SA-MP Forums Archive
[Include] Script Secure ADM - Printable Version

+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Scripting and Plugins (https://sampforum.blast.hk/forumdisplay.php?fid=8)
+--- Forum: Filterscripts (https://sampforum.blast.hk/forumdisplay.php?fid=17)
+---- Forum: Includes (https://sampforum.blast.hk/forumdisplay.php?fid=83)
+---- Thread: [Include] Script Secure ADM (/showthread.php?tid=600408)


Script Secure ADM - AbyssMorgan - 07.02.2016

Hello, I would like to present include allowing us to introduce additional security for our file AMX.

Security Functions:
a) AntiDeAMX
b) ScriptSecureADM
- IP and PORT checker
- Expiration date script
- Control slots server
- Check rcon password
- Check server language
- Web ACK System

How to use ScriptSecure.inc
PHP код:
//Install
//#define DONT_ALLOW_LOCALHOST  //additional option
//#define CHECK_MAX_PLAYERS     //additional option
//#define CHECK_RCON_PASSWORD   //additional option
//#define CHECK_SERVER_LANGUAGE //additional option
#define FILE_SERVERIP           "127.0.0.1"
#define FILE_SERVERPORT         (7777)
#define FILE_LICENSEID          (20160201) //<--- YYYYMMDD 01.02.2016 (DD.MM.YYYY)
//FILE_LICENSEID - This is the expiry date of the script, if passed it will not be able to run gamemode
#define FILE_MAX_PLAYERS        (500)      //max players in server.cfg
#define FILE_RCONPASS           "123"      //rcon password
#define FILE_LANGUAGE           "English"  //server language
//Web ACK System
//#define ENABLE_WEB_ACK        //additional option (definitions below apply to this option)
//#define SCRIPT_ACK_KEY        "{BOBO_HAHA,ACCESSCONTROL,TRUE}"
//#define SCRIPT_ACK_URL        "example.com/secure_adm/index.php"
//#define SCRIPT_ANTI_FLOOD     (123)   //change this number
//#define SCRIPT_ACK_TIME       (10000) //10 second
#include <ScriptSecure>
public OnGameModeInit(){ //OR OnFilterScriptInit
    AntiDeAMX();
    ScriptSecureADM();
    
    return 1;

How to use MultiScriptSecure.inc
PHP код:
//Install
//#define CHECK_MAX_PLAYERS     //additional option
//#define CHECK_RCON_PASSWORD   //additional option
//#define CHECK_SERVER_LANGUAGE //additional option
//Web ACK System
//#define ENABLE_WEB_ACK        //additional option (definitions below apply to this option)
//#define SCRIPT_ACK_KEY        "{BOBO_HAHA,ACCESSCONTROL,TRUE}"
//#define SCRIPT_ACK_URL        "example.com/secure_adm/index.php"
//#define SCRIPT_ANTI_FLOOD     (123) //change this number
//#define SCRIPT_ACK_TIME       (10000) //10 second
Add server information to ADMServerList
public OnGameModeInit(){ //OR OnFilterScriptInit
    AntiDeAMX();
    ScriptSecureADM();
    
    return 1;

How to use UltimateScriptSecure.inc
PHP код:
//Install
//1. Open UltimateScriptSecure and find "User Configuration"
//2. Edit you server information.
public OnGameModeInit(){ //OR OnFilterScriptInit
    
    if(!USS_Init()) return 0;
    
    return 1;

Web ACK System:
PHP File for ScriptSecure.inc, MultiScriptSecure.inc, UltimateScriptSecure.inc

If you want to use the authorization by the website follow the steps:
1. Edit /secure_adm/index.php
PHP код:
$ANTI_FLOOD '123'//the same as SCRIPT_ANTI_FLOOD
$ACK_TRUE =   '{BOBO_HAHA,ACCESSCONTROL,TRUE}'//the same as SCRIPT_ACK_KEY
$ACK_FALSE =  'Fuck you thief :P'//anything 
2. Edit /secure_adm/Server.txt
PHP код:
//add IP:PORT your server, example:
127.0.0.1:7777
127.0.0.1:7778 
Error List:
PHP код:
[ADMInfoLocal server detect.
[ADMErrorThis script is stolen.
[ADMErrorScript license has expired.
[ADMErrorInvalid server configcheck your max players.
[ADMErrorInvalid server configcheck your rcon password.
[ADMErrorInvalid server configcheck your language.
[ADMErrorThe script did not get permission to activation
What should I choose ?
ScriptSecure.inc - For one server configuration.
MultiScriptSecure.inc - For many server configurations.
UltimateScriptSecure.inc - The same as above but more advanced options.

Download:
UltimateScriptSecure.inc (v5.0.0)
MultiScriptSecure.inc (v4.0.1)
ScriptSecure.inc (v4.0.1)
Web ACK System


Notice:
Posts can be made available in a other language forums, please remember to keep the author and permanent link to file on github and a link to post in forum samp.

Non-Registered Users:
Bug Report

Re: Script Secure ADM - Gammix - 07.02.2016

pawn Код:
#if !defined isnull
    #define isnull(%1) ((!(%1[0])) || (((%1[0]) == '\1') && (!(%1[1]))))
#endif
Do the same for these:
pawn Код:
#define FILE_SERVERIP           "127.0.0.1"
#define FILE_SERVERPORT         (7777)          
#define FILE_LICENSEID          (20160201)      //<--- YYYYMMDD 01.02.2016 (DD.MM.YYYY)
#define FILE_MAX_PLAYERS        (500)           //max players in server.cfg
#define FILE_RCONPASS           "123"           //rcon password
#define FILE_LANGUAGE           "Polish"        //server language
So the user won't need to edit the include but do something like this:
pawn Код:
#define FILE_SERVERIP "127.0.0.1"
#include <ScriptSecure>
And i think the only thing enough for security is the IP and PORT.

