ATM Banker - Garry's Mod - Facepunch Forum

You realise you can [I]withdraw[/I] negative amounts, thus [B]giving [/B]you money?

Damn, I was just about to say that..... But it's fun because Server Owners 9/10 times don't know... So :)

[QUOTE=101kl;34602687]You realise you can [I]withdraw[/I] negative amounts, thus [B]giving [/B]you money?[/QUOTE] You [B]can't[/B] withdraw negative money in v2. It was fixed.

You can brute force this too easy :S

[QUOTE=Ruzza;34844976]You can brute force this too easy :S[/QUOTE] Needs a 3 second cooldown, otherwise you can just utilise lua to run through possible combinations lol.

I have this up and running on my server but it's non responsive to deposit or withdraws. any ideas?

[img]http://cloud.steampowered.com/ugc/578954588128404367/641EEC853110677C14A22131194B9EE1AA0242BE/[/img] LOVING YOUR ADDON!

[QUOTE=ash47;35755188][img]http://cloud.steampowered.com/ugc/578954588128404367/641EEC853110677C14A22131194B9EE1AA0242BE/[/img] LOVING YOUR ADDON![/QUOTE] Get off my server! As shown it isn't very practical and can be exploited easy (as I found out).

[QUOTE=ItsThatMatt;35755663]Get off my server! As shown it isn't very practical and can be exploited easy (as I found out).[/QUOTE] I can fix it for you, $20 :)

[QUOTE=ItsThatMatt;35755663]Get off my server! As shown it isn't very practical and can be exploited easy (as I found out).[/QUOTE] [QUOTE=Ruzza;35755673]I can fix it for you, $20 :)[/QUOTE] I'll do it for $19.99!

[QUOTE=ItsThatMatt;35755663]Get off my server! As shown it isn't very practical and can be exploited easy (as I found out).[/QUOTE]That's your server? I didn't mean to do any damage and I did inform an admin, and it took me less than 5 minutes to find an exploit lol

[QUOTE=ash47;35767170]That's your server? I didn't mean to do any damage and I did inform an admin, and it took me less than 5 minutes to find an exploit lol[/QUOTE] Sure is man. I didn't mind - but thanks for raising awareness man!

[QUOTE=ash47;35767170]That's your server? I didn't mean to do any damage and I did inform an admin, and it took me less than 5 minutes to find an exploit lol[/QUOTE] "find an exploit lol" bitch pls you either made a 5minute edit to the script to bruteforce or more likely downloaded the one I posted

You don't need an exploit for the ATM the interest makes everyone rich in an hour or so anyway. I have an atm on my darkrp test server for singleplayer. I literally only go on there for a few minutes at a time to test new entities and scripts. I put in 1k and now its at 38000+. We put it on our server and now everyone's got more money than they know what to do with.

[QUOTE=AngryChairR;35823918]"find an exploit lol" bitch pls you either made a 5minute edit to the script to bruteforce or more likely downloaded the one I posted[/QUOTE]No need to bruteforce when there is a function I can call that withdraws money, and I didn't know you made an exploit? [quote]You don't need an exploit for the ATM the interest makes everyone rich in an hour or so anyway. I have an atm on my darkrp test server for singleplayer. I literally only go on there for a few minutes at a time to test new entities and scripts. I put in 1k and now its at 38000+. We put it on our server and now everyone's got more money than they know what to do with. [/quote]True, I noticed that too :P edit: If you're talking about the code found here: [url]http://pastebin.com/raw.php?i=r80J7Vid[/url] Here's the way I did it: [code]for k,v in pairs(player.GetAll())do // This line here withdraws $100 from everyone who has atleast $100 in their account: datastream.StreamToServer( "Withdraw", { tonumber( 100 ), tostring(v) } ) // Put $10 into everyones accounts: datastream.StreamToServer( "DepositMoney1", { tonumber( 10 ), tostring(v) } ) // This sets everyone's pins to 1111 datastream.StreamToServer( "SetPINOf", { tonumber( 1111 ), tostring(v) } ) end [/code]

[QUOTE=ash47;35834032]No need to bruteforce when there is a function I can call that withdraws money, and I didn't know you made an exploit? True, I noticed that too :P edit: If you're talking about the code found here: [url]http://pastebin.com/raw.php?i=r80J7Vid[/url] Here's the way I did it: [code]for k,v in pairs(player.GetAll())do // This line here withdraws $100 from everyone who has atleast $100 in their account: datastream.StreamToServer( "Withdraw", { tonumber( 100 ), tostring(v) } ) // Put $10 into everyones accounts: datastream.StreamToServer( "DepositMoney1", { tonumber( 10 ), tostring(v) } ) // This sets everyone's pins to 1111 datastream.StreamToServer( "SetPINOf", { tonumber( 1111 ), tostring(v) } ) end [/code][/QUOTE] You still need the players pin to withdraw..

