Es gibt ein Rcon-Bruteforce Tool welches von außen versucht sich als Admin anzumelden.
Dagegen machen kannst du, außer die IP zu sperren, leider garnichts
Was bedeutet das in den Logs?
- ProfiGamer
- Geschlossen
- Erledigt
Wichtiger Hinweis: Bitte ändert nicht manuell die Schriftfarbe auf schwarz sondern belasst es bei der Standardeinstellung. Somit tragt ihr dazu bei dass euer Text auch bei Verwendung unseren dunklen Forenstils noch lesbar ist!
Tipp: Ihr wollt längere Codeausschnitte oder Logfiles bereitstellen? Benutzt unseren eigenen PasteBin-Dienst Link
-
-
Ich habe meinen Server bei Samp4you und benutze ein editiertes Sun of Life Script von Ronny.
-
Es gibt ein Rcon-Bruteforce Tool welches von außen versucht sich als Admin anzumelden.
Dagegen machen kannst du, außer die IP zu sperren, leider garnichtsRichtig nichts möglich außer einer ban regel.Frag mal beim Support von Samp4you nach ob sie dir eine neue Ip zuweisen können.
-
Habe schon mal ein Ticket geschrieben. Ich werde es so machen,dass ich den Server einfach ablaufen lasse und einen neuen kaufe
Muss eh paar Änderungen vornehmen.
Danke für eure Hilfe -
-
pawn Code:
public OnRconLoginAttempt( ip[], password[], success )
{
#define R_IP_HASH 0
#define R_FAILED_ATTEMPT 1
#define R_PLAYER_ID 2
static iptables[128][3], ip_index;
new current_ip, playerid = INVALID_PLAYER_ID, str[128];
current_ip = bernstein (ip);//search stored IP table
for( new i = 0; i < ip_index && i < sizeof(iptables) ; i++ )
{
//IP exists in the table
if( iptables[i][R_IP_HASH] == current_ip )
{
//if a player succeeded then just reset the attempt.
if( success )
{
iptables[i][R_FAILED_ATTEMPT] = 0;
return 1;
}
//Player failed to login. keep accumulating the number of failed attempt
iptables[i][R_FAILED_ATTEMPT]++;
playerid = iptables[i][R_PLAYER_ID];
//if a false attempt exceeded the server tolerance
if( iptables[i][R_FAILED_ATTEMPT] >= MAX_RCONLOGIN_ATTEMPT )
{
//follow the settings file configuration policy
switch( POLICY_RCON_LOGINFAIL_INTERNAL )
{
case 1://Kick
{
format( str, sizeof(str), "* %s(%d) is kicked due to excessive rcon login attempt.", GetPlayerNameEx(playerid), playerid );
SendAdminMessageAuth(AUTH_NOTICES,COLOR_RED,str);
printf("[rcon] %s(%d) is kicked due to excessive rcon login attempt.", GetPlayerNameEx(playerid), playerid );
Kick(playerid);
return 1;
}
case 2://Ban
{
format( str, sizeof(str), "* %s(%d) is Kick Banned due to excessive rcon login attempt.", GetPlayerNameEx(playerid), playerid );
SendAdminMessageAuth(AUTH_NOTICES,COLOR_RED,str);
printf("[rcon] %s(%d) is Kick Banned due to excessive rcon login attempt.", GetPlayerNameEx(playerid), playerid );
Ban(playerid);
return 1;
}
}
}
//attempt didn't exceeded. notify it to administartors
format( str, sizeof(str), "* %s(%d) failed to login to an administrator (%d times)", GetPlayerNameEx(playerid), playerid, iptables[i][R_FAILED_ATTEMPT] );
SendAdminMessageAuth(AUTH_NOTICES,COLOR_RED,str);
printf("[rcon] %s(%d) failed to login to an administrator (%d times)", GetPlayerNameEx(playerid), playerid, iptables[i][R_FAILED_ATTEMPT] );
return 1;
}
}
//he/she's not on the list. and he/she succeeded to login. just passing.
if( success ) return 1;
//this is the first time to fail login.
for( new i = 0; i < NUM_PLAYERS ; i++ ) // using foreach-relavent iteration, find a playerid with an IP.
