SA-MP Forums

SA-MP Forums (https://forum.sa-mp.com/index.php)
-   Includes (https://forum.sa-mp.com/forumdisplay.php?f=83)
-   -   [Include] Script Secure ADM (https://forum.sa-mp.com/showthread.php?t=600408)

AbyssMorgan 07/02/2016 06:01 PM

Script Secure ADM
 
Hello, I would like to present include allowing us to introduce additional security for our file AMX.

Security Functions:
a) AntiDeAMX
b) ScriptSecureADM
- IP and PORT checker
- Expiration date script
- Control slots server
- Check rcon password
- Check server language
- Web ACK System

How to use UltimateScriptSecure.inc
PHP Code:

//Install
//1. Open UltimateScriptSecure and find "User Configuration"
//2. Edit you server information.

public OnGameModeInit(){ //OR OnFilterScriptInit
    
if(!USS_Init()) return 0;
    return 
1;


Web ACK System:
PHP File for UltimateScriptSecure.inc

If you want to use the authorization by the website follow the steps:
1. Edit /secure_adm/index.php
PHP Code:

$ANTI_FLOOD '123'//the same as SCRIPT_ANTI_FLOOD
$ACK_TRUE =   '{BOBO_HAHA,ACCESSCONTROL,TRUE}'//the same as SCRIPT_ACK_KEY
$ACK_FALSE =  'Fuck you thief :P'//anything 

2. Edit /secure_adm/Server.txt
PHP Code:

//add IP:PORT your server, example:
127.0.0.1:7777
127.0.0.1
:7778 

Error List:
PHP Code:

[ADMInfoLocal server detect.
[
ADMErrorThis script is stolen.
[
ADMErrorScript license has expired.
[
ADMErrorInvalid server configcheck your max players.
[
ADMErrorInvalid server configcheck your rcon password.
[
ADMErrorInvalid server configcheck your language.
[
ADMErrorThe script did not get permission to activation

Download:
UltimateScriptSecure.inc
Web ACK System

Non-Registered Users:
Bug Report

Gammix 07/02/2016 06:14 PM

Re: Script Secure ADM
 
pawn Code:
#if !defined isnull
    #define isnull(%1) ((!(%1[0])) || (((%1[0]) == '\1') && (!(%1[1]))))
#endif

Do the same for these:
pawn Code:
#define FILE_SERVERIP           "127.0.0.1"
#define FILE_SERVERPORT         (7777)         
#define FILE_LICENSEID          (20160201)      //<--- YYYYMMDD 01.02.2016 (DD.MM.YYYY)
#define FILE_MAX_PLAYERS        (500)           //max players in server.cfg
#define FILE_RCONPASS           "123"           //rcon password
#define FILE_LANGUAGE           "Polish"        //server language

So the user won't need to edit the include but do something like this:
pawn Code:
#define FILE_SERVERIP "127.0.0.1"
#include <ScriptSecure>

And i think the only thing enough for security is the IP and PORT.

AbyssMorgan 07/02/2016 06:37 PM

Re: Script Secure ADM
 
Quote:

Originally Posted by Gammix (Post 3654040)
pawn Code:
#if !defined isnull
    #define isnull(%1) ((!(%1[0])) || (((%1[0]) == '\1') && (!(%1[1]))))
#endif

Do the same for these:
pawn Code:
#define FILE_SERVERIP           "127.0.0.1"
#define FILE_SERVERPORT         (7777)         
#define FILE_LICENSEID          (20160201)      //<--- YYYYMMDD 01.02.2016 (DD.MM.YYYY)
#define FILE_MAX_PLAYERS        (500)           //max players in server.cfg
#define FILE_RCONPASS           "123"           //rcon password
#define FILE_LANGUAGE           "Polish"        //server language

So the user won't need to edit the include but do something like this:
pawn Code:
#define FILE_SERVERIP "127.0.0.1"
#include <ScriptSecure>

And i think the only thing enough for security is the IP and PORT.

okay I might add, I personally love the protection time, useful when we are co-owner of the server

Gammix 07/02/2016 07:52 PM

Re: Script Secure ADM
 
Actually you got it wrong:
pawn Code:
#if !defined FILE_SERVERIP
    #error Please #define FILE_SERVERIP "127.0.0.1"
#endif

Should/Recommended to be like this:
pawn Code:
#if !defined FILE_SERVERIP
    #define FILE_SERVERIP "127.0.0.1"
#endif

So if user haven't defined, the include will run on its default value.

Spmn 07/02/2016 08:24 PM

Re: Script Secure ADM
 
1. Your protection will fail if "bind" is unset since comparing a null string to a non-null string will return 0 (strings are the same)

2. There is no point in checking if rcon_password is unset because it can't be.

3. I don't get why you stop server if Language or RCON Password is set to any other value than what it is defined in script. Why don't you just change them to the value that should be and eventually print a warning message.

4. Instead of throwing the same error in case of misconfiguration (Invalid Server Config) it should print different messages for every case. It can be quite hard for a newbie to find out what is misconfigured.

AbyssMorgan 08/02/2016 01:37 PM

Re: Script Secure ADM
 
1. corrected
2. corrected
3. added switches
PHP Code:

#define DONT_ALLOW_LOCALHOST    //additional option
#define CHECK_MAX_PLAYERS        //additional option
#define CHECK_RCON_PASSWORD        //additional option
#define CHECK_SERVER_LANGUAGE    //additional option 

4. corrected

JustMe.77 08/02/2016 03:22 PM

Re: Script Secure ADM
 
Could you add multiple IP's Port and stuff? I'd need it for example with my HomeServer IP, Main Server IP and TestServer IP.

Anyways, nice Include.

AbyssMorgan 08/02/2016 03:26 PM

Re: Script Secure ADM
 
I can do it :D

AbyssMorgan 08/02/2016 03:53 PM

Re: Script Secure ADM
 
Quote:

Originally Posted by JustMe.77 (Post 3654388)
Could you add multiple IP's Port and stuff? I'd need it for example with my HomeServer IP, Main Server IP and TestServer IP.

Anyways, nice Include.

I created a second version which allows you to specify multiple servers.
Read the instruction inside file.
https://github.com/AbyssMorgan/SA-MP...riptSecure.inc

AbyssMorgan 25/06/2016 05:48 AM

Re: Script Secure ADM
 
Update v4.0 for ScriptSecure.inc and MultiScriptSecure.inc:
- Added Web ACK System (confirmation by the web server)
- Fixed minor bugs in the code


All times are GMT. The time now is 05:41 AM.

Powered by vBulletin® Version 3.8.6
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.