Need To Update Config // Hacked

lynden · Post by **lynden** » Fri Mar 04, 2005 6:50 am

Hey,guys well i had guy on the internet help me bulid a config,wel he bulit it then after puttin up the server he glined me and every one else he got admin rights for some reason even though i changed the password, any one know why it was so easy to hack and prevent it thanks! here`s link to the config..im wonderin if any one could link me up with a a working config, thanks

http://www.members.lycos.co.uk/heyhowar ... d.conf.txt

Dukat · Post by **Dukat** » Fri Mar 04, 2005 7:55 am

lynden wrote:any one know why it was so easy to hack

It was so easy because you obviously don't know anything about the unreal config. Don't let others ever touch your unrealircd.conf.
You absolutely have to learn it yourself - we won't do it for you. It's not THAT hard, just try it. You have an excellent documentation and a long FAQ that you can consult, and if you still got problems after reading them, you can always ask here in the forums or in our IRC channel.

Solutech · Post by **Solutech** » Fri Mar 04, 2005 12:08 pm

lynden wrote:he glined me and every one else he got admin rights for some reason even though i changed the password, any one know why it was so easy to hack

Hardly surprising with the uber complex password lol . Sorry but just looking at the operblock shows whoever set up the .conf knew about zilch .

Code: Select all

oper lynden {
	class           clients;
	from {
		userhost *@*;
	};
	password "pass";
	flags "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";

Firstly thats the old flag style not the new one thats more descriptive ie

can_gzline
can_globalkill

Secondly using every letter is just plain dumb and lazy . A lot of flags will give you the same rights as other flags . For example Netadmin (N) will give you the following flags . (O) Global , (N) Netadmin (a) Services Admin and (A) Admin flags .

What the guy has done is give you a plain vanilla config .

Pass as a password is just stupid its on the list of most used passwords .

As for the rest of the config ......

Code: Select all

set {
	network-name 		"F34R";
	default-server 		"irc.suckmydick.net";
	services-server 	"set.this.here.for.services.to.work.fag";
	stats-server 		"stats.suckit.com";
	help-channel 		"#YOURGFGIVESGOODHEAD";
	hiddenhost-prefix	"pwnd";

Guess the guy helped you to make you look stupid .

As stated above never ever let someone else config your server for you .

I would as suggested read the faq's and the docs rebuild your .conf and change your network names etc and keep the fool out of your server . If he does come in id gline him on sight .

Take this as a lesson learned but you have to learn how to do this yourself . If you dont how can you hope to admin a server if you dont even know how to set it up yourself .

Matridom · Post by **Matridom** » Fri Mar 04, 2005 1:35 pm

looks like he left himself a back door if he get's banned

Code: Select all

except ban {
	/* don't ban stskeeps */
	mask           *stskeeps@212.*;
};

and more stuff to make it harder to ban him

Code: Select all

vhost {
	vhost           i.hate.microsefrs.com;
	from {
		userhost       *@*.image.dk;
	};
	login           stskeeps;
	password        moocowsrulemyworld;
};

like stated above, you let him do this. I would scrap this file and learn how to make your own one.

White_Magic · Post by **White_Magic** » Fri Mar 04, 2005 1:58 pm

yeah i agree, just kill your server off and then wipe out everything except the ME block and do the rest from scratch, i also suggest you learn to use the " MKPASSWD " command for ur opers / passwords

***** Mkpasswd *****
-
This command will Encrypt the string it has been given
So you can add it directly to the unrealircd.conf if you use
Encrypted passwords. Type can be crypt, sha1, or md5. Sha1
and md5 are only available when compiled with SSL support.
-
Syntax: MKPASSWD <method> <password>
Example: MKPASSWD crypt mpsare

Dukat · Post by **Dukat** » Fri Mar 04, 2005 4:25 pm

Matridom wrote:looks like he left himself a back door if he get's banned
Code: Select all
except ban {
	/* don't ban stskeeps */
	mask           *stskeeps@212.*;
};
and more stuff to make it harder to ban him
Code: Select all
vhost {
	vhost           i.hate.microsefrs.com;
	from {
		userhost       *@*.image.dk;
	};
	login           stskeeps;
	password        moocowsrulemyworld;
};

These two are from the original example.conf... His "friend" just didn't remove it.
(/me wonders on how many servers out there stskeeps has an except ban and a vhost block...

)

Matridom · Post by **Matridom** » Fri Mar 04, 2005 5:03 pm

Dukat wrote:
Matridom wrote:looks like he left himself a back door if he get's banned
Code: Select all
except ban {
	/* don't ban stskeeps */
	mask           *stskeeps@212.*;
};
and more stuff to make it harder to ban him
Code: Select all
vhost {
	vhost           i.hate.microsefrs.com;
	from {
		userhost       *@*.image.dk;
	};
	login           stskeeps;
	password        moocowsrulemyworld;
};
These two are from the original example.conf... His "friend" just didn't remove it.
(/me wonders on how many servers out there stskeeps has an except ban and a vhost block... )

My bad. I've not looked at the example in over a year. I wrote mine from scratch and use the documentation to keep things up to date.

Post by **Syzop** » Mon Mar 07, 2005 9:05 pm

[moderator: 'software caused connection abort'-issue split to here]

UnrealIRCd Forums

Need To Update Config // Hacked

Need To Update Config // Hacked

Re: Need To Update Config // Hacked

Re: Need To Update Config // Hacked