Invalid Password in Console

ItzBlakeBro · 2019-04-27T01:10:09.050Z

@Lith You really honestly even need to worry about that, so long as you have a secure password for rcon or disable it, you are good to go, they are literally wasting there time. Think of you winning in the situation!

SanAndreasRepublic · 2019-04-27T01:15:06.532Z

Definitely not vMenu. My server’s not using it, and we’re getting the error. It’s clearly just someone going server-to-server, trying to guess passwords, probably finding them via the server bazaar.

ItzBlakeBro · 2019-04-27T01:20:49.494Z

You can get a list of all servers, IP’s and more from a public FiveM API, it is what it is, script kiddies have no life, so they brute force, and succeed sadly, and keeps them going. Probably will die down in a few days. To make it clear, it’s not FiveM’s fault, but the API allows them to grab IP’s & ports, which obviously is what you need for rcon, from there, the brute force begins. Just use a secure password and you’re good to go!

Yaukz_Zkuay · 2019-04-27T01:31:25.701Z

Does someone trying to bruteforce affects my server performance?

schwim · 2019-04-27T01:32:47.272Z

No it does not.

ItzBlakeBro · 2019-04-27T01:33:45.551Z

Second this, I’ve literally had NO performance impact, just a cluttered console output, which I can live with.

_7rk · 2019-04-27T01:54:57.136Z

Just changed the rcon password to a 20chars one and seems to stop the thing

driftonez · 2019-04-27T02:50:55.266Z

fewh glad im not the only one having this issue, i was the middle of putting in a few scripts then it started freaking out.

wira_satria_agung · 2019-04-27T05:51:25.626Z

Happen in my server too…
And make hitch warning over 4000

Cat_on_Lap · 2019-04-27T07:08:12.653Z

good thing no ones ever gonna guess bishlasagna… dammit!

grizzlyrp.com · 2019-04-27T14:12:44.008Z

I’m getting same issue on my servers.

grizzlyrp.com · 2019-04-27T14:14:08.354Z

This is why I switched to a host with DDoS protection and my server has a 10Gbps connection, so good luck ddosing it lol. Don’t think any of the script kiddies on fivem can take it down.

schwim · 2019-04-27T14:23:23.757Z

It’s not a DDOS( distributed denial of service attack ). It’s an attempt to brute force an rcon password as has been mentioned something like 20 times in this thread now. A dial-up connection could handle the throughput this attack is requiring.

grizzlyrp.com · 2019-04-27T14:36:00.170Z

Didn’t say it was. He was saying his server was getting DDoSed as well, so thats why I said that…

volkan_malgir · 2019-04-27T15:30:26.001Z

How Fix Problems ?

ItzBlakeBro · 2019-04-27T16:07:41.145Z

t3dtg:

This is why I switched to a host with DDoS protection and my server has a 10Gbps connection, so good luck ddosing it lol. Don’t think any of the script kiddies on fivem can take it down.

I also have a 10Gbps second port, the connection speed alone, won’t stop someone from attacking you, and since I run Linux I was able to mititage the DDoS attack that I received swifty through iptables. If only my company would do more lol, we are switching to another host when our billing period is up. Null routing IP’s is a “easy” way to fix someone getting DDoS attacked, and for them to not do something useful. Oh well.

volkan_malgir:

How Fix Problems ?

There are no problems to fix, reading up, there is nothing you can do except have a secure rcon password, or disable rcon.

ET7970 · 2019-04-27T20:26:34.433Z

yea it just started over here now

Zerman · 2019-04-27T20:42:52.503Z

Me to guys Zap hosting after every restart and sometimes can’t join server is says vrp indentification error then i sometimes i return home i see server is closed. I also get massive invalid password and i have DDOS manager but the same thing server closes randomly.

tkco · 2019-05-01T03:46:20.348Z

blah blah blah its a bruteforce attack here you go

[WARNING] RCON Exploit - Compromising a Machine Server Tutorials

Hi there and thanks very much for the indepth explanation of what can be done with a known rcon password on a Windows machine. I have a question, all things being the same(known rcon password), can I ask what the risks are if this is on a linux machine. Are the repercussions the same, less or more?

ItzBlakeBro · 2019-05-01T03:58:04.597Z

Wow, Good find! Yeet. LOL that Topic though. It’s been established that this is a brute force. Secure your password, move on. Enjoy.

Bad management of group policy on VPS machines
Running your FiveM server off of the root(linux) or account within the Administrator localgroup on your windows machine

So what if it’s not a VPS? Even if you run your server off of “root(linux)” how can they gain access through rcon? Again, SECURE or DISABLE your rcon password and life is great. Let them waste their time.

That topic doesn’t even talk about brute force.