Welcome to Keen Software House Forums! Log in or Sign up to interact with the KSH community.
  1. Hello Guest!
    Welcome to the Bug Report forum, please make sure you search for your problem before posting here. If you post a duplicate (that you post the same issue while other people have already done that before) you will be given a warning point which can eventually lead into account limitations !

    Here you can find a guide on how to post a good bug report thread.
    Space Engineers version --- Medieval Engineers version
  2. You are currently browsing our forum as a guest. Create your own forum account to access all forum functionality.

[153] [DS] Stable - Every grid vanished on multiple servers within minutes of each other

Discussion in 'Bug Reports' started by demolish50, Oct 17, 2016.

Thread Status:
This last post in this thread was made more than 31 days old.
  1. demolish50 Senior Engineer

    Messages:
    1,434
    I highly believe this is a new exploit due to this happening to the three most populated servers all within 10 minutes of each other.

    Literally all the grids in the world just vanished. Forcing a saved yielded a much smaller world file. I restored from backup and within a few minutes it happened again. Got several reports from other servers as well that this just started occuring in the past few minutes.
     
  2. franky500 Trainee Engineer

    Messages:
    47
    Just happened here on Frankys.Space too, Sandbox_0_0_0.sbs file went down to a mere 450kb, (instead of 90mb), restored from a backup, Definately something to keep an eye on. Good Shout Demolish!
     
  3. gornyakmaniac Apprentice Engineer

    Messages:
    186
    This is because game don't check any hash sums except mods'. Somebody made modified Sandbox.Game.dll library and put it in free access, which gives access to Space Master for player even without any permissions.
     
    Last edited: Oct 17, 2016
  4. Foogs Apprentice Engineer

    Messages:
    123
    Checksum will not help (1 byte can be faked), it is necessary to make a list of administrators on the server side.
    And check the dangerous actions on the server: delete all grids / spawn planets / switch creative/ etc.
    Just add "If else" in the right places.
    Code:
    if (MySession.Static.HasPlayerAdminRights(MyEventContext.Current.Sender.Value)) //SERVER SIDE
    We need different functions for the server and the client. Player makes event and the server checks it,and do not apply if he could do it.
    And as I said .... you need to a better updates test, we do not live in a perfect world.:carlton:
    @I23I7 any response ?))
     
    Last edited: Oct 17, 2016
    • Like Like x 1
  5. Guillaume Trainee Engineer

    Messages:
    35
    Until this exploit fixed, MP Space Engineer is basically unplayable. Please, please fix this quickly.
     
  6. I23I7 ME Tester

    Messages:
    3,827
    Hey

    So the issue people messing with their DLL files and being hable to hack around the server admin rights correct? I have created a report and we will be treating this exploit and as soon as we have a fix we will get it to you. Keep in mind this will require a rework of the Space Master tool,but the problem for us that someone can modify their DLL file and gives it to our server.

    Bottom line. We are aware of the issue. A report with highest priority has been created.

    Thank you for understanding!
     
    • Like Like x 3
  7. demolish50 Senior Engineer

    Messages:
    1,434
    Thanks for the update, just fyi. They are spawning planets now on my server. I'd just assume hotfix something without the space master tool, or an option to turn it off, asap if it's going to be weeks. That might be impractical for all I know.
     
  8. franky500 Trainee Engineer

    Messages:
    47
    I agree, Even just being able to turn off space master all together would do short term.
     
  9. Hailedbean Trainee Engineer

    Messages:
    97
    Happened on TSV also last night....

    I had a few new players join in the 9pm-11pm EST time when this happened yesterday on my log. Is there another server owner that might want to compare our login/out logs to see if we have any mutual new players that might be causing issues?
     
  10. Foogs Apprentice Engineer

    Messages:
    123
    This does not close vulnerability.
     
    Last edited: Oct 18, 2016
  11. Hailedbean Trainee Engineer

    Messages:
    97
    I had a few new players join in the 9pm-11pm EST time when this happened yesterday on my log. Is there another serv
    No but it finds culprits. I suggest we keep exploits to ourselves. Possibly whitelist for the time being.
     
  12. demolish50 Senior Engineer

    Messages:
    1,434
    Really cute Foogs, real cute.
     
