[IMPORTANT] Preliminary Atm-Anti hack

Hello, there is a very popular addon for darkrp servers. The addon is an atm, due to its high popularity, people have made scripts to bypass the low security code. The scrips are known mostly here:http://steamcommunity.com/sharedfiles/filedetails/?id=186936307&searchtext=atm+hack I do not know why this addon is still on the workshop, but in the description it shows that the scripts can hack the very popular atm. Now on to the fun stuff. How can i prevent this from happening to me? Well knowing that the atm is used via console commands like: rp_atm_withdraw, you can assume the script has these commands set into it. I’m not sure if anyone else has methods of anti hacking, but all i had to do is add a few letters to every console command in the addon(which didn’t take long) and have checks so that if anyone used old console commands, the console would be able to SBan them. The only problem is due to the method of the hack, it spams the command and the code takes every entry and bans the person over and over again. Keep in mind that these are only some of the commands in the atm, and any others can be added. IT has worked on people that i had never expected to hack, so here it is:



local targetply
local command
local reason
local function BanMe(targetply, command)
	reason = "[AutoBan] Attempt to brute-force the ATM using the command "..command
	ulx.sban( Entity(0), targetply, 0, reason )
end
	

concommand.Add( "rp_atm_pincodes_send", function( ply, cmd, args )
	BanMe(ply, "rp_atm_pincodes_send")
end )
concommand.Add( "rp_atm_setpin", function( ply, cmd, args )
	BanMe(ply, "rp_atm_setpin")
end )
concommand.Add( "rp_atm_money_send", function( ply, cmd, args )
	BanMe(ply, "rp_atm_money_send")
end )
concommand.Add( "rp_atm_admin_setpin", function( ply, cmd, args )
	BanMe(ply, "rp_atm_admin_setpin")
end )
concommand.Add( "rp_atm_withdraw", function( ply, cmd, args )
	BanMe(ply, "rp_atm_withdraw")
end )


MY request from anyone in facepunch is to help me out in making it so that the console only bans them once instead of spamming the bans. Im not sure how to do this but I’m sure we can create a workshop addon together for anti hacking of the Atm addon :slight_smile: Thanks to anyone that wants to help

Give them only 3 tries to enter the PIN, if they fail, block the acc for 1 hour.

Well i mean this is only for the commands that are old. So if they use an old command that doesnt exist anymore then they get banned, but it spams the bans

That’s not a proper way to fix the problem. The proper way would be to detect brute force, automated or not, and block the player from accessing ATM or block the acc.

Im not sure on how to do that :frowning:

Hey, I made the bruteforcer.
By using the code you supplied at the top anyone using the atm would get banned, even if they just opened it for the first time and set their pin.

Add the three try check as Robotboy suggested, just do that by editing the functions the concommands call (you need to edit the actual addon for this) and making a variable that compares the last use against CurTime().

If you want people to not use my bruteforcer just put this in a clientside file:



if Lenny then
LocalPlayer():ConCommand("disconnect")
end


Wow. I wasnt expecting this. Thanks so much. Ill be testing this out, but i will probably end up wanting to ban them, i really don’t like people that hack in Gmod, but thanks. And btw i did change all of the commands, i made it so that if the old ones were being used then it would ban them

Make sv_allowcslua 0 then, that will stop 95% of users of any “hack”. If sv_allowcslua is 1 loading scripts isn’t cheating, nor is it hacking, so don’t ban people for doing it.

In darkRP this setting will do the trick:

Ummm, loading scripts to hack on a server even when sv_allowcslua is set to 1 is considered cheating…

An example would be using Cheat Engine’s speed modifier on a server. Just because you can do it, doesn’t mean it’s not cheating.

Is GM.Config.disallowClientsideScripts = false part of Darkrp2.5? cause im too lazy to upgrade

No, that would be considered hacking because you bypass a security restriction (i.e. host_timescale being a server variables that is only meant to be changed via the server console/rcon).
sv_ALLOWcslua explicitly allows you to load your scripts (that’s why it’s not cheating, you aren’t breaking a rule to gain an advantage), nor is it hacking since you bypass no security system to do so.
You could argue that bruteforcing the atm is bypassing a security restriction, but you do that IC.

If security is important for you in any way you should always update as fast as possible. An exploit with which you could spawn explosive props was fixed in 2.5 recently.

Ah yes but an anti prop minge addon restricts them from exploding

Lenny you’re dumb for even allow such a thing to be done.

Block 95% of users which your not one of.

http://puu.sh/5Grge.png

I wouldn’t be surprised if he steals clientside scripts from servers either, due to the fact that he has a decoder and has shown his folder for it.

Garry should just do a ban-wave on everybody subscribed to LennyScripts. Anybody who says hacking has receded hasn’t been playing Garry’s Mod lately, I’ve run into far too many people hacking openly.