Discord now has it so if you boost a server you can start a game server on it with your friends and it will do all of that shit for you. You can't do stuff like mods but if you're just the average chud who wants nitro it's pretty cool
This next update will be major bug fixes, RBAC 2.0, 100+ more tests and a ton of other shit. I've been working on this non stop and if you host Overlord for you and your friends or sell access to your own server this will give you MUCH more control options and features. Old clients SHOULD still be able to connect but I would be very hesitant about it. This will also be a major update so 1.8.X the first 1.8 is already out on the github but it's not this major update. I also did a major mac update (which is the 1.8 on the github).
❤3
1.8.1 is live.
New Features:
1.) Session management. View and revoke your active logins from settings. Admins can manage anyone's sessions.
2.) Per feature permissions. Admins can toggle access to console, RD, HVNC, webcam, files, processes, keylogger, and voice per user.
3.) Client event notifications. Get Discord, Telegram, or push alerts when clients connect, disconnect, or hit purgatory.
4.) Build ownership tracking. Clients now track who built them. Operators only see their own clients in purgatory.
5.) Notifications page changes for telegram and discord.
6.) Added IP to homepage.
7.) Added copy button to user ID.
Security:
1.) Webhooks can no longer be pointed at localhost or internal IPs.
2.) Feature access is now checked server-side before websocket connections open.
3.) Removed ability to set your own role on websocket connections.
4.) Session tokens are now hashed before being stored.
RBAC Changes:
1.) New `clients:enroll` permission for managing purgatory.
2.) Operators can now view audit logs.
3.) Operators can now manage enrollment.
4.) Enrollment routes use proper permission checks now.
5.) Audit logs are scoped to clients you have access to.
Fixes:
1.) Fixed remote console on Linux/Mac showing "Connecting" while it was working.
2.) Fixed purgatory not working for non-admin users.
3.) Fixed login page redirect loop.
4.) Fixed disconnect animation playing when disconnecting a single client.
5.) Fixed macOS elevate button not showing.
6.) Fixed remote desktop showing "offline" during elevation reconnect.
7.) Fixed WinRE button showing on non-Windows clients.
8.) Fixed allowlist users seeing no clients.
9.) Fixed issue where you couldn't search for a users nickname.
Changes:
1.) Updated README with macOS/Windows Docker instructions.
2.) Settings page styling cleanup.
3.) Operators can only bulk manage clients they built.
I also got through most tickets today. If something else gets fucked up lmk.
If anything gets fucked up lmk. Dm @KTicketsBot to make a ticket
I'm a fucking machine
New Features:
1.) Session management. View and revoke your active logins from settings. Admins can manage anyone's sessions.
2.) Per feature permissions. Admins can toggle access to console, RD, HVNC, webcam, files, processes, keylogger, and voice per user.
3.) Client event notifications. Get Discord, Telegram, or push alerts when clients connect, disconnect, or hit purgatory.
4.) Build ownership tracking. Clients now track who built them. Operators only see their own clients in purgatory.
5.) Notifications page changes for telegram and discord.
6.) Added IP to homepage.
7.) Added copy button to user ID.
Security:
1.) Webhooks can no longer be pointed at localhost or internal IPs.
2.) Feature access is now checked server-side before websocket connections open.
3.) Removed ability to set your own role on websocket connections.
4.) Session tokens are now hashed before being stored.
RBAC Changes:
1.) New `clients:enroll` permission for managing purgatory.
2.) Operators can now view audit logs.
3.) Operators can now manage enrollment.
4.) Enrollment routes use proper permission checks now.
5.) Audit logs are scoped to clients you have access to.
Fixes:
1.) Fixed remote console on Linux/Mac showing "Connecting" while it was working.
2.) Fixed purgatory not working for non-admin users.
3.) Fixed login page redirect loop.
4.) Fixed disconnect animation playing when disconnecting a single client.
5.) Fixed macOS elevate button not showing.
6.) Fixed remote desktop showing "offline" during elevation reconnect.
7.) Fixed WinRE button showing on non-Windows clients.
8.) Fixed allowlist users seeing no clients.
9.) Fixed issue where you couldn't search for a users nickname.
Changes:
1.) Updated README with macOS/Windows Docker instructions.
2.) Settings page styling cleanup.
3.) Operators can only bulk manage clients they built.
I also got through most tickets today. If something else gets fucked up lmk.
If anything gets fucked up lmk. Dm @KTicketsBot to make a ticket
I'm a fucking machine
13❤26
😭3
1.8.2 is live in 2 mins.
New Features:
1.) Remove inactive sessions. Clear expired/revoked sessions from settings with one click.
2.) Admin build overview. Admins can toggle between viewing their own builds or all builds across users.
3.) Build limit enforcement. Max 10 builds stored per user. Oldest build is auto-deleted when the limit is hit.
4.) Build stream reconnection. If you lose connection during a build, the UI will automatically reconnect and recover the result instead of showing a network error.
Fixes:
1.) Fixed operators not seeing clients after admin approval. When an admin approves a client from purgatory, the build owner operator now gets access automatically.
