ATTN ADMINS: Possible Pluto Exploit/RCE???
-
I’ve had a few players reach out to me today about being doxxed in Bo2 plutonium game chat. I’m worried there may be a new exploit going around. The dox extends to IP, physical address, and plutonium log in information getting leaked in game chat by players also cheating.
All instances have happened in Americas servers. (The players came to me because I used to run the original Americas servers but they stole my server name months ago and I couldn’t get any help to correct the issue but that’s not important right now)
All I can think of it’s either an admin pulling IPs to access info on players or worse, there is a new exploit.
-
-
-
Update: someone reached out to me on Twitter saying they know about the exploit and is supposed to send me info on it later on today. Once I get the info I’ll pass it to the Pluto admins.
️
-
Thank you for your dedicating hard work for our safety
-
GhostRider0125 no problem at all. We all love pluto and the older cods, hopefully once I get sent the info it’s something easily correctable
️
-
Update:
I have an update but it’s not a good one. From what I’ve been told there is an injectable exploit that’s undetectable by pluto and what it does is send a ping to the server and it sends back all the info back to you in an encrypted format. And me and the person I’m working with that knows the tool thinks someone found out how to decrypt the information. They informed me the tool has been around for awhile but with the info being sent back being encrypted it wasn’t a threat. They will be home later this weekend/early next week and is gonna go through the tool and it’s exe and see what can be done.
I’ll keep y’all updated on whatever we find out
️
-
Sheik thanks for the detailed information, hope it gets patched quickly
-
Everything has been sorted and no need to worry about plutonium security issues.
️ thank you to the Pluto team for getting it sorted.
-
thought pluto would end like the very same way lbp custom servers did, oh thank god it didnt.