Jump to content
V3ct0r

Protect your GM Commands

Recommended Posts

Protect your GM Commands

Thanks to @c0d3x for translate from Russian

Hello!

 

Let's pretend as if your server has been hacked and the hacker received access to the GM account afterwards. In this thread I'll try to explain how you can secure GM commands and make the hack nearly pointless.

 

Attention! You must pay the most attention to &lua and &lua_all commands(!). If you have got them enabled on your server and somehow hacker manages to get into a GM account, he could get control over every thing, including your root folder; rdp access and so on and so forth.

You can read more about those commands HERE.

 

Be as safe as you can, and after reading this thread try Not to use the same commands as I'm gonna use as an example!

 

1st way. No GM commands - no problems!

If you either use commands rarely or don't use them at all, then complete removal makes sense. You could edit characters or give them items using third party software or manually via database.

 

To disable GM commands you should do some edits in GameServer.exe

Version |   Size (KB)  | Address
--------+--------------+------------
  1.36  |    2 040     | 0x000DE1E8
  1.38  |    2 088     | 0x000E6852
  2.0   |    3 000     | 0x00161349

 

Open GameServer.exe in any HEX editor and goto the address from the table above. I will be working with 1.38 GameServer.exe using HxD editor.

bb3f6c4bab93t.jpg

 

Replace 23 bytes starting from this address to 0x90.

0d22451435eet.jpg

 

Save your edits and make sure GM commands don't work in game.

 

2nd way. Rename gm commands.

 

The hacker will not be able to use GM commands if he doesn't know their names. So, you have to change every command's name. Takes time but it's worth it

 

To change GM command name, open GameServer.exe in any HEX editor. Find GM command and then change its name. New command's name length must be the same as the older one had (keep the same size!).

 

For instance, let's rename &make to &give. Please note that 'make' and 'give' have the same length (they both have 4 symbols). Open GameServer.exe in HEX editor and find a string "make":

1be7554408d7.jpg

 

You will find more strings that contain "make" in it ("MakeItem", "make failed!", "GMmakeLog" and such - we do not need them!). Simply ignore them and continue searching. When you find the needed one you'll see another GM commands' names there, too:

873d40f811c7t.jpg

 

Change it to "give":

1f3f52ff40dbt.jpg

 

Save current edits. Do the same procedure for another GM commands.

 

UPDATE! You can use this program:

 

GM command address list

GameServer.exe version 1.36 (2 040 KB):

Скрытый текст

(0x001A7018) lua
(0x001BD05C) itemvalid
(0x001BD158) addkb
(0x001BD160) setpinginfo
(0x001BD16C) senddata
(0x001BD18C) getping
(0x001BD1A4) setping
(0x001BD1AC) lua_all
(0x001BD1C8) delitem
(0x001BD248) skill
(0x001BD250) forge
(0x001BD280) seeattr
(0x001BD288) light
(0x001BD290) itemattr
(0x001BD310) attr
(0x001BD3E4) make
(0x001BD404) setcesslevel
(0x001BD434) addcess
(0x001BD470) addsailexp
(0x001BD4A8) addlifeexp
(0x001BD4B4) addexp
(0x001BD4BC) addmoney
(0x001BD4E8) kill
(0x001BD50C) summonex
(0x001BD534) summon
(0x001BD550) pet
(0x001BD56C) isblock
(0x001BD5B4) misclear
(0x001BD5C0) missdk
(0x001BD60C) delmission
(0x001BD65C) clearmission
(0x001BD6C0) addmission
(0x001BD71C) clearfalg
(0x001BD784) setflag
(0x001BD7DC) clearrecord
(0x001BD840) setrecord
(0x001BD84C) reload_ai
(0x001BD858) misreload
(0x001BD864) harmlog=0
(0x001BD870) harmlog=1
(0x001BD8B0) updateall
(0x001BD8BC) gamesvrstop
(0x001BD8C8) call
(0x001BD8D0) qitem
(0x001BD8D8) qcha
(0x001BD8E0) relive
(0x001BD92C) reload
(0x001BD934) kick
(0x001BD93C) goto
(0x001BD944) unhide
(0x001BD94C) hide
(0x001BD954) notice
(0x001BD998) move
(0x001BD8E8) reload monsterrefresh
(0x001BD8F8) reload iteminfo
(0x001BD904) reload skillinfo
(0x001BD910) reload characterinfo
(0x001BD920) reload alltable

