[Karan007]

Hello guys,

i have two questions.

Q1:

Can a player hack your server to retrieve your GM.[PAWNO SCRIPT]?

Q2:

Can ultra-h steal your script and give it to others?

-Thanks.

[Gammix]

Quote:

Originally Posted by karan007 Q1: Can a player hack your server to retrieve your GM.[PAWNO SCRIPT]?

No, SAMP doesn't work like that.

Quote:

Originally Posted by karan007 Q2: Can ultra-h steal your script and give it to others?

Depends upon the hosting company and its reputation. If you just asking for the possibility, then yes, of course.

[Arastair]

Quote:

Originally Posted by karan007 Hello guys, i have two questions. Q1: Can a player hack your server to retrieve your GM.[PAWNO SCRIPT]? Q2: Can ultra-h steal your script and give it to others? -Thanks.

The first one: I don't know, probably not

Second question: yes, they can

[rymax99]

First, I don't know, can they? If you don't upload plain-text versions of your script to your server, then that completely thwarts that.

Second, again, if you don't upload plain-text copies of your script, the most they'll get are AMX copies.

[Michael B]

Only your FTP account is exposed to hackers, in this case. If they really want to get your sript, they could steal your login informaion and download it, even if this would be quite challenging. However, as long as you don't upload the .pwn version to your host, it would be too tough to docompile it.

[JaKe Elite]

1.) No they can't, unless they got your FTP account / host access to break in to your scripts (Recommendation, Do not upload .pwn over the host as it is not necessary, Upload .amx only)

2.) As far as i know they won't steal anything from you ~ But just to be sure, only upload the .amx (Recommendation: I would recommend you to buy your own server / VPS if you have enough cash to afford it)

[Karan007]

Thanks for your informations, guys

[Diabloa]

Take for example NG:RP, a guy named JJohn hacked the whole server. The entire community knows it, and he admitted it officialy on NG:RP's forum that he knows everyone's account passwords, including admins too. He needs to be banned, but the staff is not doing anythint, because they know that he can destroy the community with a few clicks. So, yeah. It's possible for your GM to be stolen.

[Kapersky™]

Quote:

Originally Posted by Diabloa Take for example NG:RP, a guy named JJohn hacked the whole server. The entire community knows it, and he admitted it officialy on NG:RP's forum that he knows everyone's account passwords, including admins too. He needs to be banned, but the staff is not doing anythint, because they know that he can destroy the community with a few clicks. So, yeah. It's possible for your GM to be stolen.

Nope, it's basically not possible unless FTP information is leaked.

[rymax99]

Quote:

Originally Posted by Kapersky™ Nope, it's basically not possible unless FTP information is leaked.

No, it's not "basically not possible unless FTP information is leaked". That's one vector, misplaced trust.

It's all to common for SA-MP server operators to not know a thing about how to properly administrate the server running their SA-MP server resulting in outdated software, vulnerable/bad configuration of software, and bad design overall. Noteworthy, many people opt to run their web server on the same system as their SA-MP server. That's usually "OK" as long as permissions are set correctly across the board, the web server/PHP(and what not) are running on isolated users, and the system is kept up to date. That's commonly not the case. It's very common for servers to use control panels that are coded very poorly which make it an easy vector for attack, once the web-accessible control panels are exploited and the attacker gains shell access, they then take advantage of being able to read everything else on the system because of poor design/administration/permissions.

In the end, it's a SA-MP server, chances are, if you keep things reasonable secure, and you know what you're doing, you'll be fine. If you have no idea what you're doing, you misplace trust, poorly setup your infrastructure, etc., then you're going to have problems.