[QUOTE=AngryChairR;35834953]You still need the players pin to withdraw..[/QUOTE]No you don't, all you need to do is send the Withdraw command, and the player's entity object as a string and it lets you withdraw :P And even if I did need their PIN, there is a function that sets it :P

[QUOTE=ash47;35834032]No need to bruteforce when there is a function I can call that withdraws money, and I didn't know you made an exploit? True, I noticed that too :P edit: If you're talking about the code found here: [url]http://pastebin.com/raw.php?i=r80J7Vid[/url] Here's the way I did it: [code]for k,v in pairs(player.GetAll())do // This line here withdraws $100 from everyone who has atleast $100 in their account: datastream.StreamToServer( "Withdraw", { tonumber( 100 ), tostring(v) } ) // Put $10 into everyones accounts: datastream.StreamToServer( "DepositMoney1", { tonumber( 10 ), tostring(v) } ) // This sets everyone's pins to 1111 datastream.StreamToServer( "SetPINOf", { tonumber( 1111 ), tostring(v) } ) end [/code][/QUOTE] Why are you tonumbering a number? Lol?

This is easy to hack.

[QUOTE=Ruzza;35926189]Why are you tonumbering a number? Lol?[/QUOTE] Oh, lol, was a quick copy and paste, I had variables there in my local copy, didn't bother removing it I guess :P [quote]Easy. [/quote] Would be better if you did something like STEAMID, since it can be hard to get their nick, I've found when I copy and paste names, often I get extra spaces, or miss some spaces. Do any servers actually run this mod anymore? We could quite easily fix this mod, add some extra security, make it so you have to send the pin to withdraw money or change the pin of someone, and add bruteforce protection, it's really not hard to do...

[QUOTE=cis.joshb;35971462][lua] local target = NULL for k, v in pairs(player.GetAll()) do if v:Nick() == "Person's nickname here" then target = v print("got him") end end datastream.StreamToServer( "SetPINOf", { 1234, target } ) [/lua] Easy.[/QUOTE] datastream was removed in gmod 13, no sense using it in new code.

[QUOTE=G4MB!T;35990006]datastream was removed in gmod 13, no sense using it in new code.[/QUOTE] This is a script which sets pins for this addon, and the datastream is something that was already coded into this addon, and is a horrible way of doing it (at least with no checks). Also please snip my lua, I don't want to be a douche.

[QUOTE=cis.joshb;35991337]This is a script which sets pins for this addon, and the datastream is something that was already coded into this addon, and is a horrible way of doing it (at least with no checks). Also please snip my lua, I don't want to be a douche.[/QUOTE] DataStreamServer: Unhandled stream "SetPINOf"! Excuse me. But no. MY server does not use this addon, so don't even try boy. [img]https://purifiedrp.com/snaps/i/steve-y8EAiPFa.png[/img] Did... I scare him into leaving?

make sure there is a datastream receive hook on the server. id strongly advise grabbing a gmod beta key and removing datastream (like i said above, its being phased out in gm13)

[QUOTE=Phoenixf129;36038627]DataStreamServer: Unhandled stream "SetPINOf"! Excuse me. But no. MY server does not use this addon, so don't even try boy. [img]https://purifiedrp.com/snaps/i/steve-y8EAiPFa.png[/img] Did... I scare him into leaving?[/QUOTE] That's not me. . .

[QUOTE=cis.joshb;36049768]That's not me. . .[/QUOTE] Meant to say boys. I meant in general :v: Was kinda drunk when I posted that, so i'm rather pleased PART of the meaning got across, let alone.

[QUOTE=Phoenixf129;36051272]Meant to say boys. I meant in general :v: Was kinda drunk when I posted that, so i'm rather pleased PART of the meaning got across, let alone.[/QUOTE] What's your server?

[QUOTE=ash47;36062108]What's your server?[/QUOTE] Ash47, if you want to fix it and re-upload the patched version, you can. I would fix it, but Garry's 13 is most likely going to come out soon, which would be pointless. Besides, datastream is removed in 13.

I made an ATM, I'm gonna release it some time.

[QUOTE=cis.joshb;36062509]I made an ATM, I'm gonna release it some time.[/QUOTE] Awesome, hope it's more successful than mine. Make sure you double check that you didn't do any security faults like I failed to do in mine.