From http://www.eathena.ws/board/Simple-Anti-hacker-Script-t155583.html (http://www.eathena.ws/board/Simple-Anti-hacker-Script-t155583.html)
QuoteI know this script isn't very advanced, however it proves to be useful if someone finds a security flaw in one of your systems and manages to make them selves a GM (This recently happened on my server, so DON'T say it doesn't happen, it does).
Note, replace ADMIN_NAME with your server administartors in-game character name, but if you have mail disabled, just comment the entire line. Also note, make the GM account ID's (I set by default 2000001-2000020) to your GM account ID's.
//===== eAthena Script =======================================
//= Anti GM level hacks
//===== By: ==================================================
//= [GM]Xeon @ Massive Emulation (Massemu.com)
//===== Current Version: =====================================
//= 1.0
//===== Compatible With: =====================================
//= All modern eAthena SVN's, trunk and stable.
//===== Description: =========================================
//= Prevent players from hacking your server by instantly
//= banning them and sending the administrator a mail message.
//===== Additional Comments: =================================
//= Note, replace ADMIN_NAME with your server administartors
//= in-game character name, but if you have mail disabled,
//= just comment the entire line. Also note, make the GM
//= account ID's (I set by default 2000000-2000020) to your GM
//= account ID's.
//============================================================
new_zone01.gat,0,0,0 script OnPCLoginEvent -1,{
if (getgmlevel() == 0) end;
// The allowed GM account ID's block
if (getcharid(3) == 2000001) end;
if (getcharid(3) == 2000002) end;
if (getcharid(3) == 2000003) end;
if (getcharid(3) == 2000004) end;
if (getcharid(3) == 2000005) end;
if (getcharid(3) == 2000006) end;
if (getcharid(3) == 2000007) end;
if (getcharid(3) == 2000008) end;
if (getcharid(3) == 2000009) end;
if (getcharid(3) == 2000010) end;
if (getcharid(3) == 2000011) end;
if (getcharid(3) == 2000012) end;
if (getcharid(3) == 2000013) end;
if (getcharid(3) == 2000014) end;
if (getcharid(3) == 2000015) end;
if (getcharid(3) == 2000016) end;
if (getcharid(3) == 2000017) end;
if (getcharid(3) == 2000018) end;
if (getcharid(3) == 2000019) end;
if (getcharid(3) == 2000020) end;
// End of the allowed GM account ID's block
atcommand "@ban +6m " + strcharinfo(0);
atcommand "@sendprioritymail ADMIN_NAME I tried to hack my GM level to " + getgmlevel();
logmes "Warning: " + strcharinfo(0) + " has been banned for hacking his/her GM level";
end;
}
QuoteI know this script isn't very advanced, however it proves to be useful if someone finds a security flaw in one of your systems and manages to make them selves a GM (This recently happened on my server, so DON'T say it doesn't happen, it does).
Sorry, but that will only happen if you are a moron.
Quote from: Brainstorm on Jul 07, 2008, 10:30 PM
QuoteI know this script isn't very advanced, however it proves to be useful if someone finds a security flaw in one of your systems and manages to make them selves a GM (This recently happened on my server, so DON'T say it doesn't happen, it does).
Sorry, but that will only happen if you are a moron.
Indeed, you can disable the @gm command.
Quote from: Brainstorm on Jul 07, 2008, 10:30 PM
QuoteI know this script isn't very advanced, however it proves to be useful if someone finds a security flaw in one of your systems and manages to make them selves a GM (This recently happened on my server, so DON'T say it doesn't happen, it does).
Sry, that but will only happen if u are an moron.
"They can't hack their gm levels unless you enabled @adjgmlvl, or placed a faulty mailing system/or any script that accepts text input, then queries into sql via NPCs."
Cleaned up the code anyway
new_zone01.gat,0,0,0 script OnPCLoginEvent -1,{
if (getgmlevel() == 0) end;
// The allowed GM account ID's block
switch (getcharid(3)){
case 200001:
case 200002:
//And so on and so forth
end;
break;
}
// End of the allowed GM account ID's block
atcommand "@ban +6m " + strcharinfo(0);
//atcommand "@sendprioritymail ADMIN_NAME I tried to hack my GM level to " + getgmlevel();
//logmes "Warning: " + strcharinfo(0) + " has been banned for hacking his/her GM level";
//LOL, it will be logged to atcommand log, so no need..
end;
/swt this seems... like a pointless thing to put in XD
unless you know totally nothing about being an admin... then it might not be such a bad idea i guess =o