Garry's Mod

Garry's Mod

51 ratings
Backdoor Shield - For Servers
   
Award
Favorite
Favorited
Unfavorite
Content Type: Addon
Addon Type: Tool
Addon Tags: Fun, Roleplay
File Size
Posted
Updated
0.119 MB
Aug 30, 2020 @ 6:41pm
May 12 @ 12:03am
6 Change Notes ( view )

Subscribe to download
Backdoor Shield - For Servers

In 1 collection by Xalalau
Brasil - Supremacia
105 items
Description


Protect your GMod servers against backdoors!

Block, find, investigate and remove them.

Incompatibilities
  • DO-NOT-USE this addon on servers with paid mods!!!! Many of them have complex DRMs, which in most cases get detected and blocked. This can lead to serious authentication problems and even license loss! If you suspect that your addons are infected, run them along Backdoor Shield in a clean server/GMod instance!

  • Avoid addons that set their own environment because they can break, like:

Also, consider Backdoor Shield as W.I.P! Know that I don't intend to add fancy features or even make this addon user friendly, this project is a hobbyist experiment.

HOW TO USE

There are 2 operation modes in this addon: real-time detection and file scanner.

All detections are based on prohibited function call combinations or on very suspicious terms encountered when scanning "texts". Unfortunately Lua knowledge is required to understand the logs.

Real-time detection really is what it says it is, something that executes by itself while other addons are running.



But the file scanner is manual, so you have to open the console and run commands. It's advisable that this is done on a dedicated server or in lan mode, as in singleplayer the game will practically freeze until the scan ends.

OK. So it's possible to search for threats in common GMod locations and files using this one:
bs_scan

And for a complete scan, able to read all GMod mounted folders and extensions, there's also:
bs_scan_full

Note that both commands accept paths as arguments, so it's possible to do a targeted scan. E.g:

bs_scan "/addons"
bs_scan "/addons/MyAddon1" "/addons/MyAddon2" "/lua"


(The numbers under the detected items are the lines where they are located in the file)

However, there are some inaccessible definition files to control both the real-time detection and the file scanner, completely locked for security reasons. To access them, you need to extract the addon or to use the GitHub version[github.com]:

More info

To see detailed information about the addon, including a list of features, how to install, where are the configurations, how to use, how to read logs and even a simplified demonstration of a backdoor decoding, go to the GitHub page:


Don't worry about your security so much

Despite all the detections I made and demonstrated in the screenshots above, I was running my tests on a list of almost 600 addons downloaded from random internet forums. This type of pirated or obscure content is highly targeted and it's usually very difficult to find them here. People who upload malicious addons to the workshop are heavily attacked by the community as soon as they're discovered, so few have the audacity[github.com].

Anyway

I spent many hours of my free time learning more Lua, researching backdoors and writing code, now it's all realeased for free. I like the idea of "fighting" some malicious code thing that in theory use unusual tactics to trick the game and other developers. Even though backdoors do wrong things, they have a lot insteresting stuff that in and of themselves are not bad at all.

Anyway, this is probably already the "final form" of Backdoor Shield. You know... The target audience is very small and probably made up of pirates. Just buy the addons, folks... Also, I don't like to conflict with DRMs, they use so many tactics in common with backdoors and don't like to see me detouring functions.

Lastly, here are some snippets I deobfuscated[gmbrblog.blogspot.com], if you are interested. But it's all in Portuguese.

Enjoy! =D
< >
24 Comments
W00shy Oct 19 @ 1:15pm 
my "e" thats my use key won't work when I have this installed
Watchful Jun 27 @ 3:01pm 
It seems that the realtime protection keeps blocking itself from making an http request?
bob May 29 @ 9:07pm 
sorry, it does work. I think it would be best if you clarified that it only works when the server is running, because I was expecting it to work from the main menu. thanks for the mod btw
Xalalau  [author] May 29 @ 11:12am 
I don't know what could have gone wrong, it's all right here
https://i.imgur.com/gkri41H.png
Let me know if any errors occur.
bob May 22 @ 2:18pm 
I've installed this but the bs_scan and bs_scan_full aren't registered
Xalalau  [author] May 11 @ 11:11pm 
Update released, it has everything that was missing.
btw, can you add list of ignore some files or folders even if files have backdoors?
Xalalau  [author] May 5 @ 5:04pm 
Hi, sorry for the delay in answering. Unfortunately, the current version (1.8) was left incomplete, so some lists don't fully work. The good news is that now is a good time for me to deliver all the planned features, this addon is too powerful to stay as it is.
whitelist of files or folders not works.
Isaac Jan 5 @ 3:37pm 
Pretty cool addon, hope it lends a hand against a backdoor we have