[WARNING] Do not share server crash dumps

Never share server crash/memory dumps on the forums or with anyone you don’t trust.

It’s shocking to me how even some FiveM devs in the past have asked you to post your crash dumps, and they had no problem with you posting them on the forum publicly.

Here’s what a server crash dump contains:

  • All the passwords used by your server (MySQL, etc…)
  • Your sv_LicenseKey (cfxk), giving someone free access to all your paid resources, and impersonating you
  • Other secret keys, such as Tebex and Steam
  • Your Discord webhooks if any (your channels could be spammed with ads or NSFW content)
  • Virtually all the sensitive info you can think of: if it’s in the memory of the server program, then it’s in the crash dump, and it can be found in it with simple tools such as Sysinternals Strings

Posting your crash dump is a really bad idea. Fortunately a friendly white hat hacker found mine and reported his findings to me.

Share with every server owner/developer you know before something bad happens to their servers.

1 Like

This isn’t entirely correct, to my knowledge, and overall only applies to server crash dumps, not clients - a client crash dump is generally safe to post and any remotely-identifiable stuff (like your Windows username etc) can be redacted easily.

Updated