Fast problem server got hacked fast fast fast

Fast problem server got hacked fast fast fast - Printable Version

+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Scripting and Plugins (https://sampforum.blast.hk/forumdisplay.php?fid=8)
+--- Forum: Scripting Help (https://sampforum.blast.hk/forumdisplay.php?fid=12)
+--- Thread: Fast problem server got hacked fast fast fast (/showthread.php?tid=580498)

Fast problem server got hacked fast fast fast - Mijata - 05.07.2015

Code:

[23:04:15] [connection] 77.243.181.196:4573 requests connection cookie.
[23:04:16] Incoming connection: 77.243.181.196:4573 id: 5
[23:04:17] [join] GauntletDeutsch has joined the server (5:77.243.181.196)
[23:04:25] [part] Sha has left the server (4:1)
[23:05:05] RCON (In-Game): Player #5 (GauntletDeutsch) has logged in.
[23:05:16] RCON (In-Game): Player [GauntletDeutsch] sent command: ban 3
[23:05:16] [TVC]Mijat[A]. <#3 - 109.245.132.14> has been banned.
[23:05:16] [part] [TVC]Mijat[A]. has left the server (3:2)
[23:05:18] RCON (In-Game): Player [GauntletDeutsch] sent command: ban 
[23:05:20] RCON (In-Game): Player [GauntletDeutsch] sent command: ban 2
[23:05:20] Agustinwarriors123 <#2 - 186.109.243.111> has been banned.
[23:05:20] [part] Agustinwarriors123 has left the server (2:2)
[23:05:21] RCON (In-Game): Player [GauntletDeutsch] sent command: ban 1
[23:05:21] COJA_GOT <#1 - 178.149.251.10> has been banned.
[23:05:21] [part] COJA_GOT has left the server (1:2)
[23:05:24] RCON (In-Game): Player [GauntletDeutsch] sent command: ban 0
[23:05:24] Limeni_Knele <#0 - 87.116.148.101> has been banned.
[23:05:24] [part] Limeni_Knele has left the server (0:2)
[23:05:29] RCON (In-Game): Player [GauntletDeutsch] sent command: password 128931893791279319381293893891893893819389123
[23:05:29] Setting server password to: "128931893791279319381293893891893893819389123"
[23:05:34] RCON (In-Game): Player [GauntletDeutsch] sent command: hostname :3
[23:05:37] [part] GauntletDeutsch has left the server (5:1)

he entered game and banned all players fasstt how i can protect

Re: Fast problem server got hacked fast fast fast - Pawnify - 05.07.2015

Change your RCON password immediately.

Re: Fast problem server got hacked fast fast fast - Mijata - 05.07.2015

changed but he will again try to hack rcon how i can stop this man

Re: Fast problem server got hacked fast fast fast - b3nz - 05.07.2015

You can use this.

Re: Fast problem server got hacked fast fast fast - SickAttack - 05.07.2015

Prevent unauthorized RCON login attempts. (e.g. -> ban the player if they are not a server-sided admin). Also ban the player after three bad RCON login attempts.

That's pretty funny, though. I'm not saying that it's something good, but overall it cracks me up what he did. Specially by setting the hostname to ":3". Hehehehehe.

Re: Fast problem server got hacked fast fast fast - Beckett - 05.07.2015

pawn Code:

rcon 0

In server.cfg then restart.

Re: Fast problem server got hacked fast fast fast - suni - 05.07.2015

i track him down. he's from fucking Germany.

Re: Fast problem server got hacked fast fast fast - Mijata - 05.07.2015

Quote:

Originally Posted by suni

i track him down. he's from fucking Germany.

