Graal Forums
Page 1 of 2 1 2
Show 40 post(s) from this thread on one page

Graal Forums (https://forums.graalonline.com/forums/index.php)
-   PlayerWorlds Main Forum (https://forums.graalonline.com/forums/forumdisplay.php?f=15)
-   -   Hacking Outbreak (https://forums.graalonline.com/forums/showthread.php?t=134266793)

Equinox 07-11-2012 08:14 PM
Hacking Outbreak
 
On a server I'm developing for there has been a recent hack outbreak in the last 2 days. Apparently hackers are "injecting" themselves with staff boots and other items. It's all client based so its impossible to deal with them besides a ban. The program they use is called "Graal Relay".

This is probably in the wrong place, forgive me.

ffcmike 07-11-2012 08:28 PM
A lot of the time this occurs (aka some newbie who doesn't know what they're doing), they are using the default command which is quite easy to detect, and can also be used to show you what weapons they are trying to inject, which can in turn be checked for by script (such as when the player.weapons array is altered) incase they or someone else has switched to a different command.

Starfire2001 07-11-2012 08:35 PM
Might be able to help you out here, send a you a forum pm.

Fatel 07-11-2012 09:29 PM
try this.
PHP Code:
//#CLIENTSIDE
function onPlayerChats() {
  if (player.chat == "/iw System_Staffboots") {
    serverwarp(servername);
  }


ffcmike 07-11-2012 09:39 PM
Quote:
Originally Posted by Fatel (Post 1699370)
try this.
PHP Code:
//#CLIENTSIDE
function onPlayerChats() {
  if (player.chat == "/iw System_Staffboots") {
    serverwarp(servername);
  }
The reason why myself or Starfire_2001 haven't been specific is that if potential culprits see it publicly they'll know to alter the command rather than keep using the default one.

Regardless this solution would only detect that specific weapon name which can also be avoided easily, it's better to check player.chat.starts("/iw") (and preferably within the ChatBar.onAction event).

It's also a good idea to trigger the name of what they're trying to inject to serverside and log it, any common occurrences (such as the one you mentioned, and actually got caught trying on Classic using a guest account) can then be checked for existing.

Fatel 07-11-2012 09:55 PM
i was about to edit my post to fix my error then just decided to let someone else do it

Fatel 07-14-2012 04:34 AM
PHP Code:
//#CLIENTSIDE
function onPlayerChats() {
  if(player.chat.starts("/iw")) {
    serverwarp(servername);
  }


Emera 07-14-2012 12:09 PM
I believe Nalin coded the relay system, and it was used so he could get onto an iPhone server via the PC client. It's also used so iPhone systems can get onto PC servers (like yours). You can get around it by detecting their OS and kicking them off.

ff7chocoboknight 07-17-2012 07:31 PM
No, the program was created as a debug tool. Someone passed it around as a hacking tool.

CrypticMyst 07-19-2012 01:09 PM
Quote:
Originally Posted by ff7chocoboknight (Post 1699665)
No, the program was created as a debug tool. Someone passed it around as a hacking tool.
This statement is true.

Pandar 07-19-2012 02:11 PM
Quote:
Originally Posted by Equinox (Post 1699364)
On a server I'm developing for there has been a recent hack outbreak in the last 2 days. Apparently hackers are "injecting" themselves with staff boots and other items. It's all client based so its impossible to deal with them besides a ban. The program they use is called "Graal Relay".

This is probably in the wrong place, forgive me.
You should really have a staff list somewhere on your server, whether it's in a Database NPC or whatever. That way you could have some easy preventive measures for any staff npcs. Just have your Boots run a check every time you turn them on, that refers to this staff list; if they're not on it, don't let it work, or even serverwarp their asses like the people above suggested.

Hezzy002 07-19-2012 02:33 PM
Quote:
Originally Posted by Pandar (Post 1699711)
You should really have a staff list somewhere on your server, whether it's in a Database NPC or whatever. That way you could have some easy preventive measures for any staff npcs. Just have your Boots run a check every time you turn them on, that refers to this staff list; if they're not on it, don't let it work, or even serverwarp their asses like the people above suggested.
That's not how it works. It injects clientside bytecode, doesn't add the NPCs on the server to them.

Pandar 07-19-2012 02:38 PM
Quote:
Originally Posted by Hezzy002 (Post 1699715)
That's not how it works. It injects clientside bytecode, doesn't add the NPCs on the server to them.
Ohh, I see.

Clever girl.

Hezzy002 07-19-2012 02:53 PM
Quote:
Originally Posted by Pandar (Post 1699717)
Ohh, I see.

Clever girl.
well the other way is impossible unless someone finds an exploit l0l

ff7chocoboknight 07-19-2012 08:15 PM
Nalin told Stefan how to block the Relay, but Stefan ignored him.


All times are GMT +2. The time now is 03:48 PM.
Page 1 of 2 1 2
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2025, vBulletin Solutions Inc.
Copyright (C) 1998-2019 Toonslab All Rights Reserved.