2.) Fixed operator metrics showing global stats instead of only their own clients.
3.) Fixed session timestamps showing as 1970 dates in settings.
4.) Fixed builder output filename persisting after leaving the page.
5.) Removed wss:// prefix from the builder server URL field so it's cleaner and easier to understand.
If anything gets fucked up lmk. Dm @KTicketsBot to make a ticket
New Features:
1.) Remove inactive sessions. Clear expired/revoked sessions from settings with one click.
2.) Admin build overview. Admins can toggle between viewing their own builds or all builds across users.
3.) Build limit enforcement. Max 10 builds stored per user. Oldest build is auto-deleted when the limit is hit.
4.) Build stream reconnection. If you lose connection during a build, the UI will automatically reconnect and recover the result instead of showing a network error.
Fixes:
1.) Fixed operators not seeing clients after admin approval. When an admin approves a client from purgatory, the build owner operator now gets access automatically.
2.) Fixed operator metrics showing global stats instead of only their own clients.
3.) Fixed session timestamps showing as 1970 dates in settings.
4.) Fixed builder output filename persisting after leaving the page.
5.) Removed wss:// prefix from the builder server URL field so it's cleaner and easier to understand.
If anything gets fucked up lmk. Dm @KTicketsBot to make a ticket
❤5🔥1
Iran blockade? Crypto plummets.
US blockade? Crypto skyrockets.
How.
US blockade? Crypto skyrockets.
How.
❤5🔥2
I have a question for all of you as well. Where should I ad overlord? Currently all I post on is HF but Ik damn well there are more forums. There is 0 point in gate keeping Overlord. If you gatekeep it you’re inherently just making it worse. Also I expect you mfs to start getting good hits with ts so it becomes more popular
If you’re buying a crypter or making your own and overlord DOESNT work it’s either because you have settings on the at breaks it or you’re fucking retarded. Golang is 100% self contained and native. It works the same as everything. It’s a skill issue.
❤2🔥2
Normal NFT's with images are dumb asf but NFT's with usernames is very cool. Idk what else NFT's could also be used for besides those two though.
I keep seeing stuff about “Mathew Lane” and how he “hacked” power school. All bro did was find stolen creds and logged in. NO hacking was done bro 😭😭😭. He just logged in, stole info and left.
😭6
https://t.me/OverlordPluginz
will be posting to it very soon just need to finish up some stuff in the actual src of overlord
will be posting to it very soon just need to finish up some stuff in the actual src of overlord
1.8.3 is live
Fixed:
1.) Fixed an issue where the user can set the enrollmentStatus to Unknown or NULL and it would bypass auth
2.) Made sure NULL enrollment_status won't happen to any existent clients as well.
3.) Fixed potential vuln where a user if they had your client could make a fake client with all your auth shit and DoS the server.
4.) Fixed issue where console output wasn't bound to just the user using it.
5.) Fixed enrollment timeout leak
6.) Fixed issue where ws.close with 4001 would happen to fast not letting enrollment_status message to flush
7.) wrapped the hello_ack packet in a try catch so if it somehow breaks you won't just loose the client
8.) When a client supersedes a old connection the old one are now cleaned up instead of just shitting itself
Added:
1.) Added more backoff for when a user can't connect to your server (from 10-30) seconds random to 2 mins if it hasn't been online in awhile
2.) Added client grouping to the UI to allow you to easily group clients.
Fixed:
1.) Fixed an issue where the user can set the enrollmentStatus to Unknown or NULL and it would bypass auth
2.) Made sure NULL enrollment_status won't happen to any existent clients as well.
3.) Fixed potential vuln where a user if they had your client could make a fake client with all your auth shit and DoS the server.
4.) Fixed issue where console output wasn't bound to just the user using it.
5.) Fixed enrollment timeout leak
6.) Fixed issue where ws.close with 4001 would happen to fast not letting enrollment_status message to flush
7.) wrapped the hello_ack packet in a try catch so if it somehow breaks you won't just loose the client
8.) When a client supersedes a old connection the old one are now cleaned up instead of just shitting itself
Added:
1.) Added more backoff for when a user can't connect to your server (from 10-30) seconds random to 2 mins if it hasn't been online in awhile
2.) Added client grouping to the UI to allow you to easily group clients.
1.8.4 will be live in about 2 mins.
Added:
1.) Chat system for users + shows online clients (flex). It's a little wonky with the settings but should work just fine.
If anything goes wrong with this update or you find a bug or want a feature added dm @KTicketsBot
Added:
1.) Chat system for users + shows online clients (flex). It's a little wonky with the settings but should work just fine.
If anything goes wrong with this update or you find a bug or want a feature added dm @KTicketsBot
🔥1
Also another thing. Idk if any of you want to have a career in the tech field, but if you do you’re going to HAVE to know what docker is either way. Once you realize how easy it is so setup and the benefits from using it you’ll be like me and use docker for every project then on.
1👍6🔥1
Due to current geo political circumstances we can expect Eric Parker to make a video on overlord soon
❤11🔥2😍1