Thanks bro, i trying to make rcon only for admins but i got 4 errors

Quote:

pwn(2321) : error 017: undefined symbol "adminlevel"
pwn(2321) : warning 215: expression has no effect
pwn(2321) : error 001: expected token: ";", but found "]"
pwn(2321) : error 029: invalid expression, assumed zero
pwn(2321) : fatal error 107: too many error messages on one line

Compilation aborted.Pawn compiler 3.2.3664 Copyright © 1997-2006, ITB CompuPhase

4 Errors.

Code:

public OnRconLoginAttempt(ip[], password[], success)
{
    for(new i=0; i<MAX_PLAYERS; i++) //Loop through all players
    {
        if(adminlevel[i] >  6) //If the admin level is greater than 3 then
        {
            if(!success)
            {
                printf("FAILED RCON LOGIN BY IP %s USING PASSWORD %s",ip, password);
            }
            else
            {
                printf("IP %s logged in to rcon successfully using password %s",ip, password);
            }
        }
        else
        {
            SendClientMessage(playerid, 0xFFFFFFFF, "Only Administrators may use RCON.");
        }
    }
    return 1;
}

Re: Fast problem server got hacked fast fast fast - suni - 06.07.2015

which one is line 2321?
EDIT:

Code:

new adminlevel;

Re: Fast problem server got hacked fast fast fast - SickAttack - 06.07.2015

More than one player version (spam might occur with more players with the same ip online, but none of them will be able to log into rcon).

pawn Code:

// [ DEVELOPMENT GAMEMODE ]

// INCLUDES:

#include <a_samp>
#include <foreach>

// MAIN:

main()
{
    print("Development Mode: rcon_protection_multiple.amx");
}

// CALLBACKS:

public OnGameModeInit()
{   
    return 1;
}

public OnGameModeExit()
{
    return 1;
}

public OnRconLoginAttempt(ip[], password[], success)
{
    new playerid[3] = -1, count;
    foreach(new i: Player)
    {
        if(strcmp(ip, GetPlayerIP(i), true) == 0)
        {
            playerid[count] = i;
            count ++;

            if(count == 3) break;
        }
    }

    for(new i = 0; i < 3; i ++)
    {
        if(playerid[i] != -1)
        {
            if(success)
            {
                if(IsPlayerAdmin(playerid[i])) // Change this for your admin system's condition that validates a player's admin level possession.
                {
                    printf("[RCON] %s (%d) has logged-in.", PlayerName(playerid[i]), playerid[i]);
                }
                else
                {
                    printf("[RCON] %s (%d) was kicked from the server (Bad RCON Login).", PlayerName(playerid[i]), playerid[i]);
                    Kick(playerid[i]);
                }
            }
        }
    }
    return 1;
}

// FUNCTIONS:

stock PlayerName(playerid)
{
    new name[MAX_PLAYER_NAME];
    GetPlayerName(playerid, name, MAX_PLAYER_NAME);
    return name;
}

stock GetPlayerIP(playerid)
{
    new ip[16];
    GetPlayerIp(playerid, ip, sizeof(ip));
    return ip;
}

One player version (if two players with the same ip address are online, the first one will be kicked and the second one will log into rcon):

pawn Code:

// [ DEVELOPMENT GAMEMODE ]

// INCLUDES:

#include <a_samp>
#include <foreach>

// MAIN:

main()
{
    print("Development Mode: rcon_protection.amx");
}

// CALLBACKS:

public OnGameModeInit()
{   
    return 1;
}

public OnGameModeExit()
{
    return 1;
}

public OnRconLoginAttempt(ip[], password[], success)
{
    new playerid = -1;
    foreach(new i: Player)
    {
        if(strcmp(ip, GetPlayerIP(i), true) == 0)
        {
            playerid = i;
            break;
        }
    }

    if(playerid != -1)
    {
        if(success)
        {
            if(IsPlayerAdmin(playerid)) // Change this for your admin system's condition that validates a player's admin level possession.
            {
                printf("[RCON] %s (%d) has logged-in.", PlayerName(playerid), playerid);
            }
            else
            {
                printf("[RCON] %s (%d) was kicked from the server (Bad RCON Login).", PlayerName(playerid), playerid);
                Kick(playerid);
            }
        }
    }
    return 1;
}

// FUNCTIONS:

stock PlayerName(playerid)
{
    new name[MAX_PLAYER_NAME];
    GetPlayerName(playerid, name, MAX_PLAYER_NAME);
    return name;
}

stock GetPlayerIP(playerid)
{
    new ip[16];
    GetPlayerIp(playerid, ip, sizeof(ip));
    return ip;
}

The rest is up to you, whether you allow more than one player with the same ip address connect to your server or not.