    • Friendly Friendly x 1
  13. franky500 Trainee Engineer

    Messages:
    47
    I Agree with this statement.
     
  14. NikolasMarch Junior Engineer

    Messages:
    927
    these people need to be found, and punished in some way!
     
  15. Hailedbean Trainee Engineer

    Messages:
    97
    Oh, don't worry he's right here, out in the open. Just look up.
     
  16. rexxar Senior Engineer

    Messages:
    1,532
    https://github.com/rexxar-tc/AntiHack/releases/tag/v1.0.0.3

    Boy have I got just the thing for you! A plugin to stop this attack!

    Unfortunately I don't have all the details on the attack, so I had to guess what needed to be fixed. I can't guarantee it will work until I get more information, but I stopped all the ways I know to delete a grid.
     
    • Like Like x 3
    • Friendly Friendly x 2
  17. I23I7 ME Tester

    Messages:
    3,827
    Thanks Rexxar as always the watchful knight we need but dont deserve :)
     
    • Like Like x 1
  18. gornyakmaniac Apprentice Engineer

    Messages:
    186
    This doesn't mean that you guys have no need to improve security of server side. Rexxar won't do it forever for free.
     
  19. Sanquira Trainee Engineer

    Messages:
    10
    Pasting planets is fixed. I'm working on it intensively.
     
    • Friendly Friendly x 3
  20. demolish50 Senior Engineer

    Messages:
    1,434
    Just a side note. I'm not sure what changed at Keen but I'm beginning to have hope again. After seeing several responses on the forums and interaction with the community it has given me renewed hope for this game.

    Thank you devs for taking this seriously. I doubt a year ago this thread would have even been responded too.
     
    • Agree Agree x 2
  21. Foogs Apprentice Engineer

    Messages:
    123
  22. I23I7 ME Tester

    Messages:
    3,827
    I was quoting dark knight. It was more a thank you to rexxar. In no way did i assume rexxar should work for us for free. Just a hearty thanks :)
     
  23. demolish50 Senior Engineer

    Messages:
    1,434
    About a year ago I had hacker on my server. In an effort to figure out how it was being done I replicated the method that is being used now, not the exact same hack but the same method of attack. Editing the source, changing the required things to allow me to connect to current servers, and then changing some of the bools to true that then allowed me to have admin rights. Then compiling and running. Of course it was only 32 bit and sucked but it worked. I don't think space master was a thing at the time but it gave access to SESE admin commands.

    I'm unsure personally if that method still works but based on what Foogs has figured out I'd say so.
     
    • Agree Agree x 2
  24. I23I7 ME Tester

    Messages:
    3,827
    Sad to hear but yes this is something that happens here and then with steam games. Reminds me of hacking NWN and Borderlands 2.
     
  25. X e r o Trainee Engineer

    Messages:
    81
    I have changed my server to group only (actually i'm not even sure this is DEV or only stable.) either way... Can't even check to see if this fixes it because people can't even spawn on my server LOL.
    anyway. ty to rexxar. make sure to set groups to private... bit of an annoyance but it'll have to work for now.
     
    • Like Like x 1
  26. I23I7 ME Tester

    Messages:
    3,827
    Right now the fix is halfway done. The programmer is working on the ctrl+x and pasting/removing of voxels otherwise everything else has been fixed up. As far as i am concerned i guess the fix should be out tomorrow or Friday.
     
    • Like Like x 2
    • Friendly Friendly x 2
  27. demolish50 Senior Engineer

    Messages:
    1,434
    I think they may be using the cleanup space master tool to make a bunch of grids trash and then removing them all at once.
     
  28. I23I7 ME Tester

    Messages:
    3,827
    The whole space master is being looked at even the cycling through grids and such.
     
  29. Sanquira Trainee Engineer

    Messages:
    10
    Well hacker is still able to turn on creative, but it will be only client sided with no influence to server. (No creative building, no clipboard operations.)
     
    • Friendly Friendly x 1
  30. NikolasMarch Junior Engineer

    Messages:
    927
    yes the trash removal system needs fixing since someone decided it was a good idea to make the game delete grids as you tick the tick boxes, without needing to press the 'delete trash' button which would confirm the combination of trash types.... (face-palm)
     
Thread Status:
This last post in this thread was made more than 31 days old.