main
.news
.about
files
.downloads
.nightly builds
.plugins
tools
.compiler
.bugs/requests
.addon stats v2!
.pastebin
.game-monitor
community
.forums
.irc
help
.doc
.functions
who
.affiliates
.link us
.credits
hosted
.uaio
.wc3mods
.superhero
.war3x
.war3ft
.amxbans
|
| Security Exploit in UAIO Binary |
Jan 28, 2008 10:14 |
It has recently come to our attention that there is an exploited copy of the "UAIO" (Ultimate All-In-One) Plugin being distributed in the wild. It is a special build of UAIO that does not match the original source code, and has been hand-crafted such that any user knowing a secret command can become an administrator.
This incident involves a malicious copy of UAIO that has a secret backdoor. UAIO and AMX Mod X are otherwise normally secure.
In order to protect our users we have released a tool to check your copy of UAIO:
http://www.amxmodx.org/uaio_check.cgi
Simply upload your uaio_admin.amxx file and it will tell you whether it has the exploit. Game Service Providers (GSPs) should check their client's installations.
UPDATE: We have traced this issue to the original UAIO author Robert J. Secord ("xeroblood," "SystemWisdom"), who had been distributing malicious binaries, probably so he could backdoor any server using his plugin. UAIO is currently maintained by Xanimos and thus its binaries are now safe! However, if you find any other software distributed by this person, I would think twice before using it. He clearly cannot be trusted.
This type of abuse is beyond unscrupulous. Under no circumstances is it ever acceptable to post exploited or backdoored binaries on our forums.
Additionally, we have collected a Steam ID of someone that has been using this exploit in the wild. I'm listing them and server operators in the community can decide if they want to blacklist them or not:
STEAM_0:0:13428340
If you have further questions, please do not hesitate to post them here. Obviously, if you post the actual exploit here, or publicly post any copies of the infected binary, you will be permanently banned.
I would like to thank sawce for finding the exploit, which was no easy task. I would also like to thank Roach who kept this issue alive despite naysaying from yours truly.
Thanks for your support. |
| .: by BAILOPAN |
| Pawn Studio 0.8.3 is out! |
Dec 24, 2007 05:25 |
Hello everyone!
I'm glad to say that Pawn Studio 0.8.3 has finally been released under the GPL 2! It is a completely new, rewritten IDE for Pawn that supports AMX Mod X, SourceMod and other Pawn versions. It has an improved IntelliSense (ClamSense) that allows you to write scripts more easily using the new auto-completition, call tips and other various, new features. It has also become a lot faster and more reliable than the old AMXX-Studio so it's definitely worth upgrading.
The new Pawn Studio comes with a completely new template system as well so you can create custom templates and share them. If you want me to add your new template to the official release or if just you find a bug in it, feel free to PM me.
If you want to give it a try, you can download it at http://sourceforge.net/projects/pawnstudio. I'd also like to thank Roach and vvg125 for their continuous beta-testing; without them I wouldn't have managed to make it as nice as it is now.
Merry christmas everyone, I hope you like this new editor. Feedback and donations are welcome. |
| .: by Basic-Master |
| AMX Mod X 1.8.0 Released! |
Oct 25, 2007 22:32 |
I am proud to announce that AMX Mod X 1.8.0 is now released! This is a huge update, adding many features and fixing plenty of bugs.
For starters, admin and map limits are now completely dynamic. Command access flags can be changed without modifying plugin code. Plugin writers can now use dynamic arrays, and have a very powerful new "Ham Sandwich" module for hooking tons of private entity functions.
Links:
>> Downloads
>> Upgrading
>> Changelog
Plugins, as always, remain fully backwards compatible (except in one rare case for War3FT 3.0 Beta, noted in the changelog overview).
AMX Mod X 1.8.0 has been thoroughly beta tested, and has been running on over 250 servers, without complaint, for weeks. However, if you do discover a bug, please file one here rather than posting in the forums.
The web compiler will be updated in one to two weeks, followed by an announcement to notify everyone.
I would like to thank sawce, demigod and author of most additions to AMX Mod X 1.8, as well as recent promotions to the moderation/approval team: Roach, Hawk552, and Zenith77. |
| .: by BAILOPAN |
| AMX Mod X Nightly Builds, 1.8.0 Beta |
Aug 16, 2007 23:25 |
We're taking a bit of a detour with AMX Mod X 1.8.0 and doing a public beta for a few weeks before releasing it as stable. To celebrate this glorious announcement, we've brought back automated nightly builds -- and this time, they're not going away.
You can download AMX Mod X nightlies at: www.amxmodx.org/nightly.php
Changelog: http://wiki.alliedmods.net/AMX_Mod_X_1.8.0_Changes
Keep in mind, nightlies always constitute beta (or in future cases, even alpha) software. Do not run it on production servers unless you are interested in beta testing and providing helpful feedback about bugs. If you understand this, click here for upgrade instructions.
As we want to nail any bugs remaining in 1.8.0 as soon as possible, please post any problems you encounter on the bug tracker. If you're using 1.8.0, specify "trunk" as the version. As of right now, 1.8.0 is locked for all feature requests.
As always, plugins should remain fully backwards compatible (and if not, file a bug report).
Special thanks to sawce, architect of 1.8, whom I will be dolling out more awesome props to until 1.8.0 goes final! |
| .: by BAILOPAN |
| SourceMod is Beta |
Jun 08, 2007 03:23 |
It's been a long time since we've mentioned SourceMod on the AMX Mod X news; however, today we'd like to announce that SourceMod is now officially "beta."
SourceMod is a complete rewrite of AMX Mod X for the Half-Life 2 Platform. Have you ever wanted to experiment with Half-Life 2 coding? Are you interested in seeing the next "AMX Mod X" get built from the ground up? If so, now is a great time to start checking it out. The AlliedModders team has spent the past sixth months "redoing" AMX Mod X to fix all of those things that annoy people:
- New administrative model
- Dynamic loading/unloading of plugins and modules
- Autoloading of plugins, even from subfolders
- A rewritten Pawn engine which is much faster+better
- A better translation system
- An object oriented extension API with everything exposed to modules
- A very well documented native set, with conforming, easy to understand naming schemes
- A separate "string" tag, and passing functions as variables
- Dynamic arrays!
- An event and message system that lets you remove hooks
- "Pcvars" are the only way
- Actually unified SQL, including prepared statement support
- Much more flexible menu API
- Automatic access checks for commands, and automatic chat triggers
Interested in Half-Life 2 with SourceMod yet? For more information, check out http://www.sourcemod.net/, where you can find nightly builds, documentation, forums, and the SDK. Or hop on IRC (#sourcemod @ irc.gamesurge.net) to ask questions.
This concludes our somewhat shameless plug (it's a sister project, after all) ;) |
| .: by BAILOPAN |
|
