BIG smal problem
 

News:

29 December 2022 - PtokaX 0.5.3.0 (20th anniversary edition) released...
11 April 2017 - PtokaX 0.5.2.2 released...
8 April 2015 Anti child and anti pedo pr0n scripts are not allowed anymore on this board!
28 September 2015 - PtokaX 0.5.2.1 for Windows 10 IoT released...
3 September 2015 - PtokaX 0.5.2.1 released...
16 August 2015 - PtokaX 0.5.2.0 released...
1 August 2015 - Crowdfunding for ADC protocol support in PtokaX ended. Clearly nobody want ADC support...
30 June 2015 - PtokaX 0.5.1.0 released...
30 April 2015 Crowdfunding for ADC protocol support in PtokaX
26 April 2015 New support hub!
20 February 2015 - PtokaX 0.5.0.3 released...
13 April 2014 - PtokaX 0.5.0.2 released...
23 March 2014 - PtokaX testing version 0.5.0.1 build 454 is available.
04 March 2014 - PtokaX.org sites were temporary down because of DDOS attacks and issues with hosting service provider.

Main Menu

BIG smal problem

Started by Psycho_Chihuahua, 06 June, 2004, 23:54:42

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Psycho_Chihuahua

Hi

I am running Ptokax Hub 0.326 TD4 and i have 1 small problem.


There is someone reading all PM's written. I don't know exactly who it is but i know he's running NeoModus DC.

Does someone know a) how he does that, and b) how i can stop him doing so?

Blocking all NMDC Clients wouldn't help seeming though i would lose more Users that way.

Gratefull for all Help
PtokaxWiki ?PtokaX Mirror + latest Libs

01100001011011000111001101101111001000000110101101101110011011110111011101101110001000000110000101110011001000000101010001101111011010110110111101101100011011110111001101101000

Flux

I am not an expert on this, but really i think it can't be done for a aperson able to read all PM sent in hub.

As i am sitting here looking at the script and looking at my hub and thinking if other programs can do this inside a hub. But i think this can't be done.

Tho I could be wrong. Hope others can asnwer you too.
? Official HoD Website - http://www.houseofdance.net
? Official HoD Hub Community -  hodhub.dyndns.org:2007

Shurlock

#2
Perhaps it would help all experts if you could tell how you noticed this?

If you're correct in your assumption, then there's a real leak somewhere! I'd hate to think of it!
If it's raining and your roof leaks, fix the roof. DON'T try to stop the rain!!

Corayzon

awhile ago when i was hosting psydream i came accross the same feeling sometimes and then found some proof to back it up.

i had a user entering the hub, forcing himself in as a bot! what he was doing was spamming under the operators names, adding operators to the hub, and spamming fake users as ops accross the hub.

this leads me to beleive that there is indeed a backdoor in how the bots are loaded from ptokax, but i think this is fixed in the td4.99 release, but cant really say...

noza

Psycho_Chihuahua

#4
I was alerted by some of my Users

They were discussing something via PM and got answers from this other guy.

Like i say: i haven't a clue on how this guy does it, if it is a script, user command, fake bot or whatever. All i know is that he can read PM's.
PtokaxWiki ?PtokaX Mirror + latest Libs

01100001011011000111001101101111001000000110101101101110011011110111011101101110001000000110000101110011001000000101010001101111011010110110111101101100011011110111001101101000

Corayzon

um, well, if its a bot, then anything can be done!

ppls passwords could be stolen, and hubs are completly open to attacks...

i sujest running td4.99 and see if the weird shit seems to happen still...if so, tri get a debug version (15.25) and see if it still happens again

also, who is this user? whats his name?

noza

Psycho_Chihuahua

#6
Quotei sujest running td4.99 and see if the weird shit seems to happen still...if so, tri get a debug version (15.25) and see if it still happens again

I am already running TD 4.99  ;(  so i guess i'll give the debug version a try (if i find it)

As far as i can make out he goes under the name: sunshine

Btw: Build 15.25 is in beta stage as i gather so i cant get that  ;(  ;(
PtokaxWiki ?PtokaX Mirror + latest Libs

01100001011011000111001101101111001000000110101101101110011011110111011101101110001000000110000101110011001000000101010001101111011010110110111101101100011011110111001101101000

NotRabidWombat

Ok, a person can not force himself/herself as a "bot". A bot is scripting interface through lua.

My first question, how secure are your password and your hub?

Next, do you use any kind of regme script?

Last, do you have any logs or actual proof of what is going on?

-NotRabidWombat


I like childish behavior. Maybe this post will be deleted next.

Psycho_Chihuahua

I own one of three Hubs connected with MHS.
Only registered Users are allowed in.
No register script is available for anyone under Operator Status.
Scripts used are: SecuLite_V_0.44, a HubMail script, Nickbot and a ASCII Picture Bot. All translated into German.

Sorry but i dont have any Logs on that, just complaints from four of our Users that he has interfered with User to User Communication refering to what had just been said via PM and not through Mainchat.
PtokaxWiki ?PtokaX Mirror + latest Libs

01100001011011000111001101101111001000000110101101101110011011110111011101101110001000000110000101110011001000000101010001101111011010110110111101101100011011110111001101101000

NotRabidWombat

"Sorry but i dont have any Logs on that, just complaints from four of our Users that he has interfered with User to User Communication refering to what had just been said via PM and not through Mainchat."

Hrm, I wonder if there is some possible spoofing / packet snifing going on. Do these four users have something in common, such as they are all on the same subnet?

-NotRabidWombat


I like childish behavior. Maybe this post will be deleted next.

Psycho_Chihuahua

No they don't

One Hub (my one) stands in Switzerland and the other 2 are in Germany.
The only possibility in that occasion would be that they have the same Provider.
PtokaxWiki ?PtokaX Mirror + latest Libs

01100001011011000111001101101111001000000110101101101110011011110111011101101110001000000110000101110011001000000101010001101111011010110110111101101100011011110111001101101000

NotRabidWombat

#11
Not the hubs. The users, do the four users who were complaining have anything in common (take a look at their IPs)

-NotRabidWombat


I like childish behavior. Maybe this post will be deleted next.

Psycho_Chihuahua

#12
Like i said:
QuoteThe only possibility in that occasion would be that they have the same Provider
All four are with T-Online so they all have similar Dial-Up IP's.
PtokaxWiki ?PtokaX Mirror + latest Libs

01100001011011000111001101101111001000000110101101101110011011110111011101101110001000000110000101110011001000000101010001101111011010110110111101101100011011110111001101101000

NotRabidWombat

Well, that is a possibility. What about the person who was listening in on the conversation?

-NotRabidWombat


I like childish behavior. Maybe this post will be deleted next.

Psycho_Chihuahua

#14
well he's not with T-Online as far as i know.

So could it be that he hacked them instead of the hub?

PtokaxWiki ?PtokaX Mirror + latest Libs

01100001011011000111001101101111001000000110101101101110011011110111011101101110001000000110000101110011001000000101010001101111011010110110111101101100011011110111001101101000

SMF spam blocked by CleanTalk