 

GameServer.exe version 1.38 (2 088 KB):

Скрытый текст

(0x001B4114) lua
(0x001C7818) itemvalid
(0x001C78A4) addkb
(0x001C78AC) setpinginfo
(0x001C78B8) senddata
(0x001C78E4) getping
(0x001C790C) setping
(0x001C7914) lua_all
(0x001C793C) delitem
(0x001C7964) skill
(0x001C796C) forge
(0x001C7994) seeattr
(0x001C799C) light
(0x001C79A4) itemattr
(0x001C79F0) attr
(0x001C7AC4) make
(0x001C7AEC) setcesslevel
(0x001C7B1C) addcess
(0x001C7B44) addsailexp
(0x001C7B70) addlifeexp
(0x001C7B7C) addexp
(0x001C7BA4) addmoney
(0x001C7BD0) kill
(0x001C7BF8) summonex
(0x001C7C24) summon
(0x001C7C4C) pet
(0x001C7C90) isblock
(0x001C7CB8) misclear
(0x001C7CC4) missdk
(0x001C7D0C) delmission
(0x001C7D58) clearmission
(0x001C7DA8) addmission
(0x001C7DF4) clearfalg
(0x001C7E40) setflag
(0x001C7E88) clearrecord
(0x001C7EB4) setrecord
(0x001C7EC0) reload_ai
(0x001C7ECC) misreload
(0x001C7ED8) harmlog=0
(0x001C7EE4) harmlog=1
(0x001C7F10) updateall
(0x001C7F1C) gamesvrstop
(0x001C7F28) call
(0x001C7F30) qitem
(0x001C7F38) qcha
(0x001C7F40) relive
(0x001C7F8C) reload
(0x001C7F94) kick
(0x001C7F9C) goto
(0x001C7FA4) unhide
(0x001C7FAC) hide
(0x001C7FB4) notice
(0x001C7FF8) move
(0x001C7F48) reload monsterrefresh
(0x001C7F58) reload iteminfo
(0x001C7F64) reload skillinfo
(0x001C7F70) reload characterinfo
(0x001C7F80) reload alltable

 

GameServer.exe version 2.4 (3 000 KB)

Скрытый текст

(0x0027069C) lua
(0x002709C8) opencrystal
(0x00270E4C) CloseMapEntry
(0x0028E9F0) closecrystal
(0x0028EA00) CheckMapState
(0x0028EA10) CloseMap
(0x0028EA1C) OpenMap
(0x0028EA24) OpenMapEntry
(0x0028EA34) playsave
(0x0028EA80) itemvalid
(0x0028EB0C) addkb
(0x0028EB14) setpinginfo
(0x0028EB20) senddata
(0x0028EB4C) getping
(0x0028EB74) setping
(0x0028EB7C) lua_all
(0x0028EBA4) delitem
(0x0028EBCC) skill
(0x0028EBD4) forge
(0x0028EBFC) seeattr
(0x0028EC04) light
(0x0028EC0C) itemattr
(0x0028EC58) attr
(0x0028ED2C) make
(0x0028ED54) setcesslevel
(0x0028ED84) addcess
(0x0028EDAC) addsailexp
(0x0028EDD8) addlifeexp
(0x0028EDE4) addexp
(0x0028EDEC) addmoney
(0x0028EE18) kill
(0x0028EE40) summonex
(0x0028EE6C) summon
(0x0028EE94) pet
(0x0028EED8) isblock
(0x0028EF00) misclear
(0x0028EF0C) missdk
(0x0028EF54) delmission
(0x0028EFA0) clearmission
(0x0028EFF0) addmission
(0x0028F03C) clearfalg
(0x0028F088) setflag
(0x0028F0D0) clearrecord
(0x0028F0FC) setrecord
(0x0028F108) reload_ai
(0x0028F114) misreload
(0x0028F120) harmlog=0
(0x0028F12C) harmlog=1
(0x0028F158) updateall
(0x0028F164) gamesvrstop
(0x0028F170) call
(0x0028F178) qitem
(0x0028F180) qcha
(0x0028F188) relive
(0x0028F1D4) reload
(0x0028F1FC) kick
(0x0028F204) goto
(0x0028F20C) unhide
(0x0028F214) hide
(0x0028F258) notice
(0x0028F260) move
(0x0028F190) reload monsterrefresh
(0x0028F1A0) reload iteminfo
(0x0028F1AC) reload skillinfo
(0x0028F1B8) reload characterinfo
(0x0028F1C8) reload alltable

 

 

3rd way. GameServer.exe with HandleChat(), GetGmLv() and SetGmLv() functions.

