[[ TL;DR ]]BE CAREFUL OF WHAT SERVERS YOU JOIN! TRY NOT TO JOIN RANDOM SERVE

1. [[ TL;DR ]]
2.  
3. BE CAREFUL OF WHAT SERVERS YOU JOIN! TRY NOT TO JOIN RANDOM SERVERS.
4. 9:18 PM - Sloth - Reinstalling GMod: Mr. Brightside: Do not join random GMod servers unless you know the owner, there's a legit GMod exploit that allows someone to download a DLL or EXE and run it on your PC. It's been so far used to spam peoples steam chats and steal passwords from servers and files from players.
5.  
6.  
7.  
8. Friday, April 18, 2014
9. 9:19 PM - CakeZ: Whats this about exploits?
10. 9:20 PM - Mr. Brightside: Wow, who did you hear it from?
11. 9:20 PM - CakeZ: Sloth.
12. 9:20 PM - Mr. Brightside: Yeah, it's true.
13. 9:20 PM - Mr. Brightside: ANYONE (not the owner) can exploit (I know how to now) and make the server download a file to steal its password and can also make the players download a file (DLL and EXE)
14. 9:21 PM - CakeZ: And this is something being employed primarily on RP servers? Or all around.
15. 9:21 PM - Mr. Brightside: All around
16. 9:22 PM - CakeZ: Mind if I share this with a few people?
17. 9:22 PM - CakeZ: So some guy's hopping around, using something to send things to users? They don't need access to the server files or anything/.
18. 9:22 PM - CakeZ: ?
19. 9:22 PM - Mr. Brightside: YEah
20. 9:23 PM - CakeZ: Sounds shitty. I'll let this community know.
21. 9:25 PM - CakeZ: They're doubtful, wanting to know how this is possible.
22. 9:25 PM - Mr. Brightside: Well if I tell you how it works, you'd be able to do it.
23. 9:26 PM - CakeZ: Just a gist or rundown. That's all they want.
24. 9:27 PM - Mr. Brightside: Basically, they go on your server and can upload a file using the exploit. Your server then runs the DLL file which sends them your rcon password or anything they want from the server hard drive. They're also sending the same file to the players on the server, and then making them run the DLL or EXE. It's set to delete itself after 10 hours, I don't know what things are in the downloaded file, but I know it's not good.
25. 9:28 PM - CakeZ: So how did you come across this?
26. 9:28 PM - Mr. Brightside: Snippet of serverside code:
27. (cakez was told not to include this bit, someone with knowledge of script/code could use this to recreate it)
28. 9:29 PM - CakeZ: Spooky.
29. 9:29 PM - CakeZ: Think its fine if people get this chatlog?
30. 9:29 PM - Mr. Brightside: Keep out the last part
31. 9:29 PM - CakeZ: Alright.
32. 9:29 PM - Mr. Brightside: Even that snippet of code has some of the exploit in
33. 9:30 PM - CakeZ: Welp.
34. 9:30 PM - CakeZ: This isn't good.