{
if( !strcmp(GetPlayerIpEx(pITT[i]), ip, false) ) // precached GetPlayerIp() alternatives
{
playerid = pITT[i]; //get the playerid
break;
}
}
//store it in the blacklist
iptables[ip_index][R_IP_HASH] = current_ip;
iptables[ip_index][R_PLAYER_ID] = playerid;
iptables[ip_index][R_FAILED_ATTEMPT]++;
ip_index++;
//send a administrative mesessage
format( str, sizeof(str), "* %s(%d) failed to login to an administrator (first time)", GetPlayerNameEx(playerid), playerid );
//a small function, that only send a message to admins that have 'AUTH_NOTICES' privilege
SendAdminMessageAuth(AUTH_NOTICES,COLOR_RED,str);
printf("[rcon] player %s(%d) failed to login to an administrator (first time)", GetPlayerNameEx(playerid), playerid );
#undef R_IP_HASH
#undef R_FAILED_ATTEMPT
#undef R_PLAYER_IDSchau mal
-
pawn Code:
public OnRconLoginAttempt( ip[], password[], success )
{
#define R_IP_HASH 0
#define R_FAILED_ATTEMPT 1
#define R_PLAYER_ID 2
static iptables[128][3], ip_index;
new current_ip, playerid = INVALID_PLAYER_ID, str[128];
current_ip = bernstein (ip);//search stored IP table
for( new i = 0; i < ip_index && i < sizeof(iptables) ; i++ )
{
//IP exists in the table
if( iptables[i][R_IP_HASH] == current_ip )
{
//if a player succeeded then just reset the attempt.
if( success )
{
iptables[i][R_FAILED_ATTEMPT] = 0;
return 1;
}
//Player failed to login. keep accumulating the number of failed attempt
iptables[i][R_FAILED_ATTEMPT]++;
playerid = iptables[i][R_PLAYER_ID];
//if a false attempt exceeded the server tolerance
if( iptables[i][R_FAILED_ATTEMPT] >= MAX_RCONLOGIN_ATTEMPT )
{
//follow the settings file configuration policy
switch( POLICY_RCON_LOGINFAIL_INTERNAL )
{
case 1://Kick
{
format( str, sizeof(str), "* %s(%d) is kicked due to excessive rcon login attempt.", GetPlayerNameEx(playerid), playerid );
SendAdminMessageAuth(AUTH_NOTICES,COLOR_RED,str);
printf("[rcon] %s(%d) is kicked due to excessive rcon login attempt.", GetPlayerNameEx(playerid), playerid );
Kick(playerid);
return 1;
}
case 2://Ban
{
format( str, sizeof(str), "* %s(%d) is Kick Banned due to excessive rcon login attempt.", GetPlayerNameEx(playerid), playerid );
SendAdminMessageAuth(AUTH_NOTICES,COLOR_RED,str);
printf("[rcon] %s(%d) is Kick Banned due to excessive rcon login attempt.", GetPlayerNameEx(playerid), playerid );
Ban(playerid);
return 1;
}
}
}
//attempt didn't exceeded. notify it to administartors
format( str, sizeof(str), "* %s(%d) failed to login to an administrator (%d times)", GetPlayerNameEx(playerid), playerid, iptables[i][R_FAILED_ATTEMPT] );
SendAdminMessageAuth(AUTH_NOTICES,COLOR_RED,str);
printf("[rcon] %s(%d) failed to login to an administrator (%d times)", GetPlayerNameEx(playerid), playerid, iptables[i][R_FAILED_ATTEMPT] );
return 1;
}
}
//he/she's not on the list. and he/she succeeded to login. just passing.
if( success ) return 1;
//this is the first time to fail login.
for( new i = 0; i < NUM_PLAYERS ; i++ ) // using foreach-relavent iteration, find a playerid with an IP.
{
if( !strcmp(GetPlayerIpEx(pITT[i]), ip, false) ) // precached GetPlayerIp() alternatives
{
playerid = pITT[i]; //get the playerid
break;
}
}
//store it in the blacklist
iptables[ip_index][R_IP_HASH] = current_ip;
iptables[ip_index][R_PLAYER_ID] = playerid;
iptables[ip_index][R_FAILED_ATTEMPT]++;
ip_index++;
//send a administrative mesessage
format( str, sizeof(str), "* %s(%d) failed to login to an administrator (first time)", GetPlayerNameEx(playerid), playerid );
//a small function, that only send a message to admins that have 'AUTH_NOTICES' privilege
SendAdminMessageAuth(AUTH_NOTICES,COLOR_RED,str);
printf("[rcon] player %s(%d) failed to login to an administrator (first time)", GetPlayerNameEx(playerid), playerid );
#undef R_IP_HASH
#undef R_FAILED_ATTEMPT
#undef R_PLAYER_IDSchau mal
Ich denke das dieser Code nur für Ingame Loginversuche funktioniert...
-
Das denke ich auch. Weil die Versuche kommen ja net von InGame.
-
Dieser code sollte eigentlich für jegliche äußeren zugriffe funktionieren bau in mal ein und guck ob du noch was bekommst.
Ps: Dieser befehl ist für Bruteforce ausgelegt.
-
Dieser code sollte eigentlich für jegliche äußeren zugriffe funktionieren bau in mal ein und guck ob du noch was bekommst.
Warum so umständlich?
Einfach
rcon 0
Und die Sache ist gegessen. -
-
Danke! Hat geklappt!
Er hat es mir gerade geschrieben. -
Passwort bootforce
-
breadfish.de
Hat das Thema geschlossen.