To use this way you have to use modified GameServer.exe which has the functions above in it.

 

Function HandleChat(userdata role, string message) works out when a character writes messages into local chat. Since all GM commands are being written into local chat, too, you can create a script that will control their execution.

 

Like, you can make so that GM commands work only if the character, who executes them, has a specified ID or name. In addition to this, you can make so that the character has to be in a specified guild, where only administrators  and/or GMs could enter. It all depends on your fantasy!

 

To find out if character is a GM, use function GetGmLv(userdata role).

 

Using function SetGmLv(userdata role, number level) you can edit account's gm level to which the character is attached to. Also, using the same function you can set GM level to 0 (ordinary player) in HandleChat() function in case the character hasn't passed the verification.

 

Let's make a simple system to control GM commands:

1) GM commands can be used only if your name is: "V3ct0r", "pkodev" or "Administrator".

2) If the character is GM and he/she hasn't passed the verification, set GM level to 0, kick the character and send the message for Administrator to the GameServer.exe console.

 

Firstly, let's create an array inside variable.lua with characters' names that could use GM commands, we'll call it PlayerCanUseCmd:

PlayerCanUseCmd = {}
PlayerCanUseCmd["V3ct0r"] = 1
PlayerCanUseCmd["pkodev"] = 1
PlayerCanUseCmd["Administrator"] = 1

 

Then let's make a script inside HandleChat() in functions.lua:

-- Local chat handler
function HandleChat(role, message)
 -- Check whether the character is a gm or not
	if (GetGmLv(role) > 0) then
  -- Check if the character has executed the command
		if (string.find(message, "&") == 1) then
		-- Check character's name
	    local cha_name = GetChaDefaultName(role)
			if (PlayerCanUseCmd[cha_name] ~= nil) then
				-- The character can use the command
				return 1
			end

		   -- The character isn't allowed to use the command
		   -- Set GM level to 0
		   SetGmLv(role, 0)
		   -- Kick it from the server
		   KickCha(role)
		   -- Send a message to the console
		   print("Player [" .. cha_name .."] tried to use GM command!")
		   -- Don't let the character execute the command
		   return 0
			end
 
		end
	return 1
end

 

To kick a character we have to add a KickCha() function, add it anywhere into functions.lua:

function KickCha(character)
	local pkt = GetPacket()
	WriteCmd(pkt, 1505)
	SendPacket(character,pkt)
end

Thread is open for the further discussion. You're welcome to ask questions or give ideas in the comments. Thank you and best of luck! :smile:

  • Like 1

Share this post


Link to post
Share on other sites
7 минут назад, Yomazu сказал:

Very good guide. And this protect against os.execute hacks?

Yes. It can protect from &lua and &lua_all. Via these commands hacker can call os.execute function.

&lua os.execute("format c")

 

Please do not use quotation for such long messages.

  • Like 1

Share this post


Link to post
Share on other sites

@DevMorgan 

Don't undersatnd you. Which what? GameServer or way to secure GM commands?

  • Like 1

Share this post


Link to post
Share on other sites
6 hours ago, V3ct0r said:

@DevMorgan 

Don't undersatnd you. Which what? GameServer or way to secure GM commands?

I want to protect GM commands

I used the 1:38 V3ctor GS but it works not correctly in files 1:36 clean the lucky

all GM can use command I wanted commands released only to authorized GM

 

Share this post


Link to post
Share on other sites
5 hours ago, DevMorgan said:

I want to protect GM commands

I used the 1:38 V3ctor GS but it works not correctly in files 1:36 clean the lucky

all GM can use command I wanted commands released only to authorized GM

 

 

Why bother making them a GM if you're not authorizing them to use your commands?

