Hacking Outbreak
 

On a server I'm developing for there has been a recent hack outbreak in the last 2 days. Apparently hackers are "injecting" themselves with staff boots and other items. It's all client based so its impossible to deal with them besides a ban. The program they use is called "Graal Relay".

This is probably in the wrong place, forgive me.

A lot of the time this occurs (aka some newbie who doesn't know what they're doing), they are using the default command which is quite easy to detect, and can also be used to show you what weapons they are trying to inject, which can in turn be checked for by script (such as when the player.weapons array is altered) incase they or someone else has switched to a different command.

Might be able to help you out here, send a you a forum pm.

try this.

The reason why myself or Starfire_2001 haven't been specific is that if potential culprits see it publicly they'll know to alter the command rather than keep using the default one.

Regardless this solution would only detect that specific weapon name which can also be avoided easily, it's better to check player.chat.starts("/iw") (and preferably within the ChatBar.onAction event).

It's also a good idea to trigger the name of what they're trying to inject to serverside and log it, any common occurrences (such as the one you mentioned, and actually got caught trying on Classic using a guest account) can then be checked for existing.

i was about to edit my post to fix my error then just decided to let someone else do it

I believe Nalin coded the relay system, and it was used so he could get onto an iPhone server via the PC client. It's also used so iPhone systems can get onto PC servers (like yours). You can get around it by detecting their OS and kicking them off.

No, the program was created as a debug tool. Someone passed it around as a hacking tool.

This statement is true.

You should really have a staff list somewhere on your server, whether it's in a Database NPC or whatever. That way you could have some easy preventive measures for any staff npcs. Just have your Boots run a check every time you turn them on, that refers to this staff list; if they're not on it, don't let it work, or even serverwarp their asses like the people above suggested.

That's not how it works. It injects clientside bytecode, doesn't add the NPCs on the server to them.

Ohh, I see.

Clever girl.

well the other way is impossible unless someone finds an exploit l0l

Nalin told Stefan how to block the Relay, but Stefan ignored him.

Create a speed check for the server. When players are going faster then the stated speed kick them to the login server. Add an ignore for the staff members. Just a thought... not sure if you can do that.

That is but a bandaid fix to a much large problem.

This is true but... until Stefan does something to fix the issue you might as well use the bandaid.

This problem has been here for a long time. I remember scripting a little notifier for Streety when he was still managing UN.

Also speed checks are in use on many servers, but it can be somewhat unreliable at times, and downright useless if you have absolutely any method of traveling faster(like a car or horse).

Valid point... regardless there should be some type of security feature added to the servers/clients what ever needs to be done. I see multiple bans daily simply due to these people using these third party programs. It gets a bit tedious after so long.

Wow. Yeah I would server warp them or like we did back in the days on N-Pulse there was a level we would warp them to filled with a bunch of bad scripts that crashed them.