Garry's Mod

Garry's Mod

37 ratings
Backdoor Shield - For Servers
   
Award
Favorite
Favorited
Unfavorite
Content Type: Addon
Addon Type: Tool
Addon Tags: Fun, Roleplay
File Size
Posted
Updated
0.048 MB
Aug 30, 2020 @ 6:41pm
Mar 12 @ 11:24pm
4 Change Notes ( view )

Subscribe to download
Backdoor Shield - For Servers

In 1 collection by Xalalau
Brasil - Supremacia
100 items
Description


Protect your GMod servers against backdoors!

Block, find, investigate and remove them.

!!! WARNING !!!

DO-NOT-USE this addon on a server with paid mods!!!! Many of them have DRM. In some cases they'll only be blocked, in others you may lose your license and you'll have to recover it by support!

If you suspect that your free addons are causing problems, run them with Backdoor Shield in a separate instance! After cleaning up, go back to your main server in an orderly manner!

This software is distributed under the MIT license and I'm not responsible for any loss.

Also, consider that this addon just gives you an extra layer of security! You'll be able to scan your files and avoid a series of unwanted executions, but don't think that it'll get you out of all troubles!

Definition

"a backdoor refers to any method by which authorized and unauthorized users are able to get around normal security measures and gain high level user access (aka root access) on a computer system, network, or software application. Once they're in, cybercriminals can use a backdoor to steal personal and financial data, install additional malware, and hijack devices."
--- Text copied from Malwarebytes

Theses things can cause real damage, I've even seen a "hacker" deleting lua files (maybe he got FTP access through a SQL table, maybe he was using a C++ library, I don't know), so it's certainly very problematic to have a backdoor lying around on your server. To make matters worse, often you are dealing with entire groups with pre-made control panels using complex functions (see the video attached above) that apparently share the invasion routes internally with customers.

HOW TO USE

The security is performed by manually ​scanning files or dealing with automatically blocked executions and warnings. This can be done by a person with little technical knowledge but it’s a noticeably easier task for programmers.

Instructions for use are on GitHub: github.com/Xalalau/backdoor-shield

It's HIGHLY RECOMMENDED that you download and use the addon from GitHub, because this one in the workshop won't allow you to touch the definitions (like whitelists) or the settings! For security, I didn't make them available through any interface!

Also, consider Backdoor Shield as W.I.P., and know that I don't intend to work on it too much or give support to people who are having backdoor problems. This project is a hobbyist experiment.

Don't worry too much

If you only use apparently safe content, don't worry too much. Addons from the workshop have a much better track record than addons downloaded from the internet, which can be confirmed by my detections having occurred only in files obtained in forums. I downloaded them on purpose and I guarantee it was a lot of fun to hunt down and decode these malicious snippets.

Anyway

In my free time I spent about one week learning more about Lua, two researching backdoors and writing this addon and now it's realeased for free. Probably I'm not going to do anything very fancy here anymore because 1) this addon is for a very small public; 2) it'd be a total pain to make it a complete solution; 3) I'd have to make a war against DRMs, which pirates could take advantage of.

But, honestly, I was a little shocked to find that there are sites dedicated to GMod backdoors in a customer service approach... and many of the ones I saw are French - Why?

Kudos to my friends for all the times, help and tests! We even set traps to see what the invaders would do.

Here are some backdoors that I deobfuscated: http://gmbrblog.blogspot.com/2020/08/descodificando-um-backdoor-de-gmod.html

Enjoy! =D
< >
15 Comments
Xalalau  [author] Jun 22 @ 4:28pm 
In singleplayer backdoors do nothing, you don't need to download.
ceifa Jun 22 @ 12:15pm 
backdoors are generally used to grief servers, if you only play singleplayer, you don't need to worry
idiot Feb 27 @ 8:34am 
it works
idiot Feb 27 @ 8:33am 
i downloaded it
Xalalau  [author] Feb 27 @ 7:19am 
Do you need It?
idiot Feb 27 @ 6:11am 
should i download?
Yoh Sep 11, 2020 @ 11:51am 
This sounds like a good protection for some people :steamhappy:, I just hope people don't try to create a drama between SNTE / CPE and this script like "which is the most effective" :steamfacepalm:.
free Sep 1, 2020 @ 10:37pm 
Regardless of VCMod compatibility, I think this is great and will be useful to players. Thanks for making this.
free Sep 1, 2020 @ 10:36pm 
Sadly, due to the nature of solely lua based backdoor detector (essencially, check method origin, detour other methods and check inside info) it's unlikely. Unless you wish to whitelist certain calls based on origin.

As for your copy of VCMod, depends on what you were trying to do. It's a fully automated system, so most likely it detected a VCMod DRM bypass attempt.
Xalalau  [author] Sep 1, 2020 @ 8:45pm 
In the current state my addon works and is already interesting, but it could be much better and bigger, advancing to really powerful checks over time. I'm learning about GMod and Lua while making it, and I only released the code at this point because of the DRMs punishing me. Anyway, the project will not be abandoned, but it'll remain a hobby. If it ever passes the DRMs checks, it won't be because I tried, but because I have protected my environment well enough.

In fact, I'm very happy to have a comment from you and Liverus here! Probably someone showed you this page, but it's very significant for me to have done something that received interested comments from people recognized in the community. Thank you!