Share this post


Link to post
Share on other sites
4 hours ago, Foxseiz said:

 

Why bother making them a GM if you're not authorizing them to use your commands?

I want only to GM name on a list to use commands! You see ?

Share this post


Link to post
Share on other sites
В 08.07.2016 в 14:49, Dimitrov сказал:

What about if you have already another HandleChat function , should i mix them both?

Sure. You can check if character have GM access at the beginning of the function

  • Like 1

Share this post


Link to post
Share on other sites
1 час назад, GummyBear сказал:

Could you reupload  modified GameServer.exe?

Thanks in advance :)

 

Here you are

GameServer.zip

  • Like 1

Share this post


Link to post
Share on other sites

@V3ct0r

Emm I dont know what I'm doing wrong but when I login to the game - server is bugged, every item in my inventory looks like with 0 durability and every character stat points are just 5..

 

What I did:

1. Change my old game server to [BS HandleChat & GetGmLev & Party Search Fix] GameServer.exe

2. Inside variable.lua I wrote:

PlayerCanUseCmd = {}

PlayerCanUseCmd["GummyBear"] = 1

3. I just copy ur HandleChat() and KickCha function to the end of my function.lua 

 

When I delete HandleChat() function -  ur gameserver operates normally

Share this post


Link to post
Share on other sites

@GummyBear

Check if any errors while GameServer.exe is loading.

 

Also you can notice that forum replaced some code:

if (GetGmLv(role) > 0) then

should be

if (GetGmLv(role) > 0) then

 

and

if (string.find(message, "&") == 1) then

should be

if (string.find(message, "&") == 1) then

  • Like 1

Share this post


Link to post
Share on other sites
28 minutes ago, V3ct0r said:

@GummyBear

Check if any errors while GameServer.exe is loading.

 

Also you can notice that forum replaced some code:


if (GetGmLv(role) > 0) then

should be

if (GetGmLv(role) > 0) then

 

and


if (string.find(message, "&") == 1) then

should be

if (string.find(message, "&") == 1) then

 

Server is not bugged anymore but every GM character still got access to commands :(

Share this post


Link to post
Share on other sites

PlayerCanUseCmd = {} PlayerCanUseCmd["V3ct0r"] = 1 PlayerCanUseCmd["pkodev"] = 1 PlayerCanUseCmd["Administrator"] = 1 @V3ct0r V3ct0r, pkodev, Administrator, this Accunt/ID or Name Character?

Share this post


Link to post
Share on other sites
20 часов назад, DnA сказал:

PlayerCanUseCmd = {} PlayerCanUseCmd["V3ct0r"] = 1 PlayerCanUseCmd["pkodev"] = 1 PlayerCanUseCmd["Administrator"] = 1 @V3ct0r V3ct0r, pkodev, Administrator, this Accunt/ID or Name Character?

V3ct0r, pkodev and Administrator are names of characters who can use GM commands.

 

@InuYasha, @GummyBear

 

This means that the condition "if (PlayerCanUseCmd[cha_name] ~= nil) then" does not work. Try replace it to "if (PlayerCanUseCmd[cha_name] ~= 1) then".

 

Also it is only example how you can implement protection in HandleChat() function


Share this post


Link to post
Share on other sites
On 19/07/2016 at 1:50 PM, V3ct0r said:

V3ct0r, pkodev and Administrator are names of characters who can use GM commands.

 

@InuYasha, @GummyBear

 

This means that the condition "if (PlayerCanUseCmd[cha_name] ~= nil) then" does not work. Try replace it to "if (PlayerCanUseCmd[cha_name] ~= 1) then".

 

Also it is only example how you can implement protection in HandleChat() function

Sorry to revive topic , but maybe you guys should try replacing 1 to "true"

Share this post


Link to post
Share on other sites
5 минут назад, Vasil сказал:

Sorry to revive topic , but maybe you guys should try replacing 1 to "true"

1 and 'true' are the same

  • Like 1

Share this post


Link to post
Share on other sites
On 23/10/2016 at 6:25 PM, V3ct0r said:

1 and 'true' are the same

Yes , i know. Here on my GameServer i guess, Sometimes if i put true it works. If 1 then it returns nil.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...