Re: Script Secure ADM - AbyssMorgan - 07.02.2016

Quote:
Originally Posted by Gammix
Посмотреть сообщение
pawn Код:
#if !defined isnull
    #define isnull(%1) ((!(%1[0])) || (((%1[0]) == '\1') && (!(%1[1]))))
#endif
Do the same for these:
pawn Код:
#define FILE_SERVERIP           "127.0.0.1"
#define FILE_SERVERPORT         (7777)          
#define FILE_LICENSEID          (20160201)      //<--- YYYYMMDD 01.02.2016 (DD.MM.YYYY)
#define FILE_MAX_PLAYERS        (500)           //max players in server.cfg
#define FILE_RCONPASS           "123"           //rcon password
#define FILE_LANGUAGE           "Polish"        //server language
So the user won't need to edit the include but do something like this:
pawn Код:
#define FILE_SERVERIP "127.0.0.1"
#include <ScriptSecure>
And i think the only thing enough for security is the IP and PORT.
okay I might add, I personally love the protection time, useful when we are co-owner of the server

Re: Script Secure ADM - Gammix - 07.02.2016

Actually you got it wrong:
pawn Код:
#if !defined FILE_SERVERIP
    #error Please #define FILE_SERVERIP "127.0.0.1"
#endif
Should/Recommended to be like this:
pawn Код:
#if !defined FILE_SERVERIP
    #define FILE_SERVERIP "127.0.0.1"
#endif
So if user haven't defined, the include will run on its default value.

Re: Script Secure ADM - Spmn - 07.02.2016

1. Your protection will fail if "bind" is unset since comparing a null string to a non-null string will return 0 (strings are the same)

2. There is no point in checking if rcon_password is unset because it can't be.

3. I don't get why you stop server if Language or RCON Password is set to any other value than what it is defined in script. Why don't you just change them to the value that should be and eventually print a warning message.

4. Instead of throwing the same error in case of misconfiguration (Invalid Server Config) it should print different messages for every case. It can be quite hard for a newbie to find out what is misconfigured.

Re: Script Secure ADM - AbyssMorgan - 08.02.2016

1. corrected
2. corrected
3. added switches
PHP код:
#define DONT_ALLOW_LOCALHOST    //additional option
#define CHECK_MAX_PLAYERS        //additional option
#define CHECK_RCON_PASSWORD        //additional option
#define CHECK_SERVER_LANGUAGE    //additional option 
4. corrected

Re: Script Secure ADM - JustMe.77 - 08.02.2016

Could you add multiple IP's Port and stuff? I'd need it for example with my HomeServer IP, Main Server IP and TestServer IP.

Anyways, nice Include.

Re: Script Secure ADM - AbyssMorgan - 08.02.2016

I can do it

Re: Script Secure ADM - AbyssMorgan - 08.02.2016

Quote:
Originally Posted by JustMe.77
Посмотреть сообщение
Could you add multiple IP's Port and stuff? I'd need it for example with my HomeServer IP, Main Server IP and TestServer IP.

Anyways, nice Include.
I created a second version which allows you to specify multiple servers.
Read the instruction inside file.
https://github.com/AbyssMorgan/SA-MP...riptSecure.inc

Re: Script Secure ADM - AbyssMorgan - 25.06.2016

Update v4.0 for ScriptSecure.inc and MultiScriptSecure.inc:
- Added Web ACK System (confirmation by the web server)
- Fixed minor bugs in the code

Re: Script Secure ADM - JustMe.77 - 04.07.2016

Using it since yesterday active, great release!
Is there any way to only allow Localhost?

Re: Script Secure ADM - AbyssMorgan - 04.07.2016

localhost is always allowed in ScriptSecure.inc unless you use options
DONT_ALLOW_LOCALHOST

if the server ip 127.0.0.1 give the script will be available only for localhost

Example localhost:
PHP код:
#define FILE_SERVERIP           "127.0.0.1" 
#define FILE_SERVERPORT         (7777) 
#define FILE_LICENSEID          (20160201) //<--- YYYYMMDD 01.02.2016 (DD.MM.YYYY) 
#define FILE_MAX_PLAYERS        (500)      //max players in server.cfg 
#define FILE_RCONPASS           "123"      //rcon password 
#define FILE_LANGUAGE           "English"  //server language 
Example public server (91.196.50.114:7777):
PHP код:
#define FILE_SERVERIP           "91.196.50.114" 
#define FILE_SERVERPORT         (7777) 
#define FILE_LICENSEID          (20160201) //<--- YYYYMMDD 01.02.2016 (DD.MM.YYYY) 
#define FILE_MAX_PLAYERS        (500)      //max players in server.cfg 
#define FILE_RCONPASS           "123"      //rcon password 
#define FILE_LANGUAGE           "English"  //server language 


Re: Script Secure ADM - AbyssMorgan - 01.02.2017

Update v5.0.0:

- Created new UltimateScriptSecure.inc (archetype MultiScriptSecure.inc)

- Added an additional option to individually choose the type of security.

- Added internal callback
PHP код:
USS_OnScriptError(errorid); 
- Added special definition USS_ANONYMOUS for use any ip/port

Download:
UltimateScriptSecure.inc

Re: Script Secure ADM - Bolex_ - 01.02.2017

Good Job

Re: Script Secure ADM - OneDay - 01.02.2017

Can you add password: https://sampforum.blast.hk/showthread.php?tid=624230

Re: Script Secure ADM - JustMe.77 - 12.02.2017

Thanks for the update, by far one of my favourite includes