1. SA-MP Forums Archive
  2. SA-MP Scripting and Plugins
  3. Filterscripts

Threaded Mode
[FilterScript] [FS]Rcon Protector
kc
Gangsta
****
Posts: 618
Threads: 4
Joined: Aug 2007
Reputation: 0
#1

05.01.2008, 18:02
Hey all, I have heard a few cases of people hacking their rcon passwords. It seems to me the only valid way of doing this is brute force. This script can help tackle that. heres what it does -

you supply it will some keys in the config section at the start of the script
you fill in all the other options.

it will generate a string x length containing random numbers, lowercase, uppercase, symbols in a random order. it will then take your keys and place them into the string randomly. one of the keys is encrypted and inserted into the script. it then changes the rcon to this.
that is placed in a timer, so every xxxxxxxxxxxxx milliseconds, it does that again, changing the password. For people who dont like timers it can also be setup using events (commands, in this case) so instead of xxxxxxxxxx milliseconds, it will trigger after xx commands are sent.

This WILL make rcon unusable, but if that doesnt matter, and you are/ have had problems with rcon "hackers" this may be of use to you

PWN source hotlink

no amx, as there are options that need to be configured. I may upload some pre-configured amx'es later on.
Find
Reply
snipe69
Huge Clucker
***
Posts: 232
Threads: 5
Joined: Aug 2007
Reputation: 0
#2

05.01.2008, 18:14
very good kc thnx
Find
Reply
ReX
Little Clucker
**
Posts: 43
Threads: 3
Joined: Dec 2007
Reputation: 0
#3

05.01.2008, 18:15
Thanks !

Find
Reply
kc
Gangsta
****
Posts: 618
Threads: 4
Joined: Aug 2007
Reputation: 0
#4

05.01.2008, 20:07
Quote:
Originally Posted by [M
Snipe ]
very good kc thnx
Quote:
Originally Posted by ReX
Thanks !



Quote:

Towlies make a function that also changes rcon password to anything random in Useful Function or Snippet. :/
yeah?, oh... thought this was original :P
Find
Reply
jake08
Little Clucker
**
Posts: 20
Threads: 1
Joined: Dec 2007
Reputation: 0
#5

05.01.2008, 20:12
why dony you all make a script to where if they get he password wrong 2-3 times it auto bans them that way there will be no effect of the attack. This way RCON is still usable.
Find
Reply
kc
Gangsta
****
Posts: 618
Threads: 4
Joined: Aug 2007
Reputation: 0
#6

05.01.2008, 20:34
Quote:

why dony you all make a script to where if they get he password wrong 2-3 times it auto bans them that way there will be no effect of the attack. This way RCON is still usable.
i am not aware of any way to do this.. no callback like RconPassFail(playerid) so i dont see any logical way to do this at the moment.
Find
Reply
Antironix
Gangsta
****
Posts: 702
Threads: 6
Joined: May 2007
Reputation: 0
#7

05.01.2008, 21:07
Question: Will OnPlayerRconCommand(or something) be called when you are loggin in?
Find
Reply
kc
Gangsta
****
Posts: 618
Threads: 4
Joined: Aug 2007
Reputation: 0
#8

06.01.2008, 09:31
Quote:
Originally Posted by Antironix
Question: Will OnPlayerRconCommand(or something) be called when you are loggin in?
im not sure, but if it did there would still really be no way to determine if the login was incorrect or not.
Find
Reply
[Z]Sahtiyan
Little Clucker
**
Posts: 4
Threads: 0
Joined: Feb 2009
Reputation: 0
#9

23.02.2009, 10:07
You were doing good
Find
Reply
Killa[DGZ]
Huge Clucker
****
Posts: 354
Threads: 35
Joined: Feb 2010
Reputation: 0
#10

05.10.2011, 11:10
Quote:
Originally Posted by jake08
Посмотреть сообщение
why dony you all make a script to where if they get he password wrong 2-3 times it auto bans them that way there will be no effect of the attack. This way RCON is still usable.
Quote:
Originally Posted by kc
Посмотреть сообщение
i am not aware of any way to do this.. no callback like RconPassFail(playerid) so i dont see any logical way to do this at the moment.
how about !success and using a variable?

pawn Код:
new FailedRconAttempt[MAX_PLAYERS];//

//------------------------------------------------------------------------------
public OnPlayerConnect(playerid)
{
    FailedRconAttempt[playerid] = 0;//
}

//------------------------------------------------------------------------------
public OnRconLoginAttempt(ip[], password[], success)
{
    if(!success)//failed password
    {
        new failstring[128], playersip[16], playername[MAX_PLAYER_NAME];//
        printf("[CONSOLE]: Failed RCON Login Attemp on IP:[ %s ] Using The Password:[ %s ]",ip, password);
        for(new i=0; i<MAX_PLAYERS; i++)
        {
            GetPlayerIp(i, playersip, sizeof(playersip));//
            if(!strcmp(ip, playersip, true))
            {
                FailedRconAttempt[i] ++;//adds 1
                if(FailedRconAttempt[i] < 3)
                {
                    format(failstring, sizeof(failstring), "<| Incorrect Password, Failed Attempts:[ %d ] |>", FailedRconAttempt[i]);//
                    SendClientMessage(i,0xAFAFAFAA, failstring);//
                    return 1;
                }
                GetPlayerName(i, playername, sizeof(playername));//
                format(failstring, sizeof(failstring), "<| %s was banned, reason: FAILED RCON PASSWORD |>", playername);//
                SendClientMessageToAll(0xAFAFAFAA, failstring);//
                format(failstring, sizeof(failstring), "<| THE FAILED RCON PASSWORD WAS: [ %s ] |>", password);//failed password
                SendClientMessageToAll(0xAFAFAFAA, failstring);//
                Ban(i);//
                Kick(i);//
            }
        }
    }
    return 1;
Find
Reply
« Next Oldest | Next Newest »


Forum Jump:


Users browsing this thread: 1 Guest(s)
  1. SA-MP Forums Archive
  2. SA-MP Scripting and Plugins
  3. Filterscripts