Anti-Hacking Script

Started by Zone, Jul 07, 2008, 08:26 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Zone

From http://www.eathena.ws/board/Simple-Anti-hacker-Script-t155583.html

QuoteI know this script isn't very advanced, however it proves to be useful if someone finds a security flaw in one of your systems and manages to make them selves a GM (This recently happened on my server, so DON'T say it doesn't happen, it does).

Note, replace ADMIN_NAME with your server administartors in-game character name, but if you have mail disabled, just comment the entire line. Also note, make the GM account ID's (I set by default 2000001-2000020) to your GM account ID's.


//===== eAthena Script =======================================
//= Anti GM level hacks
//===== By: ==================================================
//= [GM]Xeon @ Massive Emulation (Massemu.com)
//===== Current Version: =====================================
//= 1.0
//===== Compatible With: =====================================
//= All modern eAthena SVN's, trunk and stable.
//===== Description: =========================================
//= Prevent players from hacking your server by instantly
//= banning them and sending the administrator a mail message.
//===== Additional Comments: =================================
//= Note, replace ADMIN_NAME with your server administartors
//= in-game character name, but if you have mail disabled,
//= just comment the entire line. Also note, make the GM
//= account ID's (I set by default 2000000-2000020) to your GM
//= account ID's.
//============================================================

new_zone01.gat,0,0,0    script    OnPCLoginEvent    -1,{

    if (getgmlevel() == 0) end;

    // The allowed GM account ID's block
    if (getcharid(3) == 2000001) end;
    if (getcharid(3) == 2000002) end;
    if (getcharid(3) == 2000003) end;
    if (getcharid(3) == 2000004) end;
    if (getcharid(3) == 2000005) end;
    if (getcharid(3) == 2000006) end;
    if (getcharid(3) == 2000007) end;
    if (getcharid(3) == 2000008) end;
    if (getcharid(3) == 2000009) end;
    if (getcharid(3) == 2000010) end;
    if (getcharid(3) == 2000011) end;
    if (getcharid(3) == 2000012) end;
    if (getcharid(3) == 2000013) end;
    if (getcharid(3) == 2000014) end;
    if (getcharid(3) == 2000015) end;
    if (getcharid(3) == 2000016) end;
    if (getcharid(3) == 2000017) end;
    if (getcharid(3) == 2000018) end;
    if (getcharid(3) == 2000019) end;
    if (getcharid(3) == 2000020) end;
    // End of the allowed GM account ID's block

    atcommand "@ban +6m " + strcharinfo(0);
    atcommand "@sendprioritymail ADMIN_NAME I tried to hack my GM level to " + getgmlevel();
    logmes "Warning: " + strcharinfo(0) + " has been banned for hacking his/her GM level";
    end;

}

Brainstorm

QuoteI know this script isn't very advanced, however it proves to be useful if someone finds a security flaw in one of your systems and manages to make them selves a GM (This recently happened on my server, so DON'T say it doesn't happen, it does).
Sorry, but that will only happen if you are a moron.

Zone

Quote from: Brainstorm on Jul 07, 2008, 10:30 PM
QuoteI know this script isn't very advanced, however it proves to be useful if someone finds a security flaw in one of your systems and manages to make them selves a GM (This recently happened on my server, so DON'T say it doesn't happen, it does).
Sorry, but that will only happen if you are a moron.
Indeed, you can disable the @gm command.

Helrouis

Quote from: Brainstorm on Jul 07, 2008, 10:30 PM
QuoteI know this script isn't very advanced, however it proves to be useful if someone finds a security flaw in one of your systems and manages to make them selves a GM (This recently happened on my server, so DON'T say it doesn't happen, it does).
Sry, that but will only happen if u are an moron.
"They can't hack their gm levels unless you enabled @adjgmlvl, or placed a faulty mailing system/or any script that accepts text input, then queries into sql via NPCs."

Cleaned up the code anyway

new_zone01.gat,0,0,0    script    OnPCLoginEvent    -1,{
    if (getgmlevel() == 0) end;
    // The allowed GM account ID's block
    switch (getcharid(3)){
        case 200001:
        case 200002:
   //And so on and so forth
        end;
        break;
    }

    // End of the allowed GM account ID's block

    atcommand "@ban +6m " + strcharinfo(0);
    //atcommand "@sendprioritymail ADMIN_NAME I tried to hack my GM level to " + getgmlevel();
    //logmes "Warning: " + strcharinfo(0) + " has been banned for hacking his/her GM level";
    //LOL, it will be logged to atcommand log, so no need..
    end;

Guest

/swt this seems... like a pointless thing to put in XD
unless you know totally nothing about being an admin... then it might not be such a bad idea i guess =o