowARG's Avatar
 
Join Date: Feb 2014
Posts: 50
Reputation: 18
Default Re: 0.3.8 Security Issue

Quote:
Originally Posted by ****** View Post
A bug in a parser is not the same thing as just executing an EXE wholesale. I've even heard of bugs in the parser for reading .DOC files in Word - that doesn't make them EXEs, and trying to open an EXE in word won't execute it.
Just read. I'm not saying this, i agree with you in all of my comments...

I said that i remember a bug in the parser that leads to RCE.

Regards.
SlowARG is offline  
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Unoccupied vehicle sync, boat surfing pausing issue, parachute with vehicle issue, surfing w/ skydiving issue Kar Bug Reports 2 10/06/2013 09:24 AM
Security issue with Y_INI + Dialog reg system. caki Scripting Help 0 27/11/2012 02:31 PM
Harmfull security issue (server-sided UDP floods) ExoSanty Bug Reports 7 07/03/2012 09:04 PM
E-Mail Adress or another way to report a major security issue Seoson Server Support 4 08/01/2012 09:06 PM
security cam id akis_tze Help Archive 3 08/02/2010 01:36 PM


All times are GMT. The time now is 08:14 AM.


Powered by vBulletin® Version 3.8.6
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.