SA-MP Forums

Go Back   SA-MP Forums > SA-MP Server > Server Support

Reply
 
Thread Tools Display Modes
Old 18/07/2018, 08:43 AM   #1
iLearner
Gangsta
 
iLearner's Avatar
 
Join Date: Apr 2017
Posts: 629
Reputation: 134
Default NPC exploit.

Hello,

Recently server's been target of a few retards (the usual retards) that are somehow using a NPC exploit to connect to the server as NPCs, as my server is based on NPCs (zombies) that means the player won't get damaged nor can be banned, but I tried every solution via the script (even with pawn.raknet) but somehow they can still connect and do whatever they want.

The only valid solution I could find was setting maxnpc limit to the number of zombies (NPCs) I use, means no more NPCs will be allowed, but I need another solution as I've got several events in my server that require NPCs to connect and disconnect during the event.

How can someone even do that?

Code:
[14:44:38] [connection] incoming connection: 176.231.72.244:64068 id: 15[14:44:38] 
[npc:join] Darren_Blacks has joined the server (15:176.231.7$)
connection] incoming connection: 176.231.72.244:50726 id: 19
[08:04:00] [npc:join] Darren_Blacks has joined the server (19:176.231.7$[08:04:30]
Note the IP as well, in connection message its kind of altered?
iLearner is offline   Reply With Quote
Old 18/07/2018, 08:52 AM   #2
NaS
High-roller
 
NaS's Avatar
 
Join Date: Mar 2008
Posts: 1,586
Reputation: 482
Default Re: NPC exploit.

Kick/ban any NPC that is not connecting from 127.0.0.1 or 255.255.255.255 (*****), if the IP returned by GetPlayerIp doesn't help, *****_IsValid should work perfectly fine as the NPCs that connect from this exploit won't be *****s.

If neither of this helps choose cryptic names for your NPCs and instantly block any packets from NPCs that connect with any other name and ban the IP. Basically a whitelist by name with names that are impossible to guess. But that shouldn't even be neccessary.

Also the maxnpc value can be changed during runtime, so you could adjust it as needed (as a workaround).
NaS is offline   Reply With Quote
Old 18/07/2018, 09:00 AM   #3
iLearner
Gangsta
 
iLearner's Avatar
 
Join Date: Apr 2017
Posts: 629
Reputation: 134
Default Re: NPC exploit.

Quote:
Originally Posted by NaS View Post
Kick/ban any NPC that is not connecting from 127.0.0.1 or 255.255.255.255 (*****), if the IP returned by GetPlayerIp doesn't help, *****_IsValid should work perfectly fine as the NPCs that connect from this exploit won't be *****s.

If neither of this helps choose cryptic names for your NPCs and instantly block any packets from NPCs that connect with any other name and ban the IP. Basically a whitelist by name with names that are impossible to guess. But that shouldn't even be neccessary.

Also the maxnpc value can be changed during runtime, so you could adjust it as needed.
I already tried methods above except *****_IsValid, I'll try to use that.
About changing maxnpc on runtime, do you mean by using the plugin by kurta? It crashes my server after a few hours somehow...
iLearner is offline   Reply With Quote
Old 18/07/2018, 09:04 AM   #4
NaS
High-roller
 
NaS's Avatar
 
Join Date: Mar 2008
Posts: 1,586
Reputation: 482
Default Re: NPC exploit.

Quote:
Originally Posted by iLearner View Post
I already tried methods above except *****_IsValid, I'll try to use that.
About changing maxnpc on runtime, do you mean by using the plugin by kurta? It crashes my server after a few hours somehow...
No, just use SendRconCommand. The server var is not read-only so you can change it any time.

Code:
SendRconCommand("maxnpc 500");
Also, what does GetPlayerIp return? The IP from the logs or 127.0.0.1/255.255.255.255?
NaS is offline   Reply With Quote
Old 18/07/2018, 10:15 AM   #5
dugi
Beta Tester
 
Join Date: Jun 2007
Location: Poland
Posts: 4,883
Reputation: 808
Default Re: NPC exploit.

Nothing new, the solution for it is in the gl_npcs filterscript from 2010:

Code:
//-------------------------------------------------
// IMPORTANT: This restricts NPCs connecting from
// an IP address outside this server. If you need
// to connect NPCs externally you will need to modify
// the code in this callback.

public OnPlayerConnect(playerid)
{
	if(IsPlayerNPC(playerid)) {
	    new ip_addr_npc[64+1];
	    new ip_addr_server[64+1];
	    GetServerVarAsString("bind",ip_addr_server,64);
	    GetPlayerIp(playerid,ip_addr_npc,64);
	    
		if(!strlen(ip_addr_server)) {
		    ip_addr_server = "127.0.0.1";
		}
		
		if(strcmp(ip_addr_npc,ip_addr_server,true) != 0) {
		    // this bot is remote connecting
		    printf("NPC: Got a remote NPC connecting from %s and I'm kicking it.",ip_addr_npc);
		    Kick(playerid);
		    return 0;
		}
        printf("NPC: Connection from %s is allowed.",ip_addr_npc);
	}
	
	return 1;
}
dugi is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
New exploit? No not again please! Pravin Server Support 15 19/12/2014 12:37 PM
New Exploit 0.3z..(HELP) SPA Scripting Help 2 04/09/2014 07:59 PM
Another exploit niCe Server Support 0 30/07/2014 06:38 AM
New Exploit? DJ_Shocker Server Support 26 11/04/2014 09:43 PM


All times are GMT. The time now is 02:45 PM.


Powered by vBulletin® Version 3.8.6
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.