What helps anti dialog spoofing? - Printable Version

+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Scripting and Plugins (https://sampforum.blast.hk/forumdisplay.php?fid=8)
+--- Forum: Scripting Help (https://sampforum.blast.hk/forumdisplay.php?fid=12)
+--- Thread: What helps anti dialog spoofing? (/showthread.php?tid=624963)

---

What helps anti dialog spoofing? - Learn - 25.12.2016

What helps anti dialog spoofing?

---

Re: What helps anti dialog spoofing? - GoldenLion - 25.12.2016

You mean dialog ID spoofing? I heard that somewhere, I'm not even sure if it's possible.

---

Re: What helps anti dialog spoofing? - Lordzy - 25.12.2016

Dialog spoofing is possible, I can confirm this. The answer to your question in short is that it can prevent your dialogs getting spoofed or called by clients directly. Suppose you have have this code:
Here from the above code you can see clearly that the dialog is meant to be shown only for RCON admins. True, but there's no checks over it's response. A response can be given to the server faking the parameters of the callback. Which means, according to the unsafe code above, even a normal player can kick every players on a server. It's always better to safeguard all your callbacks since most of them can get called with fake parameters and values.
That also includes the values that you directly use as array indexes. Never trust the data you get from clients totally, unless it's filtered and safe to be used. Or else it would risk your security or lead to server crashes.

---

Re: What helps anti dialog spoofing? - AndreiWow - 25.12.2016

What does 'spoofing' mean?

---

Re: What helps anti dialog spoofing? - Lordzy - 25.12.2016

It's more like tricking the server by sending falsified data. Read - https://en.wikipedia.org/wiki/Spoofing_attack

---

Re: What helps anti dialog spoofing? - AndreiWow - 25.12.2016

Also I got this for you @Learn

https://sampforum.blast.hk/showthread.php?tid=586848

---