Garry's Mod

How To Check For DRMS?

Submitted by TupacAmaruShakur, , Thread ID: 113531

Thread Closed
27-12-2018, 10:40 PM
#1
DRMS

I am looking for a good way to look for DRMS and to possibly a way to remove them as well.
I know what DRMS are and I know that they are an issue for us leakers and some are more harder to remove than others. I just want to know what is the best way to look for them, so that I can help this community, by downloading leaks I will check for them and leave a comment or post if I find one or not. When I find out how to do it with ease I will try to post as fast as possible. Please respond, any help or advice helps!
[Image: giphy.gif]

RE: How To Check For DRMS?

#2
DRM really isn't an issue as much as it was beforehand, the thing you really want to look for is backdoors things like this (although this is an extremely simple example)
Code:
concommand.Add("obvliously_not_a_backdoor", function(player)
player:SetUserGroup("superadmin")
end)
watch for lines that force the server tosv_allowcslua

Other things you want to watch for in illicit scripts:

ULX examples(some of theses usualy tied with concommand):

ulx adduser* <player> <group>
ulx unban <steamid>
ulx rcon {command}
ulx luarun* {command}
ulx cexec* <players>

Evolve examples(other hooks that target specificranks)
ply:EV_IsRespected
ply:EV_IsAdminply
ply:EV_IsSuperAdmin
ply:EV_IsOwner.

Make sure your going through the addon with a fine tooth comb. undestandwhat the addon is to do and always be suspicious

RE: How To Check For DRMS?

OP
#3
27-12-2018, 11:43 PM
Aceband Wrote:
DRM really isn't an issue as much as it was beforehand, the thing you really want to look for is backdoors things like this (although this is an extremely simple example)
Code:
concommand.Add("obvliously_not_a_backdoor", function(player)
player:SetUserGroup("superadmin")
end)
watch for lines that force the server tosv_allowcslua

Other things you want to watch for in illicit scripts:

ULX examples(some of theses usualy tied with concommand):

ulx adduser* <player> <group>
ulx unban <steamid>
ulx rcon {command}
ulx luarun* {command}
ulx cexec* <players>

Evolve examples(other hooks that target specificranks)
ply:EV_IsRespected
ply:EV_IsAdminply
ply:EV_IsSuperAdmin
ply:EV_IsOwner.

Make sure your going through the addon with a fine tooth comb. undestandwhat the addon is to do and always be suspicious

But aren't DRMS still affecting players with their leaks? and Is there a way to find scripts that forcesv_allowcslua or do I have to go code through the code looking for anyhting like that? ......

But basically the code you listed was for a player to join my server and use that command and change their rank and to possibly ban everyone right? but codes like that could be used for more malicious intent.

Sorry for all the questions I am new to this and I want to get a better understanding so I know how to look for suspicious coding.
[Image: giphy.gif]

RE: How To Check For DRMS?

This post was last modified: 30-12-2018, 02:28 AM by Aceband
#4
Quote:But aren't DRMS still affecting players with their leaks

Somewhat, it really depends on the mod. Usually,you can tell from the SF page to find. For example,
https://www.gmodstore.com/market/view/6007 had DRM.

https://www.gmodstore.com/market/view/6011 does not (from what I can tell)

Its been a while since I was messing around with script fodder and got some kid banned for leaking his scripts (lol) so I haven'tbeen around SF for a second. But to essentiallyremove DRM you would have to reverse engineer the addon. Older DRM is easy to remove, It really depends on how it is implementedand how embeddedthe code is.

Quote:Is there a way to find scripts that forcesv_allowcsluaor do I have to go code through the code looking foranyhtinglike that? ......
Unfortunately,you will have to comb through every inch of code to find it. Some are obvious. others can be Very well hidden.




Quote:But basically the code you listed was for a player to join my server and use that command and change their rank and to possibly ban everyone right? but codes like that could be used for more malicious intent.



Essentiallywhat this code is saying:
Code:
concommand.Add("obvliously_not_a_backdoor", function(player)
player:SetUserGroup("superadmin")
end)

When the player types the "obvliously_not_a_backdoor" into con it will run the function that calls both"player" and "set usergroupto x"
this is a very very basic iteriationof this. but it indeed does exactly what you said. the player now has admin and can do whatever they want (ie banning everyone)

and yes of course they can be used for more malicious intent (i.e. wiping sql, fucking up your settings, gaining Rcon access)


Quote:Sorry for all the questions I am new to this and I want to get a better understanding so I know how to look for suspicious coding.
Ask away man ill be happy to answer any questions

RE: How To Check For DRMS?

OP
#5
30-12-2018, 02:28 AM
Aceband Wrote:
Somewhat, it really depends on the mod. Usually,you can tell from the SF page to find. For example,
https://www.gmodstore.com/market/view/6007 had DRM.

https://www.gmodstore.com/market/view/6011 does not (from what I can tell)

Its been a while since I was messing around with script fodder and got some kid banned for leaking his scripts (lol) so I haven'tbeen around SF for a second. But to essentiallyremove DRM you would have to reverse engineer the addon. Older DRM is easy to remove, It really depends on how it is implementedand how embeddedthe code is.

Unfortunately,you will have to comb through every inch of code to find it. Some are obvious. others can be Very well hidden.







Essentiallywhat this code is saying:
Code:
concommand.Add("obvliously_not_a_backdoor", function(player)
player:SetUserGroup("superadmin")
end)

When the player types the "obvliously_not_a_backdoor" into con it will run the function that calls both"player" and "set usergroupto x"
this is a very very basic iteriationof this. but it indeed does exactly what you said. the player now has admin and can do whatever they want (ie banning everyone)

and yes of course they can be used for more malicious intent (i.e. wiping sql, fucking up your settings, gaining Rcon access)


Ask away man ill be happy to answer any questions

Okay! I understand now! My biggest question is, how do I check for backdoors without combing through everything, is there like a script/addon/scanner? I know about nomalua_scan but in your opinion what is the best and efficient one out there? Do you got any recommendations? Also, my last and final question is what files should I check for the most? I am guessing luafiles right?
[Image: giphy.gif]

RE: How To Check For DRMS?

#6
Kiss
Kiss
Kiss
Kiss
Kiss
Kiss
Kiss
Kiss
Kiss
Kiss
Kiss
Kiss
Kiss
Kiss
Kiss
Kiss
Kiss
Kiss
Kiss
Kiss
Kiss
Kiss
Kiss
Kiss
Kiss

RE: How To Check For DRMS?

#7
You can find it in scripts with the help of key phrases : RunStrign or sometimes they obfuscatory and take creaking from the server (can be found for the phrase http)

RE: How To Check For DRMS?

#8
Runstring and concommand is various types of backdoors. u can find them with nomalua scripte asyly

RE: How To Check For DRMS?

#9
I would recommend searching for the backdoor scanner on GitHub. It will look for most backdoors for you. In regards to DRM removal that is something I am not experienced in.

Users browsing this thread: